Privacy Policy
Terms & Conditions
Cancellation Policy

Privacy Policy

Rainbow Road Transport, LLC (“Company,” “we,” “us,” or “our”) is a non-emergency medical transportation (NEMT) provider serving the Chicagoland area. We provide wheelchair, stretcher, and ambulatory transportation services with PASS-certified drivers, operating 24/7 with a commitment to patient safety and privacy.

We are committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our transportation services, contact us by phone, visit our website (rainbowroadllc.com), or interact with us in any other manner.

By using our services or accessing our website, you consent to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please do not use our services or access our website.

2.1 Personal Information

We collect personal information that you voluntarily provide to us when requesting our services, including: full name, date of birth, home address, pickup and drop-off locations, phone number(s), email address, emergency contact information, and billing/payment information.

2.2 Protected Health Information (PHI)

Rainbow Road Transport may request, receive, and document personal and medical information (collectively referred to as Protected Health Information — “PHI”) to coordinate and provide transportation services. As defined under the Health Insurance Portability and Accountability Act (HIPAA), PHI may include: name and date of birth; pickup and drop-off locations; medical appointment details (facility name, address, date, time); mobility status and equipment needs (wheelchair, stretcher, ambulatory); special medical requirements (oxygen tank, continuous feeding tube, etc.); relevant medical or physical conditions that impact transport safety; healthcare provider referral information; and insurance information when applicable.

2.3 Payment Information

When you make payments for our services, we collect payment card information including card number, expiration date, CVV, and billing address. Important: We do not store your complete credit card information on our servers. All payment processing is handled securely through Stripe, Inc., our PCI-DSS Level 1 compliant payment processor. Stripe tokenizes your payment information, meaning your actual card details are never stored in our systems. See Section 6 for complete details on payment security.

2.4 Phone Call Information

When you contact us by phone, we use Talkdesk, a HIPAA-compliant cloud contact center platform, to handle your calls. Call recordings and transcripts may be created for quality assurance and training purposes. See Section 7 for complete details on how your phone communications are protected.

2.5 Automatically Collected Information

When you visit our website, we may automatically collect certain information including: IP address, browser type and version, device type, operating system, referring URLs, pages visited and time spent, and cookies and similar tracking technologies.

Rainbow Road Transport uses your information for the following purposes:

Service Coordination: To schedule, manage, and complete transportation safely and efficiently.

Communication with Authorized Parties: We may communicate with healthcare facilities, case managers, family, or caregivers only with your authorization.

Safety & Quality Assurance: To ensure appropriate equipment and securement processes are followed for your safety.

Billing and Payment Processing: PHI may be used to process billing with you, a facility, or authorized payor.

Compliance: To comply with legal obligations, including HIPAA requirements.

Customer Support: To respond to your inquiries and provide assistance.

Service Improvement: To improve our website, services, and user experience.

4.1 Our HIPAA Commitment

As a non-emergency medical transportation provider, Rainbow Road Transport is committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable federal and state privacy laws. We treat all Protected Health Information (PHI) with the utmost care and confidentiality.

4.2 How Your Information Is Protected

Rainbow Road Transport maintains administrative, physical, and technical safeguards to protect your privacy. Access to PHI is limited to authorized personnel involved in scheduling, dispatching, billing, or quality monitoring. We do not sell, share, or use PHI for marketing or any other non-transportation purpose.

Our safeguards include: employee training on HIPAA requirements and patient privacy; secure electronic systems with access controls and encryption; physical security measures for paper records; Business Associate Agreements (BAAs) with third parties who access PHI; regular security assessments and audits; and incident response procedures for potential breaches.

4.3 Use and Disclosure of PHI

We only use and disclose PHI as permitted or required by HIPAA and applicable law. This includes: use for treatment, payment, and healthcare operations (TPO); disclosures required by law; disclosures with your written authorization; and disclosures to healthcare providers involved in your care. We will not sell your PHI or use it for marketing purposes without your explicit written authorization.

4.4 Your HIPAA Rights

Under HIPAA, you have the right to: request access to your information; request correction of inaccurate information; request restrictions on who we may share your information with; request confidential communications; receive an accounting of disclosures of your PHI; and revoke authorization at any time (revocation does not apply to actions already taken before the request).

4.5 Authorization for Release of Information

By booking transportation with Rainbow Road Transport, the client or legal representative acknowledges and authorizes that: “I understand that Rainbow Road Transport may use or disclose my Protected Health Information for the purpose of scheduling, coordinating, and providing safe transportation. I authorize the use of this information strictly for transportation-related services.”

