Privacy Policy

Scope: This Policy applies to dlvrNOW and its affiliates in Jamaica, Trinidad & Tobago, Barbados, and Guyana, and complies with all applicable data-protection and electronic-transactions laws, including the Jamaica Electronic Transactions Act, Trinidad & Tobago Electronic Transactions Act, Barbados E-Commerce Act, and Guyana Telecommunications & Electronic Communications Standards.

Summary: This Policy describes how dlvrNOW Limited collects, uses, stores, shares, and protects personal information when providing goods-delivery and logistics services. The Company processes personal data in accordance with the Jamaica Data Protection Act 2020. Where applicable, processing also complies with the Trinidad and Tobago Data Protection Act 2011, the Barbados Data Protection Act 2019, and Guyana’s telecommunications and electronic-communications privacy standards.

Across all territories, dlvrNOW adheres to the core data-privacy principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality, and user rights, consistent with international best-practice standards including ISO/IEC 27701 and generally accepted privacy governance frameworks.

dlvrNOW does not provide passenger transportation services in any territory, and all processing activities described herein apply exclusively to the delivery of goods, freight, parcels, and commercial items across all operating territories.

This policy specifically applies to: 

Processing of payment-related personal data complies with the Bank of Jamaica Payment Services Oversight Guidelines, the Central Bank of Trinidad & Tobago’s Electronic Payments Framework, the Barbados Financial Services Commission requirements, and the Bank of Guyana’s supervisory standards, including all applicable directives issued under the Bank of Guyana’s financial-sector oversight framework.

• Recipients:  is the person or entity designated to receive and confirm delivery of goods transported through the platform.

• Senders:  is the person or entity responsible for initiating a delivery and providing goods to driver providers for transport to the recipient.
• Delivery Providers: is the independent driver or entity that transports goods through the platform from the sender to the recipient.
• Users: are individuals or entities who engage with the Company’s goods-delivery and logistics platform—used exclusively for the transport of packages, freight, and commercial items, and not for passenger transport—as senders, recipients, or delivery providers.
• Personal Data: Any information relating to an identified or identifiable natural person. 
• Processing: Any operation performed on personal data, including collection, recording, organization, storage, alteration, retrieval, disclosure, or deletion. 
• Data Protection Officer (DPO): The designated officer responsible for ensuring compliance with this Policy and the Data Protection Act, 2020.

1. Definitions: 

   1. Territory: Territory means the jurisdiction in which the User is located, including Jamaica, Trinidad & Tobago, Barbados, or Guyana.
   2. App/s: Refers to the Company’s mobile applications, websites, content, products, and related services (each an “App” or collectively “Apps,” as applicable) that enable users to arrange and schedule goods, freight, and package delivery services only, and not passenger-carrying services. These Apps may also facilitate the purchase of such services from third-party providers operating under agreement with the Company (“Third-Party Providers”).

1. Data Controller

For users in each operating Territory, dlvrNOW Limited acts as the Data Controller and processes personal data in accordance with the applicable national data-protection framework and recognized international privacy standards, including ISO/IEC 27701 (Privacy Information Management)

1. Jamaica
   For Users in Jamaica, dlvrNOW Limited is the Data Controller. All personal data is processed in compliance with the Jamaica Data Protection Act, 2020 (Act No. 11 of 2020), including Part IV — Processing of Personal Data and Schedule 2 — Retention. Questions, comments, or complaints may be directed to support@dlvrnow.app or to the Office of the Information Commissioner (OIC).

1. Trinidad & Tobago
   For Users in Trinidad & Tobago, personal data is processed in accordance with the Trinidad & Tobago Data Protection Act, 2011, which is partially proclaimed and implemented in phases, together with all applicable financial-sector regulations, electronic-transactions requirements, and digital-services standards governing the collection, use, and safeguarding of personal information. Processing includes compliance with the Central Bank of Trinidad & Tobago’s supervisory guidelines, electronic-payments and card-scheme rules, and all lawful obligations relevant to the handling of user and delivery-partner data within the jurisdiction.

