Dory← Back
Version 2026-05-28.v1Effective 2026-05-28

Privacy Policy

Effective date: May 28, 2026 | Version: 2026-05-28.v1

This Privacy Policy explains how Psili Labs LLC, doing business as Dory ("Dory," "we," "us," "our"), collects, uses, discloses, and protects personal information when you use the Dory website, web applications, and services at dory.delivery and its role subdomains (customer, driver, partner, admin) (the "Platform").

Psili Labs LLC is an Alaska single member limited liability company (EIN #10364669) operating the Dory local delivery platform in Kodiak, Alaska.

This Privacy Policy works alongside our Terms of Service. By using the Platform, you also agree to this Privacy Policy.

1. Who this policy covers

1.1 The Platform supports four user roles. The data we collect, use, and disclose differs by role:

  • Customers. People in Kodiak who place orders for delivery.
  • Drivers. Independent contractors who pick up and deliver orders.
  • Restaurant staff. Owners and authorized employees of partner restaurants.
  • Administrators. Dory personnel who manage the Platform.

1.2 This is one document, but you should read the sections relevant to your role. Section 3 describes what we collect per role. Section 5 describes what each role can see about other roles. This is especially important because of our commitment that restaurants never see customer personally identifiable information beyond a first name and delivery zone.

1.3 Dory operates in Kodiak, Alaska. The Platform is aimed at Alaska residents, but visitors and travelers may also use it.

2. Our privacy principles

2.1 Collect only what we need. We collect the minimum personal information required to operate the service safely and lawfully.

2.2 Be transparent about who sees your data. Section 5 and Section 6 list every category of recipient. There are no hidden data partners.

2.3 We do not sell personal information. Dory does not sell, rent, or trade your personal information to anyone. We do not share your personal information with advertisers, data brokers, or analytics resellers for cross context behavioral advertising. We also do not "share" your personal information for cross context behavioral advertising as that term is defined under California law.

2.4 No surprises across roles. A restaurant should never receive information about a customer that the customer does not know the restaurant receives. A driver should never retain access to customer data after a delivery is complete.

3. What we collect, by role

3.1 Customers

When you create a customer account and use the Platform, we collect:

  • Identifiers. Name, email address, phone number (used for one time passcode authentication), and customer account ID.
  • Delivery information. One or more delivery addresses you save, along with any access instructions (gate codes, "leave at door," etc.). Addresses are geocoded for delivery zone matching.
  • Order data. What you ordered, from which restaurant, when, at what price, any special instructions, and the receipt.
  • Payment data. Payment is processed by Stripe. Dory sees only the last four digits of your card and the card brand for display purposes. We do not store full card numbers, expiration dates, or CVCs.
  • Communications. Messages you exchange with support and any ratings or reviews you submit.
  • Device and usage data. IP address, browser type, operating system, screen size, the pages you visit on the Platform, the time of access, and crash diagnostics.
  • Marketing preferences. Whether you have opted in to a specific restaurant's marketing communications and the timestamp and source of that preference.

3.2 Drivers

When you apply to drive and throughout your time on the Platform, we collect:

  • Identifiers. Full legal name, email address, phone number, date of birth, and driver account ID.
  • Eligibility data. Driver's license photo, automobile insurance card, vehicle registration, and vehicle details (make, model, year, color, license plate number).
  • Background check data. Identity verification results obtained through Stripe Identity (government ID document and selfie verification) under your separate written authorization. Motor vehicle record review is conducted manually. Background check data is handled in accordance with the Fair Credit Reporting Act ("FCRA"). The full authorization and disclosure are governed by the separate Background Check Consent document.
  • Financial data. Bank account information for payouts is collected and stored by Stripe Connect, not by Dory. Dory receives confirmation of payout status. Tax forms (W 9 or equivalent) are collected for 1099 reporting.
  • GPS location data. Real time GPS coordinates while you have an accepted, active delivery. Location data is used to dispatch offers, calculate routes, and show customers and restaurants where their order is. We do not passively track your location. GPS collection begins when you accept a delivery and ends when that delivery is marked complete.
  • Delivery proof photos. Photos you take to confirm delivery completion, stored for dispute resolution.
  • Performance data. Deliveries completed, average pickup and drop off times, acceptance and cancellation rates, customer ratings, and incident reports.
  • Compliance acknowledgments. Records of your agreement to platform policies, safety guidelines, and regulatory requirements.
  • Communications. Messages with support and any in app communications with customers or restaurant staff during active deliveries.

3.3 Restaurant staff

When a restaurant joins Dory, we collect from the restaurant and from authorized staff:

  • Business identifiers. Restaurant legal name, doing business as name, address, business phone, business email, and owner identification for regulatory compliance.
  • Operational data. Menu items, prices, photos, descriptions, hours, cuisine tags, prep time estimates, and POS connection tokens (Square, Clover, or other point of sale systems).
  • Financial data. Restaurant bank account information for payouts is collected and stored by Stripe Connect, not by Dory. Dory receives confirmation of payout status.
  • Performance data. Completed orders, cancellations, refunds issued, ratings, and revenue analytics.
  • Staff identifiers. Name, email address, and phone number for each authorized staff member, along with their role (owner, manager, staff) and account activity logs.