5.1 Stripe Payment Processing

We use Stripe, Inc. as our online payment processor. Stripe is a certified PCI Level 1 Service Provider, the most stringent level of certification available in the payments industry. When you provide payment information online, it is transmitted directly to Stripe using secure, encrypted connections (TLS/SSL).

5.2 How Your Card Data is Protected Online

Tokenization: Your actual credit card number is never stored on our servers. Instead, Stripe creates a secure “token” that represents your card, which we use for processing transactions. This means even if our systems were compromised, your actual card details would remain secure.

Encryption: All payment data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256 encryption.

PCI-DSS Compliance: Our payment integration follows Payment Card Industry Data Security Standards (PCI-DSS), ensuring your financial information is handled according to the highest security standards.

5.3 Saved Payment Methods

If you choose to save a payment method for future use, only a tokenized reference and the last four digits of your card are retained. The actual card number, CVV, and full expiration date are never stored in our systems. Saved payment methods can be deleted at any time by contacting us.

6.1 Payment Options

Rainbow Road Transport offers two convenient payment methods for your security and convenience:

Phone Payments: You may provide your credit card information to one of our trained agents over the phone. Our agents enter your payment details directly into our secure, PCI-DSS compliant payment system powered by Stripe. Your card information is immediately tokenized and is never stored in plain text on our systems.

Secure Payment Link: If you prefer not to provide your card information verbally, we can send you a secure payment link via text message or email. This link directs you to a secure Stripe checkout page where you can enter your payment details directly. This method ensures your card information is transmitted directly to Stripe without passing through our staff or systems.

6.2 How Phone Payments Are Protected

Trained Staff: Our agents are trained in proper handling of sensitive payment information and follow strict protocols to protect your data.

Immediate Tokenization: When an agent enters your card information, it is immediately processed through Stripe and converted into a secure token. Your actual card number is never stored on our servers.

Stripe Security: All payment processing is handled by Stripe, a PCI-DSS Level 1 certified payment processor. Stripe uses industry-leading encryption and security measures to protect your financial information.

6.3 Secure Payment Link Option

For customers who prefer additional privacy, our secure payment link option provides an extra layer of protection:

Direct Entry: You enter your card details directly on Stripe’s secure checkout page—your card number is never spoken aloud or handled by our staff.

Encrypted Transmission: All data entered through the secure link is encrypted using TLS 1.2 or higher and transmitted directly to Stripe’s secure servers.

Saved Cards: You may choose to save your payment method for future transactions. Only a secure token and the last four digits of your card will be stored for your convenience.

7.1 Talkdesk Contact Center Platform

Rainbow Road Transport uses Talkdesk as our cloud contact center platform for handling phone communications. Talkdesk maintains over 30 security certifications, including SOC 2 and SOC 3, ISO 27001, PCI DSS Level 1, HIPAA, GDPR, and ISO 22301 Business Continuity certification.

7.2 Call Recording and Transcription

Phone calls may be recorded and transcribed for quality assurance, training, and service improvement purposes. All call recordings are stored securely with encryption and access controls.

7.3 PHI and PII Redaction

To protect your privacy, our phone system includes automatic redaction features that help prevent Personal Identifiable Information (PII) and sensitive data from being displayed in call transcripts. This reduces compliance risks while preserving the context needed for quality service.

7.4 HIPAA-Compliant Call Handling

Our contact center platform is specifically designed for healthcare use cases and ensures encrypted, HIPAA-compliant handling of electronic Protected Health Information (ePHI). Access to call recordings and transcripts is limited to authorized personnel with appropriate training.

Our website uses cookies and similar tracking technologies to enhance your experience. Cookies are small text files stored on your device that help us: remember your preferences and settings; understand how you use our website; analyze website traffic and performance; and provide relevant content.

Types of Cookies We Use: Essential cookies (required for website functionality), analytics cookies (to understand usage patterns), and preference cookies (to remember your choices).

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality. By continuing to use our website, you consent to the use of cookies as described in this policy.

We do not sell, rent, or trade your personal information. We may share your information in the following circumstances:

Affiliate Transportation Providers: Rainbow Road Transport works with a network of affiliate transportation providers to ensure we can fulfill your reservation needs. When necessary to complete your transportation request, we may share relevant information (including name, pickup/drop-off locations, appointment times, mobility requirements, and medical equipment needs) with an affiliate provider who will complete the trip on our behalf. All affiliate providers are required to maintain appropriate confidentiality and comply with applicable privacy and HIPAA requirements.

