carvia

Privacy Policy

The short version: we collect what we need to verify you, run bookings, process payments, and keep the marketplace safe. We don't sell your personal information. This page explains what we collect, why, who we share it with, and the controls you have.

This policy covers the personal information Rent Cars LA LLC, the California company that operates the Carvia service ("Carvia," "we," "us"), collects when you use our app, website, or related services (together, the "Platform"), whether you're browsing, booking a trip as a guest, or listing a vehicle as a host.

1. Information we collect

You give us directly:

  • Account info: name, email, phone number, password, profile photo, date of birth.
  • Verification info: driver's license or state ID (front/back scan), a selfie for identity match, and — for hosts — vehicle title/registration and bank details for payouts.
  • Payment info: collected and stored by our payment processor, not by Carvia directly (see Section 4).
  • Trip content: messages to other users, reviews, support tickets, and the check-in/check-out photos taken during a trip (exterior, interior, odometer, fuel/charge gauge — timestamped and geotagged).
  • Anything else you choose to submit: listing descriptions, host bios, customer-support attachments.

We collect automatically:

  • Device and usage data: IP address, browser/app version, device identifiers, pages viewed, features used, crash logs.
  • Location data: approximate location for search/browse, and precise location during an active trip's check-in/check-out flow (to geotag the required photos) — you can decline precise location, but it will limit check-in/check-out functionality.
  • Cookies and similar technologies: see our Cookie Policy.

We receive from others:

  • Identity-verification results from our verification vendor (document authenticity, selfie match, driving-history/background-check summary).
  • Payment and payout status from our payment processor.
  • Information you provide when you contact support through our helpdesk vendor.

2. How we use your information

  • Operate the marketplace: create your account, show you listings, process bookings, run check-in/check-out, calculate and collect fees, pay out hosts.
  • Verify identity and eligibility, and screen for fraud, safety risk, and policy violations.
  • Communicate with you: booking confirmations, trip reminders, receipts, safety notices, and (if you opt in) marketing.
  • Resolve disputes, claims, and support tickets, including reviewing check-in/check-out photos in a damage claim.
  • Improve the Platform: analytics, product development, testing.
  • Comply with legal obligations, including tax reporting (1099s for hosts) and responding to valid legal process.

We do not use your check-in/check-out photos or messages for advertising or sell them to data brokers.

3. Biometric data

Identity verification uses a selfie-to-ID match, which involves processing facial geometry data in some cases. This is limited, purpose-specific biometric processing — see our full Biometric Data Policy for what's collected, why, how long we keep it (no longer than 3 years past your last interaction with Carvia, or as required by law), and your rights under state biometric privacy laws (Illinois BIPA, Texas CUBI, Washington HB 1493, and similar).

4. Payment information

Carvia uses a PCI-compliant third-party payment processor to handle card details and payouts. We don't store full card numbers on our servers. The processor shares limited transaction data back to us (amount, status, last 4 digits) so we can show you receipts and manage payouts.

5. Who we share information with

  • The other party on a trip: a host and guest see each other's first name, profile photo, verified-status badge, and trip-relevant messages. Full legal name and license details are used for verification and insurance/claims purposes but are not shown to the other user unless required for a claim or legal process.
  • Service providers: identity verification, payments, cloud storage/hosting, email/support, analytics — under contracts that limit their use of your data to providing the service to us.
  • Insurance/claims partners: once Carvia's carrier relationship is finalized (`[PENDING CARRIER]` — see Insurance Disclosure), relevant trip and claim information will be shared with our underwriting/claims partner as needed to administer coverage.
  • Legal and safety: when required by law, subpoena, or to protect the safety of our users or the public.
  • Business transfers: if Carvia is involved in a merger, acquisition, or asset sale, your information may transfer as part of that deal, subject to this policy.

We do not sell your personal information, as "sell" is understood under the CCPA and similar state laws.

6. Your rights and choices

Depending on your state, you may have the right to access, correct, delete, or port your personal information, and to opt out of certain processing (e.g., targeted advertising, if we ever run it). Submit requests to privacy@carvia.app or through your account settings. We won't discriminate against you (denial of service, price changes, or reduced service quality) for exercising these rights.

You can also:

  • Update your profile and account info any time in Settings.
  • Manage marketing email/push preferences in Notification Settings.
  • Manage cookies via the preference link in the site footer — see Cookie Policy.
  • Request account deletion — some information (trip history relevant to claims, tax records) is retained as required by law even after account closure.

7. Data retention

We keep personal information as long as your account is active and for a reasonable period after, to meet legal, tax, and dispute-resolution obligations (for example, check-in/check-out photos are retained long enough to cover the claims window and any related appeal, and tax-relevant payout records are kept per IRS retention requirements). Biometric data has its own, shorter retention cap — see Section 3.

8. Data security

We use encryption in transit and at rest for sensitive data (license images, payment tokens, biometric data), access controls limiting who at Carvia can view verification documents, and monitoring for unauthorized access. No system is 100% secure, and we'll notify affected users and regulators as required by law if a breach occurs.

9. Children

Carvia isn't for anyone under 18. We don't knowingly collect information from children under 13 (or the relevant age in your state), and we'll delete it if we learn we have.

10. International users

Carvia is a US-market service at this stage. If that changes, this policy will be updated with region-specific terms (e.g., GDPR).

11. Changes to this policy

We'll post updates here and, for material changes, notify you by email with at least 14 days' notice before the change takes effect (30 days if it affects how we handle payment or biometric data), consistent with our Terms of Service.

12. Contact

privacy@carvia.app

Rent Cars LA LLC (operator of Carvia)

2108 N ST STE N, Sacramento, CA 95816

`[PENDING: designated privacy contact/DPO if required by applicable law]`