Rhythm Innovations

Contact us
Request Demo
Request Demo
Contact Us

Rhythm Innovations Privacy Policy

Welcome to Rhythm Innovations (“Rhythm,” “we,” “our,” or “us”). Rhythm Innovations is committed to protecting the privacy, confidentiality, integrity, availability, resilience, and responsible use of information entrusted to us by customers, partners, workers, drivers, contractors, insurers, fleet operators, employees, and website visitors.

This Privacy Policy describes how Rhythm collects, uses, processes, stores, transfers, secures, governs, and shares information through our websites, APIs, applications, software platforms, telematics-enabled services, AI-powered operational intelligence systems, integrations, mobile applications, and related services (collectively, the “Services”).

Rhythm’s governance framework is designed to support enterprise-grade operational intelligence, workforce readiness, fleet safety, operational accountability, compliance, claims intelligence, operational resilience, and risk management while respecting privacy, transparency, lawful governance, human oversight, accountability, and the dignity of frontline workers and operational personnel.

Rhythm’s platform is designed to support governed operational intelligence, operational accountability, workflow orchestration, operational readiness, enterprise resilience, and enterprise risk governance across connected operational ecosystems.
1. Scope Of This Privacy Policy

This Privacy Policy applies to individuals and organizations interacting with Rhythm through our websites, applications, APIs, telematics systems, operational intelligence platforms, integrations, customer support channels, webinars, marketing activities, and related Services. This includes customers, prospective customers, authorized users, drivers, workers, contractors, operational supervisors, insurers, fleet operators, and website visitors.

This Privacy Policy does not apply to third-party websites, services, or platforms not operated by Rhythm. It also does not apply to customer-controlled environments where Rhythm acts solely as a processor or service provider pursuant to customer agreements and customer instructions.

Supplemental regional privacy notices, biometric notices, AI governance notices, cookie notices, or jurisdiction-specific disclosures may apply depending on applicable laws, operational activities, or geographic location.

2. Data Governance Roles: Controller vs. Processor

Depending on the context in which information is processed, Rhythm may act either as a Data Controller (or “Business” under applicable U.S. privacy laws) or as a Data Processor/Service Provider acting on behalf of a customer.

In many circumstances, Rhythm processes information solely on behalf of customers that determine the purposes and means of processing operational, workforce, fleet, telematics, safety, claims, compliance, or operational intelligence information. In such circumstances, the customer acts as the Data Controller or Business, while Rhythm acts as the Data Processor or Service Provider.

Customers are responsible for establishing lawful bases for processing information and for complying with applicable employment, labor, privacy, telematics, surveillance, biometric, workplace monitoring, operational governance, insurance, and regulatory laws.

Rhythm processes information pursuant to customer instructions, contractual obligations, and applicable legal requirements.

Except as otherwise described in customer agreements, customers retain ownership of customer data processed through the Services. Rhythm acquires no ownership rights in customer operational data, telematics data, claims data, workforce data, customer confidential information, or customer operational intelligence data.

Subject to contractual, operational, and legal requirements, customers may request export of customer-controlled operational data in commercially reasonable formats.

3. Lawful Basis for Processing

Where required by applicable law, Rhythm processes information based on one or more lawful bases including contractual necessity, legitimate business interests, legal obligations, consent where required, protection of vital interests, and public interest obligations where applicable.

Rhythm seeks to collect and process only the information reasonably necessary to provide, secure, improve, govern, support, and maintain the Services and associated operational intelligence capabilities.

4. Information We Collect

Rhythm may collect personal information including names, business contact information, email addresses, telephone numbers, mailing addresses, employer names, job titles, authentication credentials, account preferences, user identifiers, and billing or payment-related information.

Depending on customer configurations and enabled Services, Rhythm may also process operational intelligence and fleet-related information including VINs, vehicle identifiers, telematics data, GPS location information, dispatch and routing information, licensing and certification status, driver qualification information, maintenance and inspection records, operational readiness information, safety event information, workflow execution data, coaching and intervention records, claims information, incident records, mobile application interaction data, dashcam recordings, and contextual operational intelligence information.

Rhythm may automatically collect technical and device-related information including IP addresses, browser types, operating systems, timestamps, mobile device information, device identifiers, usage analytics, log information, session data, diagnostic information, and operational telemetry.

Rhythm may also collect communications and support information submitted through customer support interactions, webinars, surveys, events, feedback forms, sales inquiries, marketing activities, and communication tools.

Where legally permitted or authorized by customers, Rhythm may process certain categories of regulated or sensitive information including driver license information, medical certification status, compliance records, biometric identifiers, occupational readiness information, camera-related recordings, safety investigation information, and operational governance records. Such information is subject to enhanced confidentiality, governance, access management, and security safeguards.