Service Providers: We share information with trusted third parties who assist us in operating our business, including: Stripe (payment processing), Talkdesk (phone communications), HERE Technologies and Google Maps (routing and navigation), and IT service providers. These parties are contractually obligated to protect your information and maintain appropriate Business Associate Agreements where required by HIPAA.

Healthcare Providers: We may share relevant information with healthcare facilities and providers as necessary to coordinate your transportation and care, only with your authorization.

Legal Requirements: We may disclose information when required by law, court order, or governmental authority, or when necessary to protect our rights, safety, or property.

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We implement reasonable administrative, technical, and physical security measures to protect your personal information from unauthorized access, use, alteration, or destruction. These measures include: encrypted data transmission (SSL/TLS); secure server infrastructure; access controls and authentication; regular security monitoring and updates; employee training on data protection; and secure disposal of records.

Our key technology partners maintain rigorous security certifications: Stripe (PCI DSS Level 1), Talkdesk (SOC 2, SOC 3, ISO 27001, PCI DSS Level 1, HIPAA, GDPR, ISO 22301).

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections.

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Specifically: transportation records are retained for a minimum of six (6) years as required by applicable healthcare regulations; billing and payment records are retained for seven (7) years for tax and accounting purposes; call recordings are retained according to our quality assurance policies and applicable regulations; and marketing preferences are retained until you withdraw consent or request deletion.

Upon expiration of the retention period, we securely delete or anonymize your information.

Depending on your location, you may have certain rights regarding your personal information:

Access: Request a copy of the personal information we hold about you.

Correction: Request that we correct inaccurate or incomplete information.

Deletion: Request that we delete your personal information, subject to certain exceptions and legal retention requirements.

Restriction: Request restrictions on who we may share your information with.

Opt-Out: Unsubscribe from marketing communications at any time.

Revocation: Revoke authorization at any time (revocation does not apply to actions already taken before the request).

To exercise these rights, please contact us using the information provided below. We will respond to your request within the timeframe required by applicable law.

If you are an Illinois resident, you may have additional rights under Illinois law, including the Biometric Information Privacy Act (BIPA) and other applicable state privacy laws. We do not collect biometric information such as fingerprints or facial recognition data. If you have questions about your rights under Illinois law, please contact us.

Our services may be used to transport minors; however, we do not knowingly collect personal information directly from children under 13 without parental consent. When transporting minors, we collect information from the parent, guardian, or authorized adult. If you believe we have inadvertently collected information from a child under 13, please contact us immediately.

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will: update the “Effective Date” at the top of this policy; post the revised policy on our website; and, where appropriate, notify you by email or through our services.

Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Rainbow Road Transport, LLC

1530 S Monterey Ave

Schaumburg, IL 60193

Office: (847) 585-8888

Fax: (847) 929-9993

General Inquiries: info@rainbowroadllc.com

Privacy Inquiries: privacy@rainbowroadllc.com

Website: www.rainbowroadllc.com

For HIPAA-related inquiries or to exercise your HIPAA rights, please contact our Privacy Officer at privacy@rainbowroadllc.com or send written correspondence to the address above with the subject line “HIPAA Privacy Request.”

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

As a non-emergency medical transportation provider, Rainbow Road Transport, LLC is required by law to maintain the privacy of your Protected Health Information (PHI) and to provide you with this Notice of our legal duties and privacy practices with respect to your PHI.

We are required to abide by the terms of this Notice currently in effect. We reserve the right to change the terms of this Notice and to make new provisions effective for all PHI we maintain. A revised Notice will be available upon request and on our website.

Complaints: If you believe your privacy rights have been violated, you may file a complaint with us at privacy@rainbowroadllc.com or with the Secretary of the Department of Health and Human Services. You will not be retaliated against for filing a complaint.

