Privacy Policy

Effective as of April 23, 2026

This policy describes what personal data Interline Technologies LLC ("Interline," "we," "us") collects, why we collect it, how we use it, and what rights you have over it. It applies to visitors to our websites and customers using our self-serve services at interline.io and transit.land. Enterprise customers operating under a separate written agreement should refer to that agreement for applicable data handling terms.

Section 1. What We Collect and Why

Account and registration data

When you create an account or place an order, we collect your name, email address, company name, and related contact details. We use this information to provide the service, communicate with you about your account, and process payments.

Billing data

Payment card and bank transfer details are processed directly by Stripe. Interline does not store payment card numbers. We retain billing records, including invoiced amounts and payer details, for accounting and legal compliance purposes.

API usage logs

When you make requests to Interline APIs, our systems record operational log data such as timestamps, endpoints, query parameters, and response codes, for reliability, debugging, and abuse prevention. Query parameters may include location coordinates depending on the API and request type; we do not know whether those coordinates represent personal locations of end users. Operational logs are retained for engineering and system monitoring purposes.

API metering records

To support usage-based billing, we maintain metering records for each API request. These records contain metadata about requests, such as the account identifier, endpoint called, timestamp, and request count, but do not contain full request payloads. Metering records are aggregated and reported to Stripe for billing purposes and may be retained indefinitely to support the verification of usage-based invoices.

Support communications

When you contact us for support, we collect the content of those communications, including your name and email address. These are stored in our support system and used to respond to your request and maintain a history of the relationship.

Section 2. Cookies

We aim to minimize cookie use and do not use tracking or advertising cookies.

• Authentication cookies. When you sign in to app.interline.io or transit.land, Auth0 (our identity and authentication provider) sets session cookies necessary to maintain your logged-in state. These are strictly necessary for the service to function and are removed when you sign out or your session expires.
• Payment cookies. Stripe may set cookies during the checkout process solely for payment security and fraud prevention.
• Support cookies. If you contact us through an embedded support form, Help Scout may set a short-lived session cookie.

No advertising or fingerprinting cookies are set by Interline or our service providers.

Section 3. Website and App Analytics

Our public websites measure aggregate traffic patterns using privacy-preserving analytics that do not place tracking cookies on your device or identify you individually.

Our web applications track usage using Interline's own analytics system. Data is linked to your authenticated account, stored within Interline's own infrastructure, and is not used for advertising, enrichment, or sharing with third parties.

We do not use Google Analytics or any third-party behavioral tracking.

Section 4. How We Share Your Data

We do not sell your personal data. We share it only with the service providers necessary to operate our business, and only to the extent needed for those services:

• Auth0 (Okta) — identity and authentication
• Stripe — payment processing and invoicing
• Harvest — invoicing and billing records
• Cloudflare — edge network, DDoS protection, and operational log storage
• Help Scout — customer support communications
• Microsoft Azure — primary cloud infrastructure for hosted services. We may use additional cloud providers for internal data processing pipelines; these are updated in this policy as they become relevant to customer personal data.

We may also disclose personal data when required by law, court order, or valid legal process.

Backup copies of data, including account and usage data, may be stored in additional secure locations as part of our disaster recovery practices. All such copies are subject to the same protections as primary data.

Each of our service providers is contractually required to handle your data only as directed by us and in accordance with applicable privacy law.

Section 5. Data Retention

We retain personal data for as long as necessary to provide the service, maintain our business relationship with you, and comply with our legal obligations. Operational API request logs are retained for engineering and system monitoring purposes. API metering records, which contain request metadata but not full payloads, may be retained indefinitely to support the verification of usage-based billing. Billing and invoice records are retained as required by applicable accounting and tax law. Support communications are retained for the duration of the customer relationship and for a reasonable period thereafter.

Section 6. Your Privacy Rights

You may have the following rights regarding your personal data, depending on where you are located:

• Right to know what personal information we collect, use, and share
• Right to access a copy of the personal data we hold about you
• Right to correct inaccurate personal information
• Right to delete your personal information, subject to certain exceptions
• Right to restrict or object to certain processing of your data
• Right to data portability
• Right to opt out of sale or sharing — Interline does not sell or share your personal information for cross-context behavioral advertising

To exercise any of these rights, contact us at privacy@interline.io. We will not discriminate against you for exercising your privacy rights.

Legal bases for processing (EEA, UK, and Switzerland). We process personal data on the following bases: contract performance (account and billing data); legitimate interests (API logs, support records, and operational analytics); and legal obligation (billing records retained as required by law).

Data transfers. Interline is based in the United States. Data may be transferred to and processed in the United States or other countries. Where required, we rely on appropriate transfer mechanisms such as Standard Contractual Clauses.

Data Processing Agreements. Enterprise customers requiring a DPA under GDPR Article 28 should contact privacy@interline.io.

Section 7. Account Deletion and Data Requests

To request deletion of your account and associated personal data, or to access or correct data we hold about you, email privacy@interline.io. We will respond within a reasonable timeframe. Note that we may retain certain records as required by law or for legitimate business purposes such as fraud prevention and billing verification.

Section 8. Children

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, contact us at privacy@interline.io and we will delete it promptly.

Section 9. Changes to This Policy

We may update this policy from time to time. If we make material changes, we will update the effective date at the top of this page and, where appropriate, notify active account holders by email. We encourage you to review this policy periodically.

If Interline is acquired by or merged with another company, your personal data may be transferred to the new owners as part of that transaction, subject to the same protections described in this policy.

Section 10. Contact

For privacy questions, data requests, or to reach our designated privacy contact:

Interline Technologies LLC
Alameda, California, USA
privacy@interline.io