3.4 Administrators

Administrative users (Dory personnel) have accounts authenticated by email. We collect their name, email address, authentication credentials, role, and audit logs of all administrative actions taken on the Platform.

4. How we use information

We use personal information to:

4.1 Provide the service. Authenticate you, take and confirm orders, dispatch deliveries, route drivers, display live tracking, calculate prices, process payments, issue payouts, and send order and account notifications.

4.2 Communicate with you. Send transactional emails and text messages (order confirmations, receipts, status updates, account alerts). Restaurant marketing communications are sent only to customers who opt in at checkout. You can manage your preferences and unsubscribe at any time.

4.3 Operate payments. Pass relevant data to Stripe to charge customers and to pay out drivers and restaurants.

4.4 Comply with law. File 1099 forms for drivers and restaurants where required, satisfy FCRA obligations for background checks, respond to subpoenas and court orders, and comply with tax and accounting rules.

4.5 Keep the Platform safe. Detect and prevent fraud, abuse, harassment, and policy violations. Investigate reported incidents and enforce the Terms of Service.

4.6 Improve the Platform. Diagnose errors (through Sentry), analyze aggregate usage patterns, evaluate restaurant performance, and refine dispatch and routing logic.

4.7 AI features. Some product features use the Anthropic Claude API for tasks such as room sizing in the Lighthouse Cleaning service. We send only the minimum content needed for the specific feature. We do not permit Anthropic to train its models on Dory user data.

4.8 Operational announcements. Notify all users of service area changes, planned outages, or material policy changes.

5. What each role sees about other roles

This section implements Dory's commitment that restaurants never see customer personally identifiable information beyond what is listed here.

5.1 What restaurants see about customers

For each order, restaurant staff see:

  • Customer's first name only (no surname).
  • Order contents and any item level instructions.
  • Delivery zone (general area, not exact address).
  • A delivery time estimate to plan prep.

Restaurants do not see: customer surname, email address, phone number, street address, device location, payment information, or order history across orders. Restaurant analytics dashboards display only aggregated, anonymized patterns (top items, peak hours, reorder rates), never individual customer identities.

5.2 What drivers see about customers

For each accepted delivery, drivers see:

  • Customer's first name.
  • Delivery address and any drop off instructions.
  • A masked or in app communication channel while the delivery is active, used only to confirm drop off. Access is revoked as soon as the delivery is marked complete.

Drivers do not see customer surname (unless the customer shares it via chat), email address, payment information, or any prior order history.

5.3 What drivers see about restaurants

Restaurant name, pickup address, contact phone for pickup coordination during the active delivery, and any restaurant pickup instructions. Drivers do not see restaurant banking information, commission rates, payout totals, or owner identifiers.

5.4 What restaurants see about drivers

Driver first name, vehicle make and color, and estimated arrival time for pickup. Restaurants do not see driver phone number, home address, license plate (other than what is visible on arrival), or earnings data.

5.5 What customers see about drivers

Driver first name, vehicle make and color, license plate (during active delivery, for arrival confirmation), live location during active delivery, and a masked or in app channel to communicate. Customers see the driver's profile photo if the driver chose to upload one.

5.6 What administrators see

Dory administrators can access all of the above plus additional records needed to operate the Platform (account level contact information, payment details, audit logs). All administrative access is logged.

6. Third party services we share data with

We share personal information with the following service providers, only to the extent each needs to perform its function. Each is contractually bound to protect the data:

  • Stripe, Inc. Payment processing for customers. Payout management for drivers and restaurants via Stripe Connect Express. Driver identity verification via Stripe Identity (government ID and selfie) under separate FCRA compliant authorization. Stripe is the system of record for full card numbers, bank account details, and identity verification documents.
  • Supabase, Inc. Database, authentication, and file storage host. Most Dory stored personal information is hosted with Supabase. Access is governed by row level security policies.
  • Vercel, Inc. Application hosting and analytics. Vercel sees request metadata (IP address, URL, headers, response code) for the duration of each request and as part of its infrastructure logs.
  • OpenPhone / Quo (business phone and SMS). Used for one time passcode delivery, driver dispatch notifications, order status updates, and POS notifications.
  • Resend. Transactional email delivery (order receipts, status updates, account notices, restaurant marketing for opted in customers).
  • Mapbox. Interactive maps, geocoding, and routing for customer order tracking and driver navigation. Mapbox sees aggregated map tile requests and, for live tracking, driver coordinates.
  • Anthropic, PBC. Claude API used for limited AI features. We send only the minimum content needed.
  • Sentry. Application error and performance monitoring. We strip personally identifying fields from error reports where reasonably possible.

