April 8, 2023
Information We Collect
Information provided to us by end users in connection with their use of the Services. This may include personal information that end users provide when they:
- Authorize Developers to access end users' vehicle information, such as email address, password, PIN (vehicle manufacturer account credentials) and vehicle identification number;
- Contact our user support team or otherwise correspond with us by email or phone.
Information about end users' use of the Services. We collect information about end users' use of the Services, including:
- Information collected by automated means, such as metadata regarding end users' requests and information collected through strictly necessary cookies to enable the use and navigation of the Smartcar Connect authorization flow.
How We Use Information
We use the information we collect at the instruction of our customers and in accordance with our customer agreements, to provide the Services and for related internal purposes, including:
- To enable end users to access and use the Services;
- To provide information about the Services, such as important updates or changes to the Services and security alerts;
- To improve the Services and develop new products and services;
- To respond to inquiries, complaints, and requests for support.
We may also use personal information as we believe necessary or appropriate to (a) comply with applicable law; (b) enforce the terms and conditions that govern the Services; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
How We Share Information
We share the information we collect:
- With Developers – only to the extent the information pertains to the Developers' end users;
- With third party service providers that help us manage and improve the Services;
We may also share personal information with government, law enforcement officials or private parties as required by law, when we believe such disclosure is necessary or appropriate to (a) comply with applicable law; (b) enforce the terms and conditions that govern the Service; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
We may sell, transfer or otherwise share some or all of Smartcar's business or assets, including personal information, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy.
Smartcar uses appropriate, commercially reasonable physical, electronic, and procedural safeguards to protect personal information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with applicable law. We cannot, however, guarantee that any safeguards or security measures will be sufficient to prevent a security problem. We recommend that our customers take steps to protect against unauthorized access to any devices or networks used to access the Services. See the customer agreement for additional information regarding Smartcar's information security practices.
Data Subject Rights
Developers (or their clients, as applicable) are the controllers of end users' personal information. As the controllers, Developers (or their clients, as applicable) are responsible for receiving and responding to end users' requests to exercise any rights afforded to them under applicable data protection laws. Smartcar will assist Developers in responding to such requests as set forth in the customer agreement.
Cross Border Data Transfer
Smartcar may transfer personal information about end users outside of the country in which end users are located, including to the United States. See the customer agreement for additional information regarding how Smartcar safeguards the personal information it transfers across borders.
Smartcar does not store vehicle information which is processed through the Smartcar platform; any logs generated by the Smartcar API servers are deleted within ninety days. Smartcar retains all other personal information for as long as necessary to (a) provide the Services; (b) comply with legal obligations; (c) resolve disputes; and (d) enforce the terms of customer agreements. See the customer agreement for additional information regarding Smartcar's data retention practices.
Third Party Products and Services
The Services may integrate with or enable access to third party tools, including any applications made available by Developers. End users that register, install or access any third party tools may be required to accept privacy notices provided by those third parties. Please review those notices carefully, as Smartcar does not control and cannot be responsible for these providers' privacy or information security practices.