Legal

Privacy Policy.

Last updated: May 13, 2026

1. Introduction

Billet Systems LLC ("Billet," "we," "our," or "us"), a Texas limited liability company, operates the Billet mobile application and web dashboard (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service, and the choices you have regarding your information.

By using the Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the Service.

2. Information We Collect

We collect the following categories of information:

  • Account Information: Name, username, email address, phone number, and password (stored as a bcrypt hash) when you create an account.
  • Delivery Data: Delivery ticket details, order numbers, customer information, item descriptions, invoice amounts, and custom fields entered into or imported into the Service.
  • Signatures: Electronic signatures captured during the delivery process from drivers and customers.
  • Location Data: GPS coordinates collected during active deliveries and at the time of signature capture. With your permission, background location data may be collected while the Service is running to enable offline sync and fleet tracking.
  • Photos: Images captured by drivers during the delivery process, or uploaded from the device's photo library, as proof of delivery.
  • Payment Information: When processing payments via our "Pay Now" or tap-to-pay features, payment card information is collected and processed by Stripe, Inc. Billet never receives or stores full card numbers, CVVs, or expiration dates. We retain only a tokenized reference, the last four digits, and transaction metadata (amount, timestamp, status).
  • Device Information: Device type, operating system version, app version, hardware identifiers, push notification tokens, and an approximate device fingerprint (a hash derived from non-personally identifiable device characteristics) used for security and abuse detection.
  • Usage Data: Interactions with the Service, feature usage, session duration, navigation paths, and in-app error logs.
  • Session Event Data: Login events, logout events, approximate IP-based geolocation, and device fingerprints are logged for security purposes, including detection of unauthorized access and account sharing.
  • Communications: Chat messages sent within the Service, feedback submissions, and support communications.
  • Integration Data: When you connect third-party accounting, storage, or workflow systems (QuickBooks Online, Xero, FreshBooks, Microsoft Dynamics 365 Business Central, Google Drive, OneDrive, Zapier), we collect the data necessary to operate those integrations, including customer records, invoices, products, payments, and file metadata.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Process and manage delivery tickets, signatures, and proof of delivery
  • Process payments when you use our "Pay Now" or tap-to-pay features (via Stripe)
  • Send push notifications about ticket assignments and delivery updates
  • Send transactional SMS notifications — delivery assignment alerts to drivers, proof-of-delivery signature request links to end customers, two-factor authentication login codes, and password reset codes. Billet never sends marketing or promotional SMS, and phone numbers are never sold, rented, or used for advertising. Recipients can opt out at any time by replying STOP. Per-category opt-in and opt-out mechanics are documented in our SMS Notifications policy.
  • Send email notifications for delivery confirmations, signature requests, and account activity
  • Generate PDF reports and delivery documentation
  • Automatically parse uploaded documents (PDFs and CSVs) and, during integration setup, incoming webhook payloads to detect fields, using Anthropic's Claude API
  • Route optimization for multi-stop deliveries (using Google Routes API)
  • Detect and prevent fraud, unauthorized access, and unusual activity (including account sharing)
  • Provide customer support and respond to inquiries
  • Monitor and analyze usage patterns to improve the Service
  • Comply with legal obligations

4. How We Share Information

We do not sell your personal information. No mobile information collected for SMS — including phone numbers — will be shared with third parties or affiliates for marketing or promotional purposes at any time. Phone numbers are transmitted only to Twilio (our SMS sub-processor — see §5) to deliver the transactional SMS categories listed in our SMS Notifications policy. We share other information only in the following circumstances:

  • Within Your Organization: Information is shared among users of the same company account as necessary for delivery operations and administration.
  • Service Providers (Sub-Processors): We share information with third-party service providers that operate the platform. A current list is maintained below in Section 5.
  • Accounting and Workflow Integrations: When you connect QuickBooks Online, Xero, FreshBooks, Microsoft Dynamics 365 Business Central, Google Drive, OneDrive, Zapier, or similar third-party systems, customer, invoice, product, payment, and document data is shared between Billet and that provider as you configure. You can disconnect any integration at any time from your dashboard.
  • Legal Requirements: We may disclose information if required by law, subpoena, court order, or to protect the rights, property, or safety of Billet, our users, or others.
  • Business Transfers: If Billet is involved in a merger, acquisition, or asset sale, your information may be transferred. We will notify you of any change in ownership or use of your information.