1. Barbados

For Users in Barbados, dlvrNOW Limited processes personal data under the Barbados Data Protection Act, 2019, including Schedule 2 — Data Subject Rights — and the cross-border transfer safeguards required under Part IV of the Act. Processing is carried out in accordance with all obligations relating to fair processing, transparency, data-subject rights, and adequacy assessments for any international transfers of personal data, ensuring that data is not transferred outside Barbados unless appropriate safeguards, lawful bases, and adequacy considerations have been satisfied.

1. Guyana
   For users in Guyana, dlvrNOW Limited processes personal data in accordance with the national data-governance framework, which distributes privacy obligations across multiple legislative instruments— including the Telecommunications Act, the Cybercrime Bill, and the national electronic-transactions standards—together with internationally recognised privacy-management best practices. Guyana currently has no fully enacted, comprehensive Data Protection Act; therefore, all processing activities are aligned with the privacy, security, and data-handling requirements contained within existing telecommunications-privacy rules, cybercrime safeguards, and electronic-transactions provisions to ensure fair, transparent, and secure processing pending the introduction of dedicated data-protection legislation. All processing activities also comply with the reasonable security, confidentiality, and data-handling requirements established by Guyana’s telecommunications and electronic-communications regulators. 

1. Cross-Border and Extra-Territorial Processing
   Personal information may be processed both within and outside the relevant Territory in accordance with applicable laws governing international data transfers. Appropriate safeguards are applied to ensure that personal data is handled securely and lawfully. Transfers outside any Territory use Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or equivalent safeguards recognized under the national framework of each Territory. Where required by law, cross-border transfers are also subject to territorial adequacy or equivalence assessments to ensure that the destination jurisdiction provides a level of protection consistent with the legal standards of the originating Territory. For users in Jamaica, such transfers are governed by Section 30 of the Jamaica Data Protection Act 2020.

1. Contact Information
   dlvrNOW’s Data Protection Officer may be contacted at support@dlvrnow.app for any data-protection inquiries or for exercising data-subject rights across all Territories.

1. What type of Information is collected? 

The following information is collected by or on behalf of the Company:

1. Information you provide: Personal data is processed only on lawful bases, including consent, contractual necessity, compliance with legal obligations, protection of vital interests, and legitimate interests. For users in Jamaica, processing follows the requirements of Part IV, Section 22 of the Jamaica Data Protection Act 2020 and Section 23 regarding data minimisation obligations.

For users in Trinidad & Tobago, processing is carried out in accordance with the lawful-basis provisions of the Trinidad & Tobago Data Protection Act 2011.

For users in Barbados, processing complies with the lawful-processing conditions set out in the Barbados Data Protection Act 2019. For users in Guyana, processing aligns with national data-privacy principles reflected in the Telecommunications Act, the Cybercrime Bill, and national electronic-transactions standards. Across all territories, dlvrNOW applies internationally recognised information-security and privacy frameworks, including ISO/IEC 29151 and ISO/IEC 27701.

1. User Account: User account information and related data are retained for as long as your account remains active and only for the period necessary to fulfil the purposes for which the information was collected. User account information is retained in accordance with the retention framework described in the ‘Data Retention’ section of this Policy.

Users may request deletion of their accounts at any time. Upon receiving a deletion request, the Company will remove all non-essential information and retain only the data required by law or necessary for legitimate purposes, such as completing investigations, resolving disputes, or complying with statutory obligations. Retention exceptions permitted under the Trinidad & Tobago Data Protection Act 2011, the Barbados Data Protection Act 2019, and Guyana’s telecommunications-based privacy principles are applied consistently. These exceptions operate alongside the statutory rights and retention exemptions recognised under the Jamaica Data Protection Act 2020, ensuring that all rights and limitations are applied in accordance with the legal framework of each Territory.

Upon account deletion, personal data is securely purged using industry-standard methods, and any residual information is archived only for the period legally required. If an outstanding dispute or claim exists relating to a user account — for example, an unresolved delivery-damage claim or unpaid charges — the relevant information will be retained until the matter is fully resolved.

1. Background Check Information: If you sign up to use our services as a delivery partner, background check information may be collected (where permitted by law). This can include delivery history, driving record, or criminal background information. Background checks are performed in accordance with the police record and driver licensing requirements of each operating territory, including the Jamaica Police Record Office, Trinidad & Tobago Police Certificate of Character, Barbados Police Certificate of Character, and the Guyana Police Force. Such information may be obtained by a third-party service provider acting on our behalf.
2. Demographic Data: Information such as age range, location, and other demographic details collected through voluntary user surveys or other means.
3. User Data: Information submitted when you contact our customer support team, provide ratings or feedback for other users, or otherwise communicate with the Company.
4. Address Book or Calendar: If you permit the App to access contacts stored on your device, the Company will not use contact data for advertising purposes unless explicit consent is obtained. If you allow our App to access your calendar, we may collect details such as event title, description, response (Yes, No, Maybe), date and time, location, and number of attendees.

1. Information Related to Use of Services: Technical data such as logs and location records are retained only as long as necessary for operational security and audit purposes. Collection of such data occurs only with active user consent. This information may include:
   1. Location: We collect accurate location data to ensure efficient and reliable delivery of goods. Depending on your App settings and device permissions, this may include data from GPS, IP address, and Wi-Fi signals. Location data is used exclusively for routing, chain-of-custody tracking, and verification of goods-handling events.
      1. For delivery partners, location data may be collected when the App is open (foreground) or running in the background.
         
         
      2. For senders and recipients, location data is collected when the App is active in the foreground.
      3. If location permissions are disabled, some App features may not function properly, and users may need to enter pickup or delivery addresses manually.
      4. Location data is retained only for the minimum lawful period required under the data-protection and telecommunications frameworks applicable in each operating territory, including data-governance obligations arising from the Telecommunications Act, the Cybercrime Bill, and national electronic-transactions standards. This includes the Jamaica Data Protection Act 2020, the telecommunications and privacy provisions of Trinidad and Tobago, the retention requirements under the Barbados Data Protection Act 2019, and the retention provisions established under the Guyana Telecommunications Act and associated regulatory standards.
   2. Transaction Information: includes details of your delivery orders, such as order number, items delivered, pickup and drop-off locations, date and time of service, distance, charges, payment method, and any use of promotional codes.
   3. Usage Information: Includes data such as access dates and times, App features used, pages viewed, App performance (including crashes), browser type, and links accessed before using our services. Some of this data may be collected through cookies or similar technologies that help maintain secure and consistent App functionality.
   4. Device Information: Covers details such as device model, operating system, software version, preferred language, IP address, mobile network, and unique device identifiers. This helps us improve App performance and security.
   5. Communications Data: When users communicate with each other or with the Company through the App, we collect limited information such as call or message time, duration, and content (where applicable). This data is used strictly for customer support, dispute resolution, safety, and service improvement.
2. Information from other sources:Third-party data is verified for accuracy and processed in accordance with the accuracy requirements of the Jamaica Data Protection Act 2020, the Trinidad & Tobago Data Protection Act 2011, the Barbados Data Protection Act 2019, and Guyana’s telecommunications and electronic-communications privacy standards. All partner contracts include mandatory confidentiality and data-processing clauses, and third-party processors must comply with the applicable legal and security obligations of each operating Territory.

1. User Ratings and Feedback.
2. Users provide your information in connection with referrals or Promos.
3. Users requesting services for or on your behalf.
4. Users or others providing information in connection with claims or disputes.
5. Business partners through which you create or access your account, e.g., payment providers, social media services, etc.).
6. Insurance providers for delivery partners.
7. Financial services providers for delivery partners.
8. Partner transportation companies for delivery partners who use our services through an account associated with such a company).
9. Sources in the public domain.
10. Marketing service providers.

1. How We Use Your Information: We may combine information collected from the various sources described in this Policy with other data already in our custody. Processing is limited to the minimum necessary data for stated purposes, consistent with Section 23—Data Minimization of the Act. The lawful bases for use are consent, contract, or legal obligation. We do not sell, disclose, or share your personal information with third parties for their own direct marketing purposes. We use the information collected for the following purposes:

1. Providing Services and Features: To customize, maintain, and improve our products and services. This includes account creation and updates, identity verification, enabling delivery and logistics services, automated calculation of charges, payment processing, delivery tracking, enabling feedback between users, resolving software issues, and analyzing service usage trends.
2. Safety and Security: To maintain the safety, security, and integrity of our services and users. This includes monitoring delivery partner performance (e.g., delivery speed and route efficiency), verifying identity, and conducting background checks where permitted by law.
3. Customer Support:To investigate and resolve complaints or disputes, and to improve customer service responsiveness and effectiveness.
4. Research and Development:To test, analyze, and develop new features and improvements to our platforms, payment systems, and overall user experience.
5. User-to-User Communications:
   To facilitate communication strictly between senders, recipients, and delivery providers for coordinating goods-delivery activities, including package status updates, pickup verification, secure handover confirmation, and the resolution of issues related to freight or packages. These communications are limited exclusively to the delivery, handling, and transfer of goods and must not be used for any interaction related to passenger transport, passenger-carrying activity, or the personal carriage of individuals.
6. Company-to-User Communications: To provide updates on services, promotions, events, or changes to terms and policies.
7. Legal and Litigation Purposes: For legal or litigation reasons, where disclosure is required under the applicable laws of Jamaica, Trinidad & Tobago, Barbados, or Guyana, including requests or directives issued by law enforcement entities, transportation regulators, financial supervisory authorities, or any competent regulatory body, or where necessary for the Company to investigate, defend, or resolve a dispute or claim.
8. Cross-Border Data Transfers: Where personal data is transferred outside Jamaica, such transfers are carried out in compliance with the Jamaica Data Protection Act, 2020 and in accordance with recognized international data protection standards and safeguards to ensure the continued security and privacy of your information. Transfers occur only to jurisdictions that provide an adequate level of data protection or are governed by approved safeguards, such as Standard Contractual Clauses or Binding Corporate Rules.

1. Cookies and Third-Party Technologies 

Cookies are small text files stored on your browser or device by websites, apps, online media, and advertisements. We use cookies and similar technologies to authenticate users, remember user preferences and settings, ascertain content appeal, analyze marketing effectiveness, and assess site traffic, trends, and online behaviors and users’ interests. Cookies are retained for no longer than 12 months. Users can manage or delete cookies via device settings or browser privacy options. Disabling cookies may limit App functionality. This analysis may be done by third parties on our behalf.

• Information Sharing and Disclosure 

Information is shared only under lawful bases as defined by the Data Protection Act, 2020, including consent, contractual necessity, and legal obligation. We may share information with other users as required by the App/s to provide services, or at your request or for legal purposes, as follows:

1. With other users: e.g., sender/recipient’s name to delivery partner, delivery partner’s image, name and contact data to sender/recipient, delivery partner rating or sender/recipient rating.
2. At your request: e.g., your ETA and location with a friend of a sender/recipient, at sender/recipient’s request.
3. Public Domain: e.g., on our website, blogs, or social media where a user gives feedback through these channels.
4. With service providers and business partners, such as payment processors and facilitators, background-check providers, cloud-storage vendors, data-analytics providers, legal and accounting service providers, insurers, and other contracted entities that support dlvrNOW’s operations. All third-party processors must comply with the applicable data-protection laws of Jamaica, Trinidad & Tobago, Barbados, and Guyana, and must meet the information-security and privacy-management requirements of ISO/IEC 27001 and ISO/IEC 27701 or equivalent internationally recognised standards.
5. Personal data required for refund or chargeback investigations may be shared strictly with financial institutions in accordance with the Bank of Jamaica Payment Systems Oversight Guidelines, the Central Bank of Trinidad & Tobago E-Money and Card-Scheme Standards, the Barbados Financial Services Commission requirements, and the banking-supervisory rules of Guyana.
6. For legal/litigation reasons. Where it is required to be shared by law or necessary for the Company in any litigation matter to resolve a dispute or a claim.
7. With your consent: We may share your information other than as described in this policy if we notify you and you consent to sharing the information.

1. Data Retention 

User account information and related data are retained for as long as the account remains active and only for the period necessary to fulfil the purposes for which the information was collected. Retention practices comply with the applicable data-protection and financial-record requirements in each operating Territory, including the Jamaica Data Protection Act 2020 (Schedule 2: Retention Periods), the Central Bank of Trinidad & Tobago’s retention and audit guidelines, the statutory obligations of the Barbados Financial Services Commission, and the financial-record retention rules of the Bank of Guyana. Data is retained only for the minimum period required under these frameworks or any other legal, regulatory, or supervisory obligation.

Users may request deletion at any time. Upon receiving a deletion request, the Company removes all non-essential information and retains only the data required for lawful purposes such as investigations, dispute resolution, or statutory compliance. Retention exceptions under the Trinidad & Tobago Data Protection Act 2011, the Barbados Data Protection Act 2019, and Guyana’s telecommunications-based privacy principles are applied consistently, alongside the statutory exemptions recognised under the Jamaica Data Protection Act 2020.

Upon account deletion, data is securely purged using industry-standard methods. Any residual information is archived only for the legally required duration. If an outstanding claim, dispute, or unpaid balance exists, the relevant information is retained until the matter is fully resolved.

1. Choice and Transparency 

The App provides features allowing you to see and control information collected through in-app privacy settings, device permissions, in-app rating pages, and marketing opt-outs. Users have the right to access, review, update, correct, or request the deletion of their personal information, and may exercise these rights in accordance with the data-protection laws applicable in the territory where they are located.

For users in Jamaica, these rights are governed by the Jamaica Data Protection Act 2020, including rights of access, rectification, erasure, objection, restriction of processing, and data portability. These rights are subject to the exemptions outlined in Section 25 of the Jamaica Data Protection Act 2020.

For users in Trinidad & Tobago, personal-information rights are provided under the Trinidad and Tobago Data Protection Act 2011, including the right to prevent unlawful processing, the right to request correction of inaccurate information, and the right to be informed about the purpose and use of personal data.

For users in Barbados, the Company complies with the Barbados Data Protection Act 2019, which provides equivalent rights to access, correct, erase, restrict processing, and object to the handling of personal information.

For users in Guyana, the Company follows national data-protection principles consistent with the Telecommunications Act, the Cybercrime Bill, and the national electronic-transactions standards currently guiding data-handling practices, together with the Telecommunications and Electronic Communications Standards, which ensure fair, transparent, and secure processing and allow individuals to request access, correction, or deletion of inaccurate or unnecessary data. Guyana has no fully enacted privacy or data-protection statute at this time. Accordingly, user rights are grounded in general privacy and telecommunications principles rather than a unified statutory framework. 

Users may submit requests to exercise these rights through the App or by contacting the Company using the information provided in the “Contact Information” section. To protect user privacy, dlvrNOW may require reasonable identity verification before fulfilling such requests.

.

