company logo white
Platform in Development - Join Our Waiting List

Your Privacy & Security Matter

We believe privacy is a right, not a product. At GeeGee, we use encryption, fraud detection, and transparent practices to protect your data. No selling. No dark patterns. Just honest security.

256-bit

AES Encryption

PIPEDA

Compliant

ISO/SOC 2

Certified

Six Security Pillars

End-to-End Encryption

All rider-driver communication, location data, and payment information encrypted with 256-bit AES. No man-in-the-middle attacks possible.

  • TLS 1.3 for all endpoints
  • 256-bit AES encryption at rest
  • Perfect forward secrecy
  • Certificate pinning on mobile

Multi-Layer Fraud Prevention

AI-powered detection catches fake accounts, GPS spoofing, credential stuffing, and suspicious payment patterns before they impact users.

  • Real-time anomaly detection
  • GPS spoofing detection
  • Behavioral biometrics
  • Device fingerprinting
  • Velocity checks

Data Minimization

We collect only what's necessary. No selling data to third parties. Personal information is anonymized for research and deleted on request.

  • Minimal personal data collection
  • Automatic data deletion (12 months)
  • Right to be forgotten honored
  • No third-party data sales

Transparent Privacy

Clear, honest privacy policies. No dark patterns. Riders know exactly what we collect, how we use it, and how long we keep it.

  • Plain-language privacy policy
  • Granular privacy controls
  • Monthly transparency reports
  • User data audit trails

Secure Infrastructure

AWS infrastructure with automated backups, DDoS protection, intrusion detection, and continuous security monitoring.

  • AWS security best practices
  • Automated backup & disaster recovery
  • DDoS mitigation
  • Intrusion detection systems

Compliance & Audits

PIPEDA compliant (Canada), GDPR ready, PCI DSS for payment processing. Annual third-party security audits and penetration testing.

  • PIPEDA compliance
  • GDPR ready
  • PCI DSS certified
  • Annual penetration tests

Data Collection & Retention

We collect only what's necessary. Here's exactly what data we collect, why, how we encrypt it, and how long we keep it.

Account Information

What We Collect

Name, phone, email, government ID (verification only)

How We Use It

Account creation, identity verification, support

How Long We Keep It

12 months after account deletion, then anonymized

Encryption Standard

AES-256 at rest, TLS in transit

Payment Information

What We Collect

Credit/debit card, bank details (for drivers)

How We Use It

Processing payments, payouts, fraud detection

How Long We Keep It

Per PCI DSS requirements (6 years for chargebacks)

Encryption Standard

PCI DSS Level 1 compliance, tokenized storage

Location Data

What We Collect

Real-time GPS during rides, start/end points

How We Use It

Route optimization, safety features, ETA calculation

How Long We Keep It

Immediately after ride (automated deletion)

Encryption Standard

HTTPS encrypted, never logged to disk

Communication

What We Collect

In-app messages, support tickets, feedback

How We Use It

Providing support, dispute resolution, improvement

How Long We Keep It

2 years for dispute resolution, then deleted

Encryption Standard

TLS encrypted, no plaintext logging

Device Information

What We Collect

Device type, OS, app version, IP address

How We Use It

App optimization, security (device fingerprint)

How Long We Keep It

6 months (for security baseline)

Encryption Standard

Hashed and anonymized

Aggregate Data

What We Collect

Anonymized trip patterns, pricing data, metrics

How We Use It

Public research, government planning, improvements

How Long We Keep It

Indefinitely (fully anonymized)

Encryption Standard

Aggregated at source, never contains personal info

Advanced Fraud Detection

We use AI and machine learning to detect and prevent fraud in real-time, protecting both riders and drivers.

GPS Spoofing Detection

Monitors GPS accuracy, velocity plausibility, and signal consistency. Flags impossible movements (teleportation) and unnatural acceleration patterns.

Impact:

Prevents fake rides and location manipulation fraud.

Device Fingerprinting

Analyzes 100+ device characteristics (hardware ID, screen size, installed apps, timezones). Detects cloned or stolen accounts.

Impact:

Catches multi-accounting and account takeover attempts in real-time.

Behavioral Biometrics

Learns normal typing speed, tap patterns, swipe pressure, and navigation habits. Flags unusual deviations suggesting account compromise.

Impact:

Detects credential stuffing before attackers access sensitive data.

Payment Velocity Checks

Monitors payment frequency, amounts, and card-to-card patterns. Flags rapid transactions, unusual geography, or suspicious velocity.

Impact:

Stops stolen credit card abuse and money laundering attempts.

Network Analysis

Identifies shared networks, VPNs, proxies, and data center IPs. Correlates accounts, payment methods, and devices across network.