We may also share information with our accountants, lawyers, and other professional advisers; with law enforcement or other government authorities where required by law or as necessary to protect Dory or its users; and with a successor entity in connection with a merger, acquisition, financing, or sale of substantially all of our assets.

7. Data retention

7.1 Active accounts. We retain account data for as long as your account is active.

7.2 Account deletion. When you request account deletion, we delete or anonymize your profile, addresses, and contact information within thirty (30) days of your request.

7.3 Order history. We retain order records for seven (7) years for tax and legal compliance purposes.

7.4 Delivery proof photos. Stored for ninety (90) days after the delivery date, then deleted.

7.5 Background check results. Retained for two (2) years after collection, or longer as required by law.

7.6 GPS and location data. Deleted thirty (30) days after the delivery is completed.

7.7 Compliance acknowledgments. Retained indefinitely as required by law.

7.8 Payments. Stripe retains payment data under its own retention policies (typically seven (7) years for tax compliance).

7.9 Support records. We retain support correspondence for two (2) years from the last message.

7.10 Backups. Periodic backups may contain personal information beyond these windows. Backups are rotated out within a reasonable retention period.

8. Cookies and similar technologies

8.1 We use first party session cookies and similar local storage technologies to:

  • Keep you signed in (Supabase auth session cookies, scoped to .dory.delivery so the same session works across all role subdomains).
  • Remember your preferences (display settings, last viewed restaurant).
  • Measure how the Platform performs and detect abuse.

8.2 We do not use third party tracking cookies. We do not place advertising pixels or use advertising cookies of any kind.

8.3 Your browser settings can block or delete cookies. Blocking cookies may prevent sign in and break the order flow.

9. Your choices and rights

9.1 Access, correction, and deletion. You may request a copy of the personal information we hold about you, ask us to correct it, or ask us to delete it. Email privacy@dory.delivery. Drivers and restaurants should note that records required for FCRA, tax, or accounting compliance may be retained as described in Section 7.

9.2 Marketing preferences. Customers may manage restaurant marketing subscriptions at /account/subscriptions or click "unsubscribe" in any marketing email. Transactional messages (order receipts, delivery status, account security alerts) are not marketing and cannot be turned off while you have an active account.

9.3 Data export. You may request a portable copy of your personal data by emailing privacy@dory.delivery.

9.4 Location. Drivers can stop location collection by going offline in the driver app. The Platform cannot dispatch you while location is off. Customers can decline location access in their browser. The Platform falls back to the saved delivery address.

9.5 California residents. If you are a California resident, you have the following rights under the California Consumer Privacy Act ("CCPA") as amended by the CPRA:

  • Right to know what personal information we collect, use, and disclose about you.
  • Right to access or receive a copy of your personal information.
  • Right to correct inaccurate personal information.
  • Right to delete your personal information (subject to the retention exceptions in Section 7).
  • Right to opt out of sale or sharing. We do not sell or share your personal information as those terms are defined under the CCPA.
  • Right to limit use of sensitive personal information. We use sensitive personal information (such as precise geolocation for drivers) only for the purposes listed in Section 4.
  • Right to be free from retaliation for exercising any of these rights.

To exercise these rights, email privacy@dory.delivery. We will verify your identity before responding. You may authorize an agent to act on your behalf.

9.6 Alaska residents. Alaska does not currently have a comprehensive consumer privacy statute, but you may exercise the same access, correction, and deletion rights described in Section 9.1.

10. Children

The Platform is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Users must be at least 18 years old to create an account on the Platform. If we learn we have collected information from a child under 13, we will delete it promptly.

11. Security

We use industry standard security controls including TLS encryption for all traffic to and from the Platform, encryption at rest for our database, hashed authentication tokens, row level security policies for tenant isolation, role based access controls, and audit logging of administrative actions. We do not store full card numbers or bank account details (Stripe does).

No system is completely secure. If you believe there has been a security incident affecting your account, email contact@dory.delivery immediately so we can investigate.

12. International transfers

The Platform is hosted in the United States. If you access it from outside the United States, your information will be transferred to and processed in the United States, which may have different data protection rules than your home country.

13. Governing law

This Privacy Policy is governed by the laws of the State of Alaska, without regard to conflict of law principles.

14. Changes to this policy

We may update this Privacy Policy from time to time. The effective date and version number at the top will reflect the latest version. If a change is material, we will notify registered users by email at least ten (10) days before it takes effect. Continued use of the Platform after the effective date constitutes acceptance.

15. Contact

Questions, requests, or complaints about this Privacy Policy or your personal information:

Privacy requests: privacy@dory.delivery General inquiries: contact@dory.delivery Phone: +1 (541) 532 3679 Mail: Psili Labs LLC, d/b/a Dory, Kodiak, Alaska 99615