1. Device Permissions: Most mobile platforms have defined certain types of device data that apps cannot access without your consent. And these platforms have different permission systems for obtaining your consent. The iOS platform will alert you the first time the App wants permission to access certain data types and will let you consent (or not consent) to that request. Android devices will notify you of the permissions that the App seeks before you first use the app, and your use of the App constitutes your consent.
2. Ratings After every delivery, delivery partners can rate sender/recipients and give feedback on the delivery experience to ensure sender/recipient accountability.
3. You may request to receive a copy of the information the Company has compiled about you or the reason for collecting a piece of information or to correct any inaccuracies (upon presentation of proof of correct data) that Company has stored. You can edit your Account profile, or requests to correct data can be made to support@dlvrnow.app .
4. Marketing Opt-Outs. Marketing communications are managed in accordance with the electronic-communications, e-commerce, and anti-spam requirements applicable in each territory where dlvrNOW operates, including the Jamaica Electronic Transactions Act, the Trinidad and Tobago Electronic Transactions Act, the Barbados E-Commerce Act, the Guyana Telecommunications and Electronic Communications Standards, and the anti-spam guidance issued by the Telecommunications Authority of Trinidad & Tobago (TATT).

Users may opt out of receiving promotional or marketing communications at any time by following the opt-out mechanisms provided within the App or by contacting marketing@dlvrnow.app. If a user opts out of marketing communications, dlvrNOW may still send non-promotional messages as permitted under applicable law, including delivery receipts, account-related notifications, operational updates, safety notices, and changes to policies or terms.

1. Contact Information 

We welcome your comments or questions regarding this Privacy Policy at the contact address provided within the App. If you have any concerns about a possible breach or contravention of this Policy, the Company will take all commercially reasonable steps to investigate and address your concerns. Where any inconsistency arises between this Policy and the mandatory data-protection, telecommunications, or financial-services laws of a user’s Territory, the applicable local laws shall prevail.

This Privacy Policy may be updated or modified from time to time. Any changes will be communicated through the App or the Company’s official channels.

By continuing to use the App, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy for as long as you use the App or any related services offered by the Company. This Privacy Policy forms part of the legally binding terms governing your use of dlvrNOW’s services within each operating Territory.

1. Permissions 

These permissions are used solely for delivery tracking and secure communication, following Google Play’s Data Safety requirements.

android.permission.CAMERA 

android.permission.READ_PHONE_STATE android.permission.GET_ACCOUNTS

android.permission.READ_CONTACTS 

Permissions such as access to camera, contacts, and location are requested solely to support delivery functionality. No personal data collected through permissions is shared externally. All permissions comply with the Google Play Developer Data Safety Policy and are reviewed quarterly for necessity. All permission-based data collection is performed in accordance with the privacy, data-handling, and electronic-communications requirements applicable in Jamaica, Trinidad & Tobago, Barbados, and Guyana. Such permissions are interpreted and applied in alignment with the statutory retention, data-minimisation, and consent principles specific to each Territory.

Location Permission Declaration: 

ACCESS_FINE_LOCATION 

ACCESS_COARSE_LOCATION

ACCESS_BACKGROUND_LOCATION 

ACCESS_FINE_LOCATION & ACCESS_COARSE_LOCATION 

Location data is collected and retained only for the duration of an active delivery session. Once completed, only anonymized tracking data is stored for analytics and safety audits. The Company does not sell or disclose location data. 

ACCESS_BACKGROUND_LOCATION 

Above the location background, permission is used for Delivery/service (for example, package, freight, or goods) tracking on the user side. Location service is used under the privacy policy of Google Play Developer Program Policies. We don’t share any location data or customer information, for any additional resources taken under authorization is appropriately secure and under the law of google consents.

• Policy Governance

This Policy is reviewed annually for compliance with the Jamaica Data Protection Act, Trinidad & Tobago Data Protection Act, Barbados Data Protection Act, and the applicable privacy and electronic-communications laws of Guyana.

The Data Protection Officer is responsible for oversight, implementation, and enforcement of this Policy.

1. Accessibility Statement: 

dlvrNOW ensures that this Privacy Policy is accessible in plain language. Alternate formats are available upon request to support@dlvrnow.app for visually impaired users.