Ownli Privacy Policy

Effective Date: January 1, 2025

At Parked Solutions, Inc., d/b/a Ownli ("Ownli", "Company" or "We"), we value your privacy and are committed to protecting your personal information. This Privacy Policy outlines how we collect, store, process, share, and protect your personal information when you use our services, and covers how we treat the personal information which you entrust with us.

At Ownli, we believe that you own your data, and we strive to offer complete transparency regarding how your personal information is handled. Through our platform, you can monetize your personal information and directly engage with companies that want to buy your data from you (our “Services”).

Various regulations have different definitions for the term “Personal information” or “Personal Information”. In accordance with global standards, we define these terms to mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, from the Personal information, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 

This Privacy Policy explains your rights regarding your personal information and describes the steps we take to protect your privacy. Please read this policy carefully to understand how your personal information is handled, the choices you have in managing your personal information, and your rights under applicable law. If you have any questions or concerns, feel free to contact us at legal@ownli.co.

You are not legally required to provide us with your personal information, but if you choose not to do so you may not be able to take full advantage of our services. If you do not agree to the terms and conditions set forth herein please do not use the services. 

This Privacy Policy must be read in conjunction with our Term of Use at: https://support.ownli.co/hc/en-us/articles/360011275958-Terms-of-Use, which describes the terms under which you may use our Services.

Types of Personal Information Collected

We collect and process various types of personal information that you provide to us or that we collect automatically when you use our Services. Below is a detailed description of the categories of personal information we collect:

1. Information You Provide Directly. When you sign up for our Services, interact with our platform, or participate in data transactions (such as selling your personal information to businesses using our platform), we will collect the following types of information:
   • Identifiers: For registration purposes and some of the features of the Services we ask you for personal information, including: name, email, phone number, and state. In addition, to be able to use some of the platform’s functionalities (such as selling your personal information to businesses using our platform) we collect car-related photos/images, including without limitation, a license plate image, odometer images with mileage parameters, vehicle state, vehicle make, vehicle model, email address, phone number, auto insurance provider, details regarding your car insurance policy, including characteristics, and your insurance identifiers (policy number).
   • Demographic Information: This may include your age, gender, date of birth, and other demographic information relevant to the Services.
   • Communication Preferences: Your preferences regarding how we contact you, including marketing and other communications. 
2. Information Collected Automatically. When you use our platform, we may automatically collect certain information related to your device and usage patterns. The types of data we collect automatically include:
   • Internet or Other Electronic Network Activity: This includes your IP address, device ID, browser type, browsing history, device identifiers, and interaction with our website and platform.
   • Metadata: Some of our optional features might require access to location via GPS/GNSS or sensor data in the background. We may also extract metadata from the photos you provide to detect fraud which includes the image location, time, and other information from your device and browser.
   • Cookies and Tracking Technologies: In order to store your credentials when you contact us, collect the data described herein, and provide the Services, we may use temporary cookies that remain on your device for a limited period of time. We may also use persistent cookies that remain on your device until the Company's application is removed, in order to manage and maintain the services and record your use of the Services. A cookie is a small piece of information which is sent to and stored on your device. Cookies do not damage your device. Most browsers or devices may allow you to block cookies but you may not be able to use some features on the Services if you block them. You can control the use of cookies through your browser settings.
3. Information Obtained from Third Parties. In some cases, we may receive personal information about you from third parties, such as:
   • Business Partners: Information from our business partners or affiliates which you instruct to disclose information to us (e.g. information from your insurance provider, such as details regarding your policy, characteristics, and your insurance identifiers). This allows us to verify that you are actively insured with them so we can provide you with a reward. 
   • Social Media Platforms: If you interact with us via social media or link your social media accounts to our platform, we may collect certain information from those accounts (e.g., your Meta/Google name, e-mail, user id, and any other information you choose to share with us via such account). If you interact with any social media or other third-party plug-in in the Services (such as a "share" on Meta) we may receive information from the respective platforms, including account information such as your photo and any information defined as public pursuant to the policies of such third party platform.
   • Sensitive Personal Information. In certain situations, we may collect sensitive personal information, such as: Government Identifiers: government-issued identifiers if required for identification or regulatory purposes (e.g. a government-issued photo ID).
4. Inferences Drawn from Other Data. We may derive certain insights about you based on the information you provide or data we collect automatically. This may include inferences regarding your preferences, interests, and behaviors.

For the purposes of the CCPA, specifically in the last twelve (12) months, we have collected the following categories of Personal Information: Identifiers; Internet or other Electronic Network Activity Information; Customer Records Information; and Geolocation Information. We do not use or disclose “sensitive personal information” as defined in the CCPA other than as is strictly necessary to provide you with the Services you have requested.

How We Use Personal Information

We use your personal information to provide and improve our Services, enable data transactions, and ensure compliance with applicable laws. Below is a detailed explanation of how we use the personal information we process:

1. To Facilitate Data Sales to Third Parties. One of the core features of our platform is to allow YOU to monetize your personal information by selling it to third parties. We do not sell any of your information, we empower you to monetize it if you choose to do so.  Specifically, we use your personal information for the following purposes:
   • Enabling Data Transactions: When you choose to monetize your data, we process your personal information to facilitate data sales between you and third-party buyers, including insurance companies. This includes ensuring that the data you choose to sell is transmitted securely and will only ever be done with your consent (*please note this is not considered a “Sale” under CCPA because this is done at your instruction and for your benefit).
   • Customizing Offers: Based on the personal information you provide you might qualify for special offers from partner businesses.
2. To Provide and Improve Our Services. We use your personal information to operate, maintain, and improve our platform and Services. This includes:
   • Account Creation and Management: We use your personal information to create and manage your account, including processing registration details, and authenticating your identity.
   • Customer Support: If you contact us with questions or issues, we use your personal information to respond and resolve your inquiries.
   • Service Improvements: We analyze user data and behavior to improve the features, functionality, and user experience of our platform.
3. For Legal and Regulatory Compliance. We process your personal information to comply with our legal obligations and to protect the rights of our users, third parties, and the company. Specifically:
   • Compliance with Data Protection Laws: We ensure that our data processing practices comply with applicable privacy laws.
   • Legal Claims and Obligations: In some cases, we may process your personal information to address legal claims, comply with regulatory requests, or protect our interests, including during audits, litigation, or investigations.
   • Security and Fraud Prevention: We may use your personal information to detect, investigate, and prevent fraudulent activities or security threats on our platform.
4. To Communicate with You. We use your personal information to communicate with you about our services, features, and policies. This includes:
   • Service Updates: We send notifications regarding important updates about your account, changes to our services, policies, or other administrative matters.
   • Promotional Communications: With your consent, we may send you marketing emails or messages about new features, offers, or services that may be of interest to you. You can opt out of these communications at any time.
5. To Conduct Data Analytics and Research. We may use your personal information for internal business purposes, such as:
   • Data Analytics: We analyze usage data to understand how users interact with our platform, identify trends, and optimize performance.
   • Aggregated and De-identified Data: In some cases, we may aggregate or anonymize your data to generate insights for research, statistical analysis, or marketing purposes. This aggregated data does not identify individual users and is used to improve our services and inform business decisions. 

How We Share Personal Information

Below is a detailed explanation of the circumstances under which we share your personal information, who we share it with, and why.

1. Sharing Information with Third Parties for Data Sales. As part of our business model, you have the option to sell your verified personal information to third-party buyers. You retain full control over what types of data you choose to sell and who you sell it to. No data will be sold without your informed consent. When you choose to sell your verified data to a participating business we will share a copy of your personal information with that business.
2. Service Providers. We may share your personal information with service providers or contractors who assist us in operating our business and providing our services. These third parties are required to protect your personal information and will only use it for the purposes for which it was shared. Categories of service providers we work with include payment processors, IT service providers, and analytics providers.
3. Business Partners. In some instances, we may share your personal information with business partners who provide additional services through our platform or collaborate with us on special offerings. 
4. Legal and Regulatory Requirements. We may need to share your personal information to comply with legal obligations, enforce our agreements, or protect the rights, property, and safety of our company, users, or others. 
5. Business Transfers. In the event of a merger, acquisition, restructuring, or sale of all or part of our business, your personal information may be shared or transferred as part of the transaction. You will be notified of any changes to how your data is being processed if such a transfer occurs.
6. Sharing Aggregated or Anonymized Data. We may share data that has been aggregated or anonymized so that it does not identify you personally. This data may be shared for analytics and marketing purposes.

User Rights

Depending on where you reside and the applicable data protection laws, you may have certain rights regarding your personal information. This section outlines the rights you have and how you can exercise them.

1. Right to Know/Access. You have the right to request information about the personal information we collect, use, store, and share about you. 
2. Right to Delete. In certain circumstances, you may have the right to request that we delete the personal information we have collected from you, subject to certain exceptions. 
3. Right to Correct/Rectify. You have the right to request that we correct inaccurate or outdated personal information that we hold about you. If any of your information is incorrect or has changed (e.g., name, email, or address), you can ask us to update or correct it to ensure it remains accurate and up to date.
4. Right to Withdraw Consent. If we process your personal information based on your consent, you have the right to withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of data processing conducted before your withdrawal, but it may affect your ability to continue using the Services or certain features.
5. Right of Data Portability. Where technically feasible, you have the right to ask to transfer your personal information to another entity in a common machine-readable format. 
6. Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights. 
7. Right to Object. You have the right to object to our processing of your personal information in certain situations. If we process your data based on our business interests or for direct marketing purposes, you may object to that processing at any time. We will stop processing your personal information unless there is an overriding legitimate reason to continue or if it is necessary for legal reasons.
8. How to Exercise Your Rights. To exercise any of your rights, please contact us at legal@ownli.co. We will respond to your request as required by applicable laws, typically within 45 days. For security purposes, we may need to verify your identity before fulfilling your request.

Children’s Privacy

Our services are not intended for use by children under the age of 16. We do not knowingly collect, process, or sell personal information from children. If we learn that we have inadvertently collected data from a child under 16 without appropriate consent, we will take steps to delete that information promptly. If you are under 16, please do not submit any personal information through our services.

Cross-Border Data Transfers

Our servers are in the US, though we may transfer your personal information to other jurisdictions as necessary. While privacy laws vary between jurisdictions, Ownli, its affiliates and service providers are each committed to protecting personal information in accordance with this Privacy Policy, customary and reasonable industry standards, and such appropriate lawful mechanisms and contractual terms requiring adequate data protection, regardless of any lesser legal requirements that may apply in the jurisdiction to which such data is transferred. 

Data Security

At Ownli, we are committed to safeguarding your personal information and have implemented robust security measures to protect it from unauthorized access, disclosure, alteration, and destruction. This section outlines how we protect your data and the steps you can take to help ensure its security.

1. Security Measures We Use. We employ a range of industry-standard security practices to ensure that your personal information remains secure. These include, but are not limited to:
   • Access Controls: Only authorized personnel have access to your personal information, and we implement strict access controls based on roles and responsibilities. Employees and contractors are bound by confidentiality obligations and can only access data on a need-to-know basis.
   • Secure Data Storage: Personal information is stored in secure environments that are protected against unauthorized access, tampering, and damage. This includes the use of firewalls, intrusion detection systems, and regular vulnerability assessments to protect against external threats.
   • Data Minimization: We strