Privacy Policy

Privacy Policy - Autocorp.ai

Last Updated: February 24, 2025

Autocorp.ai Inc., through itself or its affiliated entities (collectively, "Autocorp", "we", "our", "us"), is an automotive technology company providing software products and services, including without limitation AVA™ ID, AVA™ Credit, AVA™ Trade, and VeriDrive (collectively, the "Services") primarily for automotive dealerships and other business entities.

When web visitors, prospective customers, and authorized system users ("you", "your") use and interact with our websites (including without limitation www.autocorp.ai) (collectively, our "Sites"), communicate with us, visit our offices, attend our events, among the other activities further described within this Privacy Policy, we may collect, use, share and process information that relates to you, including identifying you ("Personal Data"). We are responsible for the processing of your Personal Data as described in this Privacy Policy. This Privacy Policy summarizes our Personal Data processing practices and your related rights.

1. Responsibility towards your Personal Data

Unless specified otherwise herein, we are responsible for processing of your Personal Data as described in this Privacy Policy, and act as a data controller in relation to the Personal Data we collect and process for our own business purposes, meaning that we determine how and why this data is processed. This applies to:

  • Information collected from prospective and actual business customers who engage with us ("Customers");
  • Visitors to our Sites;
  • Individuals who interact with us directly through our offices, events and communications;
  • Authorized users of our platforms and systems (e.g., employees of our Customers who have been granted access to our platform)

The Personal Data we collect, process, and share depends on how you interact with us, the services you use, and the choices you make.

This Privacy Policy does not apply to Personal Data we process in the role of a processor or service provider on behalf of a Customer. This includes but is not limited to situations where our Customers:

  • Use our platforms to create or integrate with their own websites and applications;
  • Sell or offer their own products and services;
  • Send electronic communications to others; or
  • Collect, use, share or process Personal Data through the Services.

For Personal Data collected by a Customer using our Services ("Customer Data"), the Customer is the data controller. We do not determine the purpose or means of processing this data - we process Personal Data solely based on the instructions of the Customer in accordance with our written agreements as their service provider. If you have questions or wish to exercise your legal rights regarding Customer Data, please contact the Customer that collected your information directly.

2. Processing activities covered

We collect information about you and/or your business from different sources and in various ways when you use our Services, including without limitation information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.

This Privacy Policy applies to the processing of Personal Data collected by us when:

  • You visit our Sites that displays or links to this Privacy Policy;
  • You visit our social media pages;
  • You visit our offices;
  • You receive communications from us or otherwise communicate with us, including but not limited to emails, phone and video calls, texts or faxes;
  • You use our products and Services where we act as a controller of your Personal Data, including but not limited to system access management, security monitoring, service usage analytics, and fraud prevention;
  • You register for, attend or take part in our events, webinars, or contests;
  • You work for a service provider, vendor, consultant, integration partner, or supplier (collectively, "Vendors"), to the extent that we act as a controller with respect to your Personal Data for business relationship management, contract administration or compliance purposes;
  • You are employed by a Customer of our products and Services where your information has been shared with us in our capacity as a controller (for example, during the contracting process);
  • You Participate in surveys, reviews, research or other similar data collection facilitated by us;
  • We provide marketing communications, promotions, or surveys related to our products and services, subject to your preferences and applicable legal requirements; or
  • We conduct our internal business operations, including maintaining and improving the Services, training our staff, auditing compliance with our policies, and legal or regulatory compliance purposes

3. Linked third party websites

The Sites and Services may contain links to third party websites, applications, platforms and services that are not owned or controlled by us. Additionally, our Services may integrate with third-party applications, connectors and extensions.

When you interact with a third party - whether by visiting a linked website, engaging with a Customer, or using a third-party platform - the privacy practices of that third party will apply. We are not responsible for the privacy policies, acceptable use policies, terms of service, or other practices of these third parties, including but not limited to platforms hosting our social media pages.

Where a solution, application, or integration is provided by us and explicitly links to this Privacy Policy, then this Privacy Policy governs the processing of Personal Data.

If a solution, application, or integration is provided by a third party, then the third party's privacy policy applies. This Privacy Policy only applies to the extent that we process your Personal Data as part of our role in delivering the integration.

We strongly recommend that you read the applicable privacy policies and terms of use of such third parties to understand how they collect, use, and share information.

In some circumstances, we may collect publicly available information, or third parties - such as Vendors, Customers, and other third parties ("Third Party Providers") - may share such information with us. This may include Personal Data that you have published online or made publicly available. However, we do not control how these Third Party Providers collect information in the first place. Their data collection practices are governed by their own privacy policies, which can be found on their respective websites. If you have concerns about how a third party has collected or shared your data, we encourage you to review their privacy policy and contact them directly.

4. Personal Data we collect

4.1 Personal Data we collect directly from you

The Personal Data we collect from you may include identifiers, professional or employment-related information, financial account information, commercial information, visual information, and internet activity information, among others. We may collect such information in the following scenarios:

Scenarios Categories of Personal Data
If you express an interest in obtaining additional information about our Services; use AVA Demo Request Page; use our "Contact Us" or similar features; email or interact with us using a chat functionality; sign up for an event, webinar or contest; participate in a survey; use our products and Services; download certain content; sign up for a newsletter or are employed by one of our Customers where your information has been shared with us Contact information, such as your full name, job title/position, company name, address, phone number, email address, other information you have voluntarily chosen to share
If you voluntarily submit certain information to us, such as filling out a survey, participating in reviews, questionnaires, or participating in other forms of research Contact information, such as your full name, job title/position, company name, photo, video or other biographical information, such as location, social media profiles or usernames, areas of expertise and interests or other information you have voluntarily chosen to share
If you make purchases for our Services via our Sites, or otherwise Contact information, financial and billing information, such as billing name and address, credit card number or bank account information
If you interact with our Sites or emails Information about your device and your usage of our Sites or emails (such as Internet Protocol (IP) addresses or other identifiers), which may qualify as Personal Data using cookies, web beacons, or similar technologies
If you use and interact with our products and Services Information about your device and your usage of our Services through log files and other technologies, some of which may qualify as Personal Data (including Usage Data (defined below))
If you communicate with us via a phone call, video conferencing, in office attendance Information such as your name, email, phone number, voice, image or video, time and date or communication and any other Personal Data you voluntarily share
If you are a Vendor to us (or work for a Vendor) Contact information, payment and billing information

4.2 Personal Data that may be shared by a Customer to us

When you submit Personal Data to our Customers, the Customer is responsible to provide you with the applicable notice of processing of Personal Data as it relates to their responsibilities and your rights under their privacy policy. We may collect and process Personal Data on behalf of the Customer, in our role as a processor of Customer Data. As the controller of the Customer Data, the Customer will determine the Personal Data it will collect and the privacy and security practices associated with the Personal Data that forms part of the Customer Data.

We may collect and process the information provided by our Customers as required to facilitate transactions as under our agreement with such Customers, including without limitation:

  • Identity verification
  • Test drive appointment scheduling
  • Softpull credit snapshots
  • Inventory matching
  • Provision of trade-in information

For the suite of Services offered by us to our Customers, the information that may be collected by the Customers who act as the controller of your Personal Data, are illustrated in the table below:

Categories of Personal Data Description
Contact information Name, email, phone number, address
Biographical Information Occupation, employment history, income, residence history, time at residence
Biometric Photo, video, voice recordings
Sensitive Information Date of birth, social insurance, drivers licence, location data
Other Vehicle information, Personal Data voluntarily shared

Note that the above list is for illustration purposes only. Please refer to the applicable Customer's privacy policy for details on the Personal Data collected by such Customer.

5. Personal Data of others

If you provide us or our Vendors with any Personal Data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary permissions, and acknowledge that it may be used in accordance with this Privacy Policy. If you believe that your Personal Data has been provided to us improperly, or you want to exercise your rights relating to your Personal Data, please contact us as provided below.

6. Personal Data we collect from other sources

We may also collect information about you from other sources including Third Party Providers from whom we collect or may purchase Personal Data or who provide us with publicly available information which may contain Personal Data. We may combine this information with Personal Data provided by you.

Advertising: The Personal Data we collect from other sources for the purposes of tailored advertising includes identifiers, professional or employment-related information, education information, commercial information, visual information, internet activity information, and inferences about preferences and behaviors. We, collect this from third party providers of business contact information, including without limitation addresses, job titles/positions, email addresses, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs and custom profiles for purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying contact information. This helps us update, expand, and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you.

7. Personal Data we collect through automatic means

7.1 Device and Usage Data

We may gather certain information as part of your use of our products and Services ("Usage Data"). This information may include:

  • Identifiers, such as user ID, organization ID, username, email address and user type;
  • Commercial information; and
  • Internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, language, browser type, Internet service provider or mobile carrier, user interactions such as the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system type and version, system configuration information, date and time stamps associated with your usage and details of which of our products and product versions you are using. This information is used for the purposes set out in detail in Section 8 of this Privacy Policy below.

In addition, we may use aggregated Usage Data for other internal business purposes, such as to identify additional customer opportunities and to ensure that we are meeting the demands of our Customers and their users. Please note that this Usage Data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the Services to our Customers.

7.2 Cookies, web beacons and other tracking technologies

We use technologies such as cookies, web beacons, pixels, tags, and JavaScript, alone or in conjunction with cookies, to gather information about the use of our Sites and how many people interact with it and emails and other tracking technologies on our Sites and in email communications. Cookies are small text files saved by your browser or mobile devices when visiting certain websites. These files allow websites to remember your preferences and details and can be provided by the website you are visiting or a third party. Many cookies have expiry dates upon which they will automatically be removed from your device; however some may be persistent depending on the reason for their creation.

As you navigate through and interact with our Sites, or interact with emails sent to you, we use automatic data collection technologies to collect certain information that may contain Personal Information about you, your equipment, browsing actions, and patterns, including without limitation:

  • Identifiers, such as user ID, organization ID, username, email address and user type;
  • Commercial information; and
  • Internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider, mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the Sites.

You may refuse to accept browser cookies by activating the appropriate setting on your browser. When you visit our Sites, we, or an authorized third party, may place a cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.

We use both session-based and persistent cookies on our Sites. Session-based cookies exist only during a single session and disappear from your device when you close your browser or turn off the device. Persistent cookies remain on your device after you close your browser or turn your device off.

You can control the use of cookies on your device, but choosing to disable cookies on your device may limit your ability to use some features on our Sites. There are different types of cookies, some are essential cookies that are vital to provide a safe and smooth experience on our Sites. These will usually be set in response to an action you take or required for fraud detection. This cookie type cannot be turned off on our system; however you can use your browser settings to prevent their use. This may have serious effects on your browsing experience and some pages or services may become unavailable to you. To learn how to control functional cookies via your individual browser settings, click here. To learn how to manage privacy and storage settings for Flash cookies, click here.

We do not control any third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. To learn more about targeted advertising and advertising networks, please visit the opt-out pages of the Network Advertising Initiative, here, and the Digital Advertising Alliance, here. In addition, if you wish to opt-out of interest-based advertising, you may obtain more information here.

While some internet browsers offer a "do not track" or "DNT" option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard adopted by industry groups, technology companies, or regulators. Therefore, we do not currently commit to responding to browsers' DNT signals with respect to our Sites.

8. Purpose for which we collect, process, use your Personal Data and the legal basis on which we rely

We collect and process your Personal Data (including, where legally permissible, sensitive, or special categories of Personal Data) for the following purposes and relying on the following legal basis:

Purpose Description Legal Basis
Providing our Sites (including our social media pages) To operate and administer our Sites and to provide you with the content you access and request Our legitimate interest in providing online content to our Customers regarding our Service offering and related information
Improving our Sites To analyze overall trends and help us improve the user experience on our Sites Our legitimate interest in providing a relevant and well-functioning website for the benefit of our Sites' visitors
Promoting the security of our Sites Tracking use of our Sites, investigating suspicious activity, fraud prevention, and cybersecurity protection Our legitimate interest in promoting the safety and security of our Sites and in protecting our rights and the rights of others
Fraud prevention and identity verification Detecting and preventing fraudulent transactions and unauthorized access Legitimate interest in protecting against fraud and security threats
Displaying personalized advertisements and content To conduct market research, advertise to you, provide personalized information about us on and off our Sites and to provide other personalized content based upon your activities and interests Our legitimate interest in advertising our products and services or, consent where required
Managing event registrations and attendance To plan and host events or webinars for which you have registered or that you attend, including sending related communications to you Performance of a contract or where we receive your explicit consent
Sending communications To send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS or push notifications, information about our products, news or events) about us, our affiliates, Third Party Providers Our legitimate interest in conducting direct marketing or consent where legally required
Recording phone calls, video calls For training, quality assurance, and administration purposes. If required under applicable law, we will give you the option to object to a call being recorded Our legitimate interest in maintaining the high quality of our phone calls and meetings with users or consent where applicable
Handling contact and user support requests To monitor, respond and manage requests for information and support Necessary for the performance of a contract or our legitimate interest in fulfilling your requests and communicating with you
Providing our Services Facilitating access to and usage of the Services for Customers and authorized users Necessary for the performance of a contract or our legitimate interest to provide and administer our Services
Managing our Customer and user accounts To manage Customer and user accounts generally, such as billing, Customer correspondence and Customer relationship management Necessary for the performance of a contract or our legitimate interest in the management of Customer and user accounts
Managing usage and licensing compliance To assess and manage usage and licensing compliance with the applicable terms of use of our Services Necessary for the performance of a contract or our legitimate interest in managing the provision of our Services to Customers
Regulatory Compliance Meeting financial, credit, and industry specific legal obligations Legal obligation or legitimate interest in compliance with applicable laws
Preparing internal reports and business modeling For internal reporting and business modeling purposes (e.g., forecasting, revenue, capacity planning, product strategy) Our legitimate interest in the management of our business operations
Maintaining our security For maintaining our own security, including investigating, detecting and preventing suspicious activity, fraud and cybercrime that may affect us or the Services Our legitimate interest in promoting our safety and security generally and to protect our rights and the rights of others
Undertaking financial reporting For the purposes of financial reporting Our legitimate interest in meeting our obligations associated with the reporting of our finances
Aggregating data Anonymizing and aggregating for business analytics Our legitimate interest in minimizing the amount of Personal Data processed as part of the noted processing activity
Managing, and participating in, webinars, product demos, contests, programs, training, or promotions To deliver the webinar, contest, programs, training, or promotions. Some webinars, contests, programs, trainings, and promotions have additional rules containing information about how we will process your Personal Data Consent, necessary for the performance of a contract or our legitimate interest in providing the webinar, contest, promotion, training, or promotion
Managing payments If you have provided financial information to us, we process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you Necessary for the performance of a contract
Administering surveys, obtaining reviews and conducting research To identify areas of strength, or areas of improvement, to provide testimonials and case study development Consent or explicit consent (if required under applicable law) or our legitimate interest in conducting the survey or research based on its stated goals
Complying with legal obligations To cooperate with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights Legal obligation or our legitimate interest in protecting against misuse or abuse of our Sites or Services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, responding to lawful requests, or for auditing purposes
Third-party data sources and sharing If we collect or receive Personal Data from Third Parties Providers (e.g., credit bureaus, Vendors), their privacy policies govern the initial collection Legitimate interest or contractual necessity
Data retention and minimization Personal Data is retained only as long as necessary for processing purposes or to meet legal obligations Legitimate interest in reducing unnecessary data processing

9. Who We share Personal Data with

We may share your Personal Data as follows:

  • Vendors: We may share your Personal Data with our Vendors, including without limitation those who provide services such as IT and system administration and hosting, credit card processing, research and analytics, marketing, events planning, customer support and data enrichment for the purposes and pursuant to the legal bases described above in Section 8 and who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. Our Vendors may also deliver artificial intelligence and generative artificial intelligence capabilities to analyze data, determine trends, make predictions and create AI-generated responses or other content for the purposes and pursuant to the legal bases described above in Section 8;
  • Third party accounts: If you connect your third-party accounts through our products and Services, we will use the provided information to authenticate your identity, identify available data sources, retrieve any requested data, and manage authentication details such as tokens, usernames, and passwords to maintain your connection securely and seamlessly;
  • Event sponsors: If you attend an event or webinar organized by us, or download or access an asset on our Sites, we may share your Personal Data with sponsors of the event. If required by applicable law, you may consent to such sharing via the registration form or by allowing your attendee badge to be scanned or noted at a sponsor booth. In these circumstances, your information will be subject to the sponsors' privacy policies. If you do not wish for your information to be shared, you may choose to not opt-in via event/webinar registration or elect to not have your badge scanned, or you can opt-out in accordance with Section 14 below;
  • Customers with whom you are affiliated: If you use our Services as an authorized user, we may share your Personal Data with your affiliated Customer and/or the applicable Third Party Provider responsible for your access to the Services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies;
  • Contest and promotion sponsors: With sponsors of contests or promotions for which you register in order to fulfill the contest or promotion;
  • Professional advisers: In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Data;
  • Third parties involved in a corporate transaction: If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party;
  • Public authorities: With public and government authorities, to the extent we are compelled to disclose Personal Data to comply with our legal obligations;
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Autocorp, our Customers or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
  • Anyone using our review boards, forums, blogs on our Sites may read any Personal Data or other information you choose to submit and post.

We may also share aggregated Usage Data with Vendors for the purpose of helping us in such analysis and improvements. Additionally, we may share Usage Data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our Services.

For more information on the recipients of your Personal Data, please contact us by using the information in Section 17 below.

10. Children's data

Our Sites and Services are not directed at children. We do not knowingly collect Personal Data from children under the age of 13. We do not knowingly collect Personal Data for children between 13-18 unless we have obtained consent from a parent or guardian or such collection is subject to a separate agreement with us or the visit by a child is unsolicited or incidental. If you believe we have mistakenly or unintentionally collected Personal Data of a minor without appropriate consent, please contact us by using the information in Section 17 below and we will take steps to delete their Personal Data from our systems.

11. How long do we keep your Personal Data

We may retain your Personal Data for a period of time consistent with the original purpose of collection (see Section 8 above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.

For more information on data retention periods, please contact us by using the information in the Section 17 below.

12. How we secure your Personal Data

We take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Data we process or use.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Sites or Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Sites like message boards. The information you share in public areas may be viewed by any user of the Sites.

While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our Sites and Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites or Services. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions.

13. Your rights relating to your Personal Data

You may have certain rights relating to your Personal Data, subject to local data protection and consumer protection laws. Depending on the applicable laws these rights may include the right to:

  • Access your Personal Data held by us;
  • Know more about how we process your Personal Data;
  • Rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete;
  • Erase or delete your Personal Data;
  • Restrict our processing of your Personal Data;
  • Transfer your Personal Data to another controller, to the extent possible;
  • Object to any processing of your Personal Data;
  • Opt-out of certain disclosures of your Personal Data to third parties;
  • Know what categories of Personal Data are shared for delivering advertisements on third party sites, applications, and services and the categories of recipients of such Personal Data;
  • Opt-out of the sharing of your Personal Data for delivering advertisements on third party websites, applications, and services;
  • Either limit (opt-out of) or require consent to process sensitive Personal Data;
  • If you're under the age of 13 or such other applicable age of consent for privacy purposes in relevant individual jurisdictions, opt-in to certain disclosures of your Personal Data to third parties;
  • Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making");
  • Withdraw your consent at any time under certain circumstances (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal. (Please note that if you withdraw your consent, we may not be able to provide you with a particular product or Service. We will explain the impact to you at the time to help you with your decision); and
  • Not be discriminated against for exercising your rights as described above.

Please note that Automated Decision-Making currently does not take place on our Sites or is not conducted directly by us in our Services.

14. Exercising your rights to your Personal Data

14.1 How to exercise your rights

To exercise your rights, please contact us by using the information in Section 17 below. Your Personal Data may be processed in responding to these rights. We may request specific information from you to confirm your identity and your right to exercise your right. Applicable law may allow or require us to refuse to comply with your request. If we cannot comply with your request, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

We will endeavour to comply with your request to exercise your lawful rights, subject to exceptions set out in applicable law. Examples of such exceptions may include:

  • Information protected by solicitor-client privilege
  • Information that is part of a formal dispute resolution process
  • Information that is about another individual that would reveal their Personal Data or confidential information
  • Information that is prohibitively expensive to provide

We try to respond to all legitimate requests within one month unless otherwise required by law, and will contact you if we need additional information from you in order to honour your request or verify your identity. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive.

Some authorized users of our platform may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.

If we process your Personal Data for the purpose of sending you marketing communications, you may manage your receipt of marketing and non-transactional communications from us by clicking on the "unsubscribe" link located on the bottom of our marketing emails, by replying or texting 'STOP' if you receive SMS communications from us.

Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information.

To update your billing information, discontinue your account, or request return or deletion of your Personal Data and other information associated with your account, please contact us by using the information in Section 17 below.

14.2 Your rights relating to Customer Data

As described above, we may also process Personal Data submitted by or for a Customer to our products and Services. To this end, if not stated otherwise in this Privacy Policy or in a separate disclosure, we process such Personal Data as a processor on behalf of our Customer (and its affiliates) who is the controller of the Personal Data (see Section 1 above). We are not responsible for and have no control over the privacy and data security practices of our Customers, which may differ from those explained in this Privacy Policy. If your Personal Data has been submitted to us in our role as a processor by or on behalf of a Customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly. We may only access Customer Data upon their instructions. If you wish to make your request directly to us, please provide us the name of the Customer who submitted your Personal Data to us. We will refer your request to the applicable Customer and will support them as needed in responding to your request within a reasonable timeframe.

