Greenhorn Logo
LoginEnroll Now

Legal

Privacy Policy

Last updated: May 14, 2026

Greenhorn Driving Inc. (“Greenhorn,” “we,” “us,” or “our”) operates the marketing website at greenhorndriving.ca and the student/instructor web application at app.greenhorndriving.com. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights under Canadian privacy law, including the Personal Information Protection and Electronic Documents Act (PIPEDA).

By using our website or application, you consent to the practices described below. If you do not agree, please do not use our services.

1. Information We Collect

Information you provide directly

  • Account registration:full name, email address, phone number, date of birth, and Ontario driver’s licence number.
  • Parent enrollment:parent/guardian name, email, phone number, and the student’s details listed above.
  • Emergency contacts: name, phone number, and relationship to the student.
  • Payment information: credit/debit card details processed through Stripe. We do not store full card numbers on our servers.
  • Lesson-related data: pickup addresses, in-car evaluation sheets, skill ratings, badge achievements, and instructor notes.
  • Communications: messages sent through our in-app messaging system and support tickets.
  • Referral information: referral codes and associated payout details (email for digital gift card delivery).

Information collected automatically

  • Device and browser data: IP address, browser type, operating system, and screen resolution.
  • Usage data: pages visited, time spent, clicks, and navigation paths, collected via Google Analytics (GA4) and Google Tag Manager.
  • Cookies and local storage: session cookies for authentication (via Laravel Sanctum) and analytics cookies. See Section 7 for details.
  • Error and performance data: application errors and crash reports collected by Sentry for debugging purposes.

2. How We Use Your Information

We use the information we collect to:

  • Create and manage your student or instructor account.
  • Process payments and issue refunds through Stripe.
  • Schedule, confirm, and manage driving lessons.
  • Send transactional communications: booking confirmations, lesson reminders (via SMS through Twilio), payment receipts, and BDE completion certificates (via email through Resend).
  • Evaluate and track your driving progress through in-car evaluation sheets and the badge system.
  • Process referral rewards through Tremendous (digital gift cards).
  • Provide customer support and respond to inquiries.
  • Improve our website, application, and services through analytics and error monitoring.
  • Comply with Ministry of Transportation of Ontario (MTO) record-keeping requirements for our Beginner Driver Education (BDE) program.
  • Attribute marketing campaigns using UTM parameters and conversion tracking (production environment only).

3. Who We Share Your Information With

We do not sell your personal information. We share data only with the following categories of service providers, each of which is contractually obligated to protect your information:

  • Stripe: payment processing. Stripe handles card data under their own PCI-DSS compliant privacy policy.
  • Twilio: SMS delivery for account activation (OTP), lesson reminders, and notifications.
  • Resend: transactional email delivery (welcome emails, payment confirmations, BDE completion certificates).
  • Tremendous:referral reward fulfillment. We share only the recipient’s email and reward amount.
  • Google (Analytics/Tag Manager): anonymized usage data for website and marketing analytics. We do not send personally identifiable information to Google Analytics.
  • Sentry: error monitoring and crash reporting. May include technical device data and anonymized usage context.
  • Ministry of Transportation of Ontario: student records as required for BDE certification and compliance.

We may also disclose information where required by law, regulation, court order, or governmental request.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specifically:

  • Account data: retained while your account exists and for 12 months after deletion request, unless a longer period is required by law.
  • BDE records: retained for the period required by MTO regulations (currently 3 years after certificate issuance).
  • Payment records: retained as required by Canadian tax law (currently 7 years).
  • Analytics data: Google Analytics data is retained for 14 months (standard GA4 retention setting).

5. Data Security

We use industry-standard measures to protect your information, including:

  • HTTPS encryption for all data in transit.
  • Cookie-based authentication with CSRF protection (Laravel Sanctum).
  • Payment data handled exclusively by Stripe under PCI-DSS compliance.
  • Role-based access controls within our application (students can only access their own data; instructors can only access data for their assigned students).
  • Secure SMS-based one-time passwords (OTP) for parent-enrolled account activation.

While we take reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights Under PIPEDA

As a Canadian resident, you have the right to:

  • Access the personal information we hold about you.
  • Correct any inaccurate or incomplete information.
  • Withdraw consent for certain uses of your information (note: this may limit our ability to provide services).
  • Request deletion of your personal information, subject to legal retention requirements.
  • File a complaint with the Office of the Privacy Commissioner of Canada if you believe your rights have been violated.

To exercise any of these rights, contact us using the information in Section 9 below. We will respond within 30 days.

7. Cookies

Our website and application use the following types of cookies:

  • Essential cookies: session authentication and CSRF tokens required for the application to function. These cannot be disabled.
  • Analytics cookies: Google Analytics and Google Tag Manager cookies used to understand how visitors use our site. These are only active on production.

You can control cookie preferences through your browser settings. Disabling essential cookies will prevent you from logging in to the application.

8. Children’s Privacy

Our services are designed for individuals who are of legal age to hold an Ontario G1 licence (16 years or older). We do not knowingly collect personal information from children under 16. For students aged 16 or 17, a parent or guardian must complete the enrollment process and provide consent on their behalf through our parent enrollment flow.

9. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or have a complaint, contact us at:

Greenhorn Driving Inc.

Email: [email protected]

Phone: 289-205-9119

Mon–Sun, 9 am–6 pm EST

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Last updated” date at the top of this page. For significant changes, we will notify active users by email. Continued use of our services after changes constitutes acceptance of the updated policy.