5. Third-Party Service Providers

We use the following sub-processors to operate the Service. Each is contractually obligated to handle data in accordance with applicable law and our agreements with them. A standalone list, including subscribe-to-changes instructions, is also available at our Sub-processors page. Business customers may also reference our Data Processing Addendum for the legal framework governing this processing.

  • Hetzner Cloud (Ashburn, Virginia, USA) — cloud hosting and database infrastructure
  • Amazon Web Services (AWS S3) — photo and file storage
  • Cloudflare, Inc. — CDN, DNS, Web Application Firewall, marketing website hosting (Cloudflare Pages), and object storage (Cloudflare R2, phasing in)
  • Stripe, Inc. — payment processing, subscription billing, Pay Now, and tap-to-pay (Stripe Terminal). Stripe is PCI-DSS Level 1 certified.
  • Anthropic, PBC (Claude API) — automated document parsing (PDFs, CSVs) and webhook field detection during integration setup. Personally identifiable information is redacted before transmission where feasible. Anthropic processes this data as our sub-processor and does not retain it for training purposes.
  • Google LLC — Google Routes API for route optimization (Standard tier and above)
  • Apple Inc. — Apple Push Notification service (APNs) for iOS push notification delivery
  • OneSignal, Inc. — push notification orchestration and delivery
  • Postmark (ActiveCampaign) — transactional email delivery (proof of delivery emails, password resets, signature requests, receipts)
  • Twilio, Inc. — SMS messaging for two-factor authentication, driver notifications, and customer signature requests (see our SMS Notifications policy for full details)
  • Functional Software, Inc. (Sentry) — error monitoring and crash reporting
  • ipapi.co — approximate IP-based geolocation for security monitoring
  • Intuit Inc. (QuickBooks Online), Xero Limited, 2ndSite Inc. (FreshBooks), Microsoft Corporation (Dynamics 365 Business Central, OneDrive), Zapier Inc., Make.com, n8n — only if you choose to connect these integrations

We may add additional sub-processors to support new features. Material changes to this list will be disclosed in updates to this Policy.

6. Payment Information

When you accept payments through Billet (using our "Pay Now" email payment links or in-person tap-to-pay via Stripe Terminal), card data is captured by Stripe's payment infrastructure and never touches Billet's servers in its full form. Billet stores only a tokenized payment reference, the last four digits of the card, the card brand, the transaction amount, status, and timestamps. Refunds, disputes, and chargebacks are handled directly through Stripe. For details of Stripe's privacy practices, see stripe.com/privacy.

7. AI-Assisted Features

The Service uses Anthropic's Claude API to automatically parse uploaded documents (PDFs, CSVs) into structured ticket data, and to detect field mappings during integration setup when your system sends webhook payloads. Before transmission to Anthropic, personally identifiable information is redacted where feasible. Anthropic processes this data solely to provide the parsing service and does not use it for model training. You may disable AI-assisted features at any time from your Company Settings; the Service will fall back to manual field mapping where applicable.

8. Session Monitoring and Account Security

To protect accounts from unauthorized access and abuse (including account sharing), we log login events, logout events, approximate IP-based geolocation, and device fingerprints. Our automated monitoring detects patterns such as an unusually high number of distinct devices in a short window, rapid logout-login cycles from different devices, or repeated session evictions. Accounts flagged by these heuristics may be warned by email; repeat violations may result in account suspension. Suspended accounts retain full data access but lose login access until the account owner is contacted and the matter resolved. See our Terms of Service §4a for details on our Fair Use policy.