5. How We Collect Information

Rhythm collects information directly from individuals and customers using the Services, as well as through connected devices, telematics systems, APIs and integrations, mobile applications, cookies and analytics technologies, authorized third-party providers, publicly available sources, and regulatory or compliance databases where legally permitted.

Rhythm may also collect information through customer-authorized integrations with fleet management systems, telematics providers, HR systems, learning management systems (LMS), maintenance systems, claims systems, insurance platforms, compliance systems, and other operational technologies connected to the Services.

6. How We Use Information

Rhythm uses information to provide, operate, secure, support, maintain, and improve the Services. This includes managing customer accounts, supporting platform functionality, conducting testing and quality assurance, delivering customer support, improving security and reliability, and enhancing user experience.

Rhythm may use information to support fleet safety, workforce readiness, compliance management, operational reporting, coaching activities, claims management, incident response, accident investigation, audit support, and related operational and risk management activities.

Operational, telematics, claims, and safety-related information may also be used to support claims investigations, litigation response, insurance-related activities, compliance verification, and operational reporting.

Rhythm may use information to support AI-enabled features and analytics, including recommendations, prioritization indicators, anomaly detection, workflow automation, predictive insights, and safety analytics. AI-generated outputs are intended to support human decision-making and operational oversight.

Rhythm uses information to communicate with customers and users regarding support requests, product updates, webinars, security notices, operational notifications, and marketing communications consistent with applicable law.

Rhythm may also use information to detect fraud, prevent unauthorized activity, enforce agreements and policies, protect systems and infrastructure, comply with legal obligations, and maintain the security and reliability of the Services.

7. Responsible AI Governance and Human Oversight

Rhythm is committed to responsible and accountable AI governance. Rhythm’s AI and operational intelligence systems are designed to support human-centered operational decision-making with appropriate oversight, review, escalation, accountability, and governance mechanisms.

Rhythm’s Responsible AI principles include human oversight and accountability, transparency and explainability, fairness and bias monitoring, governance and auditability, privacy-by-design, security-by-design, operational safety, workforce protection, data minimization, resilience, explainability, ethical operational intelligence, and responsible operational use.

Rhythm may use automated processing and operational intelligence models to generate recommendations, prioritization indicators, workflow triggers, operational insights, predictive analytics, operational readiness indicators, governance analytics, risk indicators, anomaly detection outputs, and safety intelligence.

Rhythm does not intend for automated outputs, scoring mechanisms, predictive indicators, or operational intelligence outputs to replace human judgment, operational governance, or management accountability.

AI-generated outputs should not be used as the sole basis for employment, disciplinary, underwriting, insurance, legal, regulatory, operational, or workforce-related decisions without appropriate human review and governance controls.

Rhythm may evaluate AI and operational intelligence models for performance, reliability, governance, explainability, operational appropriateness, fairness, resilience, and accountability as part of ongoing model risk management and operational governance activities.

Rhythm continuously evaluates evolving AI governance, cybersecurity, privacy, operational intelligence, insurance, and regulatory frameworks including emerging AI governance laws and operational technology standards.

8. AI Training Data and Model Governance

Rhythm does not use customer operational data, workforce data, telematics information, customer confidential information, claims information, or customer-controlled operational intelligence data to train generalized AI models except where expressly authorized by customer agreement, where information has been aggregated and de-identified, or where otherwise permitted by applicable law.

Rhythm maintains governance controls designed to reduce unauthorized AI model training, unintended data exposure, unauthorized access, inappropriate model usage, or unauthorized use of customer operational intelligence information within AI-enabled environments.

9. Workforce Monitoring, Ethical Operational Intelligence, and Operational Safety

Certain Rhythm Services may support operational monitoring capabilities including GPS tracking, workflow monitoring, driver monitoring, operational readiness assessments, mobile workforce interactions, safety event detection, video telematics, operational intelligence analytics, workflow orchestration, and operational governance activities.

Rhythm’s governance framework is designed to prioritize operational safety, prevention, workforce protection, operational readiness, accountability, governance integrity, and responsible operational execution.

Rhythm’s operational intelligence framework is intended to support prevention, resilience, operational accountability, workforce protection, and operational readiness—not invasive or inappropriate surveillance.

Customers control the configuration and deployment of these capabilities and remain responsible for determining the lawfulness of their use. Customers are responsible for providing legally required notices, obtaining required consents, and complying with applicable employment, labor, telematics, surveillance, biometric, union, workplace privacy, insurance, and operational governance laws.

Where biometric, facial analysis, AI-enabled monitoring, or video analytics capabilities are enabled, customers remain responsible for lawful deployment and required notices or consents.

