Privacy Policy &
User Agreement.

This Privacy Policy describes how RouteWise Logistics Inc. ("RouteWise," "we," "us," or "our"), a Canadian Federal Corporation, collects, uses, stores, and protects personal and operational data when you use the RouteWise platform and services.

RouteWise Logistics Inc. is the Data Controller under the Personal Information Protection and Electronic Documents Act (PIPEDA) for Canadian users. For international users, RouteWise provides GDPR-equivalent protections.

By using the RouteWise platform, you consent to the data practices described in this policy. If you do not agree, please discontinue use of the platform.

RouteWise collects the following categories of data:

RouteWise collects and processes data for the following purposes:

• Route optimization and load matching (core platform function)
• Scope 3 emissions calculation and ESG reporting
• TDG and HOS compliance checking and automation
• Predictive analytics and operational intelligence
• Platform performance improvement and AI/ML model training (using anonymized data)
• Billing and subscription management
• Customer support and onboarding
• Security monitoring and fraud prevention
• Legal compliance and regulatory reporting

RouteWise integrates with ELD and telematics providers (including Geotab, Motive, Samsara, and Isaac Instruments) on an optional basis. Telematics data is ingested only where the carrier has explicitly granted permission through the platform's integration settings.

Telematics data is used exclusively for: improving route analytics, measuring empty-mile performance, estimating fuel consumption and emissions, and enhancing predictive operational insights.

Carriers retain full control over telematics integrations and may revoke access at any time through platform settings. Revocation of telematics access does not affect core platform functionality.

RouteWise does not sell or share telematics data with third parties without explicit carrier consent.

RouteWise does not sell individual carrier or shipper data to third parties. Data sharing is limited to:

• Aggregated, anonymized industry benchmarking data (no identifying information)
• Service providers necessary for platform operation (cloud hosting, payment processing) under strict data processing agreements
• Legal requirements: disclosure required by law, court order, or regulatory authority
• Business transfers: in the event of a merger or acquisition, data may transfer to the successor entity under equivalent privacy protections

RouteWise stores data on cloud infrastructure (AWS or GCP) with Canadian data residency where possible. Security measures include:

• Encrypted data storage (AES-256 at rest, TLS 1.3 in transit)
• IAM role-based access control — minimum privilege principle
• Multi-tenant architecture with strict data isolation between accounts
• API Gateway with rate limiting and throttling
• Regular security audits and penetration testing
• SOC 2 compliance principles (Phase 2 goal)

In the event of a data breach affecting personal information, RouteWise will notify affected Users and the relevant regulatory authority as required under PIPEDA within 72 hours of becoming aware of the breach.

Under PIPEDA and applicable privacy laws, you have the following rights regarding your personal data:

To exercise any of these rights, contact us at privacy@routewise.ca. We will respond within 30 days.

RouteWise uses standard session cookies for authentication and platform functionality, and analytics cookies to understand platform usage patterns. Analytics data is aggregated and does not identify individual users.

Users may manage cookie preferences through their browser settings. Disabling session cookies may affect platform functionality.

The RouteWise platform is a B2B service intended exclusively for business use by persons aged 18 and over. We do not knowingly collect personal information from individuals under the age of 18. If you believe a minor has submitted data to our platform, please contact us immediately at privacy@routewise.ca.

RouteWise Logistics Inc. complies with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's federal privacy law governing how private sector organizations collect, use, and disclose personal information in the course of commercial activities.

For users located in the European Economic Area, RouteWise provides GDPR-equivalent protections, including lawful basis for processing, data subject rights, and data transfer safeguards.

RouteWise's ten PIPEDA privacy principles are: accountability, identifying purposes, consent, limiting collection, limiting use/disclosure/retention, accuracy, safeguards, openness, individual access, and challenging compliance.

Personal and operational data is retained for the duration of the active subscription plus any period required by Canadian law (typically 7 years for financial records). Upon account termination, personal data is deleted within 90 days unless legal retention obligations apply.

Aggregated, anonymized data may be retained indefinitely for platform improvement and industry benchmarking. ESG reports generated by users are retained for the subscription duration and available for download during that period.

RouteWise may update this Privacy Policy from time to time. Material changes will be communicated to Users via email or in-platform notification with at least 14 days' notice before taking effect. The "Effective Date" at the top of this policy will be updated with each revision.

Continued use of the platform after the effective date of any update constitutes acceptance of the revised Privacy Policy.

For any privacy-related questions, requests, or complaints, contact our Privacy Officer:

If you are unsatisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.