9. Data Security

We implement industry-standard security measures to protect your information, including: encrypted data transmission (HTTPS/TLS 1.2+), secure password hashing (bcrypt, 12 rounds), session-based authentication with JWT tokens, role-based access controls, intrusion detection (auditd, AIDE, fail2ban), hardened server configurations, and encryption at rest for databases and photo storage. Payment data is handled by Stripe under PCI-DSS Level 1 certification. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Data Retention

Delivery tickets, signatures, photos, and associated data are retained for the lifetime of your account. Session event logs are retained for up to 24 months for security monitoring. Payment records are retained for the period required by applicable tax and accounting laws (typically seven years). You may request deletion of your account and associated data at any time through the app (Settings → Account → Delete Account) or by contacting us; deletion completes within 30 days, subject to limited retention of records required by law.

11. Data Location and International Transfers

At present, Billet stores your data on servers located in Ashburn, Virginia, United States, operated by Hetzner Cloud. Photos are stored in AWS S3 in the United States. We plan to offer optional data residency in European Union (Germany) and Australia (Sydney) regions in 2026. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. Where the transfer is from the European Union, United Kingdom, or Switzerland, we rely on Standard Contractual Clauses (SCCs) as a transfer mechanism, and our sub-processors that process EU/UK/CH personal data do the same.

12. Your Rights

Regardless of your jurisdiction, you have the right to:

  • Access and receive a copy of the personal data we hold about you
  • Correct inaccurate or incomplete personal data
  • Request deletion of your personal data, subject to limited exceptions required by law
  • Export your data in a portable, machine-readable format
  • Opt out of marketing communications (we currently do not send marketing email; only transactional)
  • Opt out of SMS and email notifications through your account settings
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, email [email protected]. We will respond within 30 days.

13. California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you specific rights:

  • Right to Know: what personal information we collect, use, disclose, and share
  • Right to Delete: personal information we've collected from you
  • Right to Correct: inaccurate personal information
  • Right to Limit Use: of sensitive personal information to specified purposes
  • Right to Opt Out of Sale/Sharing: we do not sell personal information and do not share it for cross-context behavioral advertising
  • Right to Non-Discrimination: we will not discriminate against you for exercising these rights

To submit a verifiable consumer request, email [email protected]. We may ask you to verify your identity before processing the request.

14. EU, UK, and Swiss Residents (GDPR / UK GDPR / FADP)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR), UK GDPR, and Swiss Federal Act on Data Protection (FADP).

Legal Basis for Processing:

  • Contract: processing necessary to provide the Service you subscribed to
  • Legitimate Interests: security monitoring, abuse detection, service improvement
  • Consent: certain optional processing, such as location tracking, where you grant permission
  • Legal Obligation: tax, accounting, and other statutory requirements

Your Rights Include: access, rectification, erasure, restriction of processing, data portability, objection, and the right to lodge a complaint with your supervisory authority (e.g., UK ICO, Irish DPC).

International Transfers: your personal data will be transferred to the United States. We rely on Standard Contractual Clauses (SCCs) with our sub-processors for such transfers.

To exercise your rights, email [email protected]. We will respond within 30 days.

15. Children's Privacy

The Service is a business-to-business tool and is not intended for, marketed to, or designed for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 13 (or 16 in the EEA/UK), we will delete it promptly.

16. Cookies and Tracking

Marketing website (billetsystems.com): Uses no cookies, no local storage, no tracking pixels, and no third-party analytics. Visiting the website leaves no trace of you on our systems beyond a standard server access log entry.

Authenticated dashboard (app.billetsystems.com): Uses strictly necessary cookies and local storage to maintain your authenticated session and remember user preferences (e.g., dark mode, dashboard layout). We do not use advertising cookies, cross-site tracking, or third-party analytics beyond error monitoring (Sentry, used to capture crashes and bugs in your authenticated session). You can disable cookies in your browser settings, but certain features may not function correctly.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal obligations, or sub-processor relationships. Material changes will be communicated via email to account administrators and/or through a notice in the Service. The "Last updated" date at the top of this Policy indicates when it was most recently revised. Continued use of the Service after changes take effect constitutes acceptance of the revised Policy.

18. Contact Us

For questions about this Privacy Policy or our data practices, or to exercise any of your rights, contact us:

Billet Systems LLC

Email: [email protected]

Website: billetsystems.com