15. International transfer of Personal Data

Your Personal Data may be collected, transferred to and stored by us in Canada or the United States and by our affiliates and third-parties disclosed in Section 9 above that are based in other countries.

Therefore, your Personal Data may be processed outside your country or jurisdiction, including in places that are not subject to an adequacy decision by your local legislature or regulator, and that may not provide for the same level of data protection. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses or an alternative mechanism for the transfer of data as approved by applicable regulators or legislators. Where required by applicable law, we will only share, transfer or store your Personal Data outside of your jurisdiction with your prior consent.

16. Changes to this Privacy Policy

We will update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. If we do, we will update the date in which it was last modified. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a notice on our Sites or by contacting you directly, or where required under applicable law and feasible, seek your consent to these changes.

We encourage you to periodically review this Privacy Policy to stay informed about our collection, processing and sharing of your Personal Data.

17. Contacting Us

To exercise your rights regarding your Personal Data, or if you have questions regarding this Privacy Policy or our privacy practices, please direct your query to our Privacy Officer at privacy@autocorp.ai; or call us at 877-255-8627; or write to us at:

Attention: Privacy Officer
343 Preston Street, FL 1
Ottawa, ON K1S 1N4

When you contact us, please indicate in which country and/or state you reside.

To enquire about your billing information and update your payment information, please direct your query to our Finance Team at support@autocorp.ai.

We are committed to working with you to obtain a fair resolution of any complaint or concern about your privacy rights. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to lodge a complaint with a competent regulatory authority as it applies to you. We will direct you to the appropriate appeal process or authority to lodge a complaint where required by us under applicable law.

18. Additional disclosures for California Residents

The California Consumer Privacy Act (as amended by the California Privacy Rights Act) requires businesses to disclose whether they sell or share Personal Data. As a business covered by the CCPA, we do not sell Personal Data.

California law requires that we detail the categories of Personal Data that we disclose for certain "business purposes," such as to service providers that assist us with securing our Services or marketing our products, and to such other entities as described in Sections 8 and 9 of this Privacy Policy. We disclose the following categories of Personal Data for our business purposes:

  • Identifiers
  • California Customer Records' personal information categories
  • California or federal law protected classifications characteristics
  • Commercial information
  • Internet or other similar network, browsing, or search activity
  • Geolocation data
  • Audio, electric, visual, thermal, olfactory, or similar information
  • Professional or employment-related information
  • Non-publicly available educational information under the Family Educational Rights and Privacy Act (FERPA) and related regulations (20 U.S.C. § 1232g; 34 C.F.R. §§ 99.1 to 99.67)
  • Inferences drawn from other personal information to create consumer profiles
  • Sensitive personal information, which includes sub-categories for:
    • government identifiers (social security, driver's license, state identification card, or passport number)
    • complete account access credentials (usernames, account numbers, or card numbers combined with required access/security code or password)
    • precise geolocation
    • citizenship or immigration status (starting January 1, 2024)
    • mail, email, or text messages contents
    • unique identifying biometric information

California law grants state residents certain rights, including without limitation the rights to know and access specific types of Personal Data, to learn how we process Personal Data, to request deletion of Personal Data, to request correction of Personal Data, to opt-out of sharing your Personal Data for third party advertising purposes, and not to be denied goods or services for exercising these rights.

If you are a California resident under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our Sites. Please note that your request does not ensure complete or comprehensive removal of the content or information, because, for example, some of your content may have been reposted by another user.

For information on how to exercise your rights, please refer to Section 14 of this Privacy Policy. If you are an authorized agent wishing to exercise rights on behalf of a California resident, please contact us using the information in the "Contacting Us" section above and provide us with a copy of the consumer's written authorization designating you as their agent.

If you would like to opt-out of shares using your cookie identifiers, turn on a Global Privacy Control in your web browser or browser extension. Please see the California Privacy Protection Agency's website at https://oag.ca.gov/privacy/ccpa for more information on valid Global Privacy Controls. If you would like to opt-out of shares using other identifiers (like email address), please refer to Section 14 of this Privacy Policy.

We may need to verify your identity and place of residence before completing your rights request.