Terms & Conditions
  • A valid credit card must be put on file at the time of reservation. A pre-authorization charge must be made at the time of booking to a valid credit card. A reservation is never confirmed unless the credit card is on file with a valid pre-authorization charge.
  • By making a reservation, the Client agrees to have their credit card on file.
  • Uncollected balances must be paid to the driver before the beginning of the service.
  • All remaining balances must be paid on the day of service.
  • The Client accepts full responsibility for vehicle damage or special cleaning and any loss of income due to negligence or carelessness caused by any member of the Client’s group, and the Client AGREES TO BE FULLY LIABLE FOR ALL CHARGES THAT MAY OCCUR:
  • $150.00 minimum for extensive cleanup (spills, Etc.);
  • $175.00 shampoo and disinfecting (due to sickness on the interior);
  • $300.00 minimum for each act of vandalism;
  • $50.00 minimum for COVID-positive clients;
  • Additional charges will be applied to the credit card on file to cover any damages that occur. If the credit card on file cannot be charged for any reason, the Client agrees to pay for damages within seven (7) days from the event date.
  • The Client agrees to pay for any collection expenses, attorney fees, and costs associated with Rainbow Road Transport collection efforts.
  • No alcoholic beverages can be consumed.
  • No illegal substances of any kind will be allowed inside the van.
  • No eating is allowed in the passenger compartment.
  • Violators will be charged vandalism fees when caught.
  • RESCHEDULING/CANCELLATIONS:
  • RESCHEDULING/CANCELLATIONS:
  • The Client needs to cancel or reschedule within 48 hours prior to the pick-up time; otherwise, a full charge occurs.
  • Rainbow Road Transport cannot guarantee the availability of overtime and the availability of vans rescheduling the original reservation.
  • Rainbow Road Transport reserves the right to terminate this contract in the event of a violation of any of these special rules & conditions by any passenger. In the event of such early termination, no portion of the contract prices shall be refunded.
  • EXPECTATIONS OF DRIVER:
  • Our drivers will do everything possible to ensure our clients have safe transport. We ask that you treat our drivers with the same respect you expect to be treated.
  • HOLIDAYS:
  • Reservations during the holidays (New year’s Day, Easter Sunday, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, and Christmas Day) will be billed 1.5 times.
  • Rainbow Road Transport understands that your needs may change as the service is being provided and will make every effort to accommodate the Client (s); however, the Client (s) understands that other clients may be scheduled, and no guarantees can be made to accommodate changes as requested. Rainbow Road Transport cannot guarantee the availability of overtime.
  • The Client agrees to pay for any changes in service as follows:
  • Overtime or transfers are charged to the clients(s) in 30 minutes increments (for hourly service) at the published rate.
  • Extra stops are charged $25.00-$50.00 for each (applies only for Pick Up-Drop Off Service). Extra stops cannot be longer than 15 minutes, otherwise, hourly or waiting time service rate will be applied.
  • Waiting time: 15min. for free, then $3.00 for each minute (weekday rates only, please refer to Rates and Fees).
  • Rainbow Road Transport is not responsible for delayed travel time due to unforeseen weather, traffic, road conditions (i.e., unsafe road conditions in winter, not salted, accidents, Etc.), or delays beyond our control.
  • Wait times (after the appointment) may be up to 90 minutes during peak times. Rainbow Road Transport will do its best to pick up the Client as early as possible.
  • Rainbow Road Transport is not liable in the event of a mechanical breakdown of the van(s) during service and will only be responsible for making up lost time or service at a mutually agreed date.
  • Rainbow Road Transport reserves the right to send a different model but equal or greater value and capacity van in the event of mechanical difficulties or scheduling conflicts.
  • If the Client (s) fails to show up at the designated pick-up location and has not called the number provided by Rainbow Road Transport, the full amount of the agreement will be charged, with no exceptions.
  • Vehicles cannot be loaded beyond their seating capacity.
  • If the Client has cognitive issues, an escort must be provided during transport; otherwise, a request for a sitter may be made, and fees will apply.
  • Any extra passenger assisting the Client is free of charge.
  • If the Client requires medical equipment necessary for travel, Rainbow Road Transport must be notified at the time of reservation. (oxygen tank, continuous feeding tube, Etc.).
  • There is absolutely no smoking allowed in the passenger compartment.
  • Violators will be charged vandalism fees when caught.
Cancellation Policy

Roundtrip Reservation:

  • No cancellation fee if the trip is cancelled more than 24 hours prior to the scheduled pickup time.
  • A $50 cancellation fee will apply if the trip is cancelled less than 24 hours but more than 4 hours prior to the scheduled pickup time.
  • A 50% cancellation fee will apply if the trip is cancelled less than 4 hours but more than 1 hour prior to the scheduled pickup time.
  • The full amount will be charged if the trip is cancelled within 1 hour of the scheduled pickup time or in the event of a no-show.

One Way Reservation:

  • No cancellation fee if cancelled more than 24 hours prior to the scheduled pickup time.
  • The full amount will be charged if cancelled less than 24 hours prior to the scheduled pickup time or in the event of a no-show.