Rhythm is committed to supporting technologies that enhance worker safety, operational readiness, operational accountability, workforce protection, and human dignity.

10. Cookies and Tracking Technologies

Rhythm uses cookies, pixels, analytics technologies, local storage, and similar mechanisms to maintain sessions, improve website functionality, analyze Service usage, support operational analytics, support security functions, personalize user experiences, measure marketing effectiveness, and support operational governance and platform resilience.

Rhythm’s Services are enterprise operational platforms and are not designed as consumer advertising or consumer behavioral monetization ecosystems.

Users may control cookie preferences through browser settings or applicable consent management tools. Certain functionality may be impacted if cookies are disabled.

11. How We Share Information

Rhythm may share information with trusted service providers, subprocessors, cloud hosting providers, infrastructure providers, communications providers, analytics vendors, payment processors, operational infrastructure providers, customer support providers, cybersecurity providers, and operational resilience partners that support the delivery, governance, maintenance, security, and resilience of the Services.

Rhythm may also share information with customer-authorized integrations and APIs including telematics providers, HR systems, LMS systems, maintenance systems, claims systems, insurance platforms, operational systems, workflow orchestration systems, compliance systems, and fleet management platforms.

Rhythm maintains API and integration governance controls designed to support secure authentication, authorized access, integration accountability, secure connectivity, customer-controlled permissions, and lawful operational data sharing.

Rhythm may disclose information where necessary to comply with applicable law, legal process, lawful governmental requests, regulatory obligations, operational governance obligations, or to protect rights, safety, workers, customers, users, systems, infrastructure, or the integrity of the Services.

Rhythm reviews governmental and legal requests to help ensure validity, scope, and legal appropriateness prior to disclosure where legally permitted.

In connection with mergers, acquisitions, financing transactions, restructuring activities, or asset sales, information may be transferred as part of the applicable business transaction subject to appropriate confidentiality and legal safeguards.

Rhythm may also use aggregated, anonymized, or de-identified information for benchmarking, analytics, operational intelligence research, governance analysis, operational resilience analysis, product improvement, industry insights, and platform optimization activities. Such information is not intended to identify individuals.

12. Confidentiality and Customer Information Protection

Rhythm recognizes the confidential and operationally sensitive nature of customer information including workforce data, operational intelligence, fleet data, claims information, governance workflows, incident records, operational readiness information, safety records, and customer proprietary information.

Rhythm maintains confidentiality safeguards designed to limit unauthorized disclosure, access, or misuse of customer confidential information and applies role-based access controls and least-privilege principles designed to restrict access to authorized personnel with legitimate business needs.

Rhythm also maintains operational logging, observability, traceability, governance telemetry, and operational accountability controls designed to support resilience, auditability, security, governance integrity, and operational reliability.

13. Acceptable Use and Responsible Operational Use

Customers may not use the Services in a manner that violates applicable law, infringes individual rights, supports unlawful surveillance, enables discrimination, facilitates harassment, improperly uses biometric technologies, supports unlawful automated decision-making, or otherwise violates lawful operational governance requirements.

Customers remain responsible for ensuring that deployment and use of the Services comply with applicable operational, employment, privacy, insurance, and regulatory requirements.

14. No Sale of Personal Information

Rhythm does not sell personal information as defined under applicable privacy laws. Rhythm also does not share personal information for cross-context behavioral advertising purposes.

15. Data Retention

Rhythm retains information only for as long as reasonably necessary to provide the Services, comply with legal obligations, maintain operational resilience, support operational governance, satisfy contractual obligations, preserve operational accountability, resolve disputes, support claims defense activities, comply with litigation hold obligations, satisfy legal preservation requirements, support operational investigations, and comply with regulatory requirements.

Retention periods may vary depending on customer configurations, operational requirements, legal requirements, insurance obligations, customer agreements, governance requirements, and the nature of the information involved. Certain retention periods may be configurable by customers based on operational, litigation, insurance, regulatory, governance, or compliance requirements.

Certain categories of operational, telematics, compliance, incident, governance, litigation, audit, claims, and security-related information may be retained for extended periods where necessary to support operational accountability, legal defense, litigation holds, operational investigations, insurance activities, regulatory obligations, or operational governance requirements.

16. Security, Cybersecurity Governance, and Operational Resilience

Rhythm maintains administrative, technical, organizational, and physical safeguards designed to protect information against unauthorized access, disclosure, misuse, alteration, destruction, or loss.

Security measures may include encryption in transit and at rest, role-based access controls, multi-factor authentication, operational monitoring, vulnerability management, secure development practices, operational logging, network segmentation, incident response procedures, resilience testing, disaster recovery planning, business continuity planning, and operational resilience governance.