Impact:

Detects organized fraud rings and bot networks at scale.

Real-Time Anomaly Detection

ML model scores every action (login, payment, ride request) against historical baseline. Triggers step-up authentication for high-risk events.

Impact:

Stops fraud attempts the moment they deviate from normal behavior.

Security Certifications & Compliance

PIPEDA Compliant

Personal Information Protection and Electronic Documents Act (Canada)

Full compliance with Canadian privacy law. Right to access, correction, and deletion honored. Privacy impact assessments conducted.

GDPR Ready

General Data Protection Regulation (European Union)

Data processing agreements in place. Lawful basis documented. Data Protection Officer engaged for EU operations.

PCI DSS Level 1

Payment Card Industry Data Security Standard

Highest security level for payment processing. Annual audits, quarterly vulnerability scans, and incident response plans in place.

SOC 2 Type II

System and Organization Controls (Security, Availability, Confidentiality)

Third-party audited annually. Demonstrates we meet industry security standards and operational controls.

Your Privacy Controls

You're in control. Manage your privacy with granular controls available in your account settings.

Privacy Preferences

Customize what data GeeGee collects. Disable location history, opt out of analytics, control communication preferences.

Data Access & Portability

Download all your personal data in machine-readable format. Understand exactly what we know about you.

Data Correction

Update your personal information anytime. Fix errors, change phone numbers, update payment methods.

Account Deletion

Delete your account and all associated data within 30 days. Ride history anonymized, personal data permanently removed.

Ride History Privacy

Automatically delete ride records after 12 months. Or manually delete specific rides anytime.

Location History

Turn off location tracking between rides. Location data never stored; only used during active trips.

Communication Privacy

Disable in-app messaging from unknown users. Block specific riders or drivers. Report harassment.

Privacy Notifications

Get alerts when your account is accessed, data is downloaded, or settings change. Stay in control.

Built-In Safety Features

Emergency SOS

One-tap emergency contact. Automatically shares your location with emergency services and your emergency contact.

Live Location Sharing

Share your ride details and location with family or friends in real-time. They can see your route and ETA.

Driver Profile Verification

See driver name, photo, vehicle details, and ratings before you ride. Full background check completed.

Ride Recording Consent

Audio recording in (opt-in). Both riders and drivers notified. Protects against false claims and harassment.

Vulnerability Protocols

Extra safety for seniors, people with disabilities, and vulnerable groups. Secured hand-offs, trusted account holders.

Verified ID Requirement

Government-issued ID mandatory for all riders and drivers. AI-powered liveness detection prevents fake IDs.

Our Commitment to You

We publish annual transparency reports showing government data requests, security incidents handled, and improvements made. We're accountable to you, not just regulators. Your privacy isn't negotiable.

Contact Security Team

Privacy & Security FAQ

Does GeeGee sell my data?

Absolutely not. We never sell personal data to third parties. Period. We share anonymized, aggregated data for public research and government planning?but this contains zero personal information.

How long do you keep my data?

We minimize retention: location data is deleted immediately after a ride, ride history after 12 months, payment records per PCI requirements (6 years for chargebacks), and support tickets after 2 years. You can delete anytime with one click.

Is my location always being tracked?

No. We only use GPS during an active ride. Location data is never stored permanently?it's immediately deleted after the ride ends. You have full control via privacy settings.

What happens if GeeGee gets hacked?

We employ defense-in-depth: encryption, intrusion detection, regular penetration testing, incident response plans, and cyber insurance. In the unlikely event of a breach, affected users are notified within 48 hours and we provide credit monitoring.

How do you prevent fraud?

We use AI-powered detection for GPS spoofing, device fingerprinting, behavioral biometrics, payment velocity checks, and network analysis. Most fraud attempts are caught and blocked in real-time before you're impacted.

Can I request my data?

Yes! Under PIPEDA and GDPR, you have the right to access all your data. Use the "Download My Data" button in settings to get your information in machine-readable format within 30 days.

How do you use my data for safety?

Your data (location, payment history, communication patterns) helps us detect fraud, verify identities, and predict safety risks. We use this to protect you?not track you for marketing.

Is my payment information secure?

Yes. We use PCI DSS Level 1 compliance (highest standard), tokenized storage, and never see your full card details. Payment processing is handled by trusted third-party processors with encryption and fraud detection.

What if I want to delete my account?

You can delete anytime from your settings. Your account closes immediately, personal data is deleted within 30 days, and ride history is anonymized. Your data is truly gone.

Who has access to my information?

Only necessary team members (support for disputes, fraud detection team, founders). Access is logged, audited, and restricted by role. We never grant access to marketing or sales teams.