Privacy Policy - Octopus TMS

Effective Date: January 2025

1. Introduction

Octopus TMS Platform ("Octopus", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our transportation management platform and related services.

2. Information We Collect

2.1 Business Information

Company name, DOT/MC numbers
Business address and contact information
Tax identification numbers
Insurance and compliance documentation

2.2 User Account Information

Names and contact details of authorized users
Login credentials (encrypted)
Role and permission settings

2.3 Operational Data

Load booking and dispatch history
Fleet and driver information
Location data for tracking shipments
Communication logs between parties

2.4 Financial Information

Banking details for settlements
Payment method information (processed securely by Stripe)
Transaction history and invoices

2.5 Gmail Integration Data

When you connect your Gmail account to Octopus TMS:

We request permission to send emails on your behalf
We store encrypted OAuth tokens to maintain your connection
We do NOT read, store, or access your email content
We only send emails when you explicitly initiate the action

3. How We Use Your Information

3.1 Service Delivery

Process load bookings and dispatch assignments
Facilitate communication between shippers and carriers
Send emails on your behalf (invoices, documents, notifications)
Process payments and settlements
Provide customer support

3.2 Platform Improvement

Analyze usage patterns to improve features
Develop new services and functionality
Ensure platform security and prevent fraud

4. Information Sharing

4.1 Service Providers

We share information with trusted third-party service providers including:

Stripe for payment processing
Google for Gmail integration (OAuth2)
DAT for load board integration
AWS for cloud infrastructure

4.2 Legal Requirements

We may disclose information when required by law or to protect rights and safety.

5. Data Security

Encryption of data in transit (TLS/SSL) and at rest (AES-256)
OAuth tokens encrypted before database storage
Regular security audits
Access controls and authentication protocols

6. Your Rights

You have the right to:

Request access to your personal data
Correct inaccurate information
Delete your account and associated data
Export your data
Disconnect third-party integrations (like Gmail)

Revoking Gmail Access

You can disconnect your Gmail account at any time through Octopus TMS Settings or through your Google Account at myaccount.google.com/permissions.

7. Data Retention

Active account data: Duration of business relationship
Financial records: 7 years per regulatory requirements
OAuth tokens: Until you disconnect or delete your account

8. California Privacy Rights (CCPA)

California residents have additional rights including the right to know what personal information is collected, request deletion, and opt-out of sale of personal information. We do not sell personal information.

9. Google API Services User Data Policy

Octopus TMS's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Limited Use Disclosure:

We only use Gmail API access to send emails on your behalf when you explicitly request it
We do not use Gmail data for advertising purposes
We do not allow humans to read your email data unless required for security purposes or with your explicit consent
We do not use Gmail data for AI/ML training unrelated to the email feature

10. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated revision date. Material changes will be notified via email.

11. Contact Us

Octopus TMS Platform

The Digital Ronin LLC

Email: info@thedigitalronin.com

By using the Octopus TMS Platform, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.