Rhythm applies layered security principles including defense-in-depth, least privilege, segmentation, monitoring, governance telemetry, and Zero Trust-oriented security controls.

Rhythm maintains controls designed to logically segregate customer environments and customer data within multi-tenant infrastructure environments.

Rhythm continuously evaluates alignment with industry-recognized cybersecurity frameworks and security best practices including principles associated with SOC 2, ISO 27001, NIST, CIS Controls, Zero Trust architectures, operational resilience frameworks, and governance-oriented cybersecurity standards.

As an operational intelligence platform supporting mission-critical workflows, Rhythm is committed to maintaining platform resilience, operational continuity, operational governance integrity, service reliability, operational accountability, and enterprise-grade governance resilience.

While Rhythm strives to maintain strong security protections, no system can guarantee absolute security.

17. Security Incident Response

Rhythm maintains incident response and security procedures designed to identify, investigate, contain, mitigate, remediate, document, and respond to security incidents affecting the Services, systems, infrastructure, or integrations.

Where required by applicable law or contractual obligations, Rhythm may provide notice of qualifying security incidents in accordance with applicable legal and contractual requirements.

18. International Data Transfers

Rhythm may process and store information in the United States and other jurisdictions where Rhythm or its service providers operate.

Where required by applicable law, Rhythm implements safeguards for cross-border data transfers including contractual protections, Standard Contractual Clauses, recognized transfer mechanisms, organizational safeguards, and appropriate technical protections.

19. Your Privacy Rights

Depending on applicable law and jurisdiction, individuals may have rights relating to access, correction, deletion, portability, restriction, objection, withdrawal of consent, appeals, automated processing, profiling, and limitations on certain processing activities.

Individuals seeking to exercise applicable privacy rights may contact Rhythm at privacy@rhythminnovations.com. Rhythm may verify identity before processing requests and may require additional verification documentation for authorized agents acting on behalf of individuals.

20. U.S. State Privacy Rights

Residents of certain U.S. states may have additional rights under applicable privacy laws including rights relating to access, correction, deletion, opt-out rights, and limitations on sensitive information processing.

Rhythm will not discriminate against individuals for exercising applicable privacy rights.

21. GDPR, UK GDPR, and International Privacy Rights

For individuals located in the European Economic Area, United Kingdom, or Switzerland, Rhythm supports applicable rights under GDPR and related privacy laws.

Individuals may also lodge complaints with their local supervisory authority where permitted by law.

22. Children’s Privacy

The Services are not directed to children under the age of 16, and Rhythm does not knowingly collect personal information from children under 16. If Rhythm becomes aware that such information has been collected, Rhythm will take reasonable steps to delete it in accordance with applicable law.

23. Third-Party Websites and Services

The Services may contain links to third-party websites, integrations, or services not controlled by Rhythm. Rhythm is not responsible for the privacy practices, operational practices, security practices, or content of third-party services.

24. Privacy-by-Design and Security-by-Design

Rhythm incorporates privacy-by-design and security-by-design principles into the lifecycle of its products, Services, APIs, AI systems, integrations, operational intelligence platforms, governance architecture, and system design.

Privacy and security considerations are incorporated into product development, AI governance, operational governance, resilience planning, access management, workflow orchestration, integration design, data lifecycle management, system architecture, operational intelligence workflows, and governance controls.

25. Transparency, Governance Materials, and Trust Resources

Rhythm may publish additional governance materials, transparency disclosures, operational governance documentation, security documentation, AI governance principles, operational resilience materials, or Trust Center resources to support customer transparency, enterprise governance reviews, operational accountability, and regulatory readiness.

26. Changes to This Privacy Policy

Rhythm may update this Privacy Policy periodically to reflect legal, regulatory, operational, cybersecurity, AI governance, operational intelligence, governance, product, or business developments.

Updated versions will be posted on the website together with revised effective dates.

27. Contact Information

Rhythm Innovations

13450 West Sunrise Blvd, Suite 420
Sunrise, Florida 33323, USA

Email: privacy@rhythminnovations.com

Website: www.rhythminnovations.com

28. Enterprise Governance Commitment

Rhythm believes operational intelligence carries significant responsibility and is committed to ethical stewardship of operational, workforce, telematics, safety, claims, governance, and operational readiness information.

Rhythm is committed to advancing enterprise-grade privacy governance, operational intelligence governance, responsible AI, operational resilience, cybersecurity resilience, ethical technology practices, lawful risk management, workforce protection, operational accountability, governance integrity, and transparent operational governance.

Our objective is to help organizations improve safety, operational readiness, compliance, operational resilience, workforce protection, governance maturity, operational accountability, and enterprise risk intelligence while respecting privacy, transparency, lawful governance, accountability, and the dignity of frontline workers, contractors, drivers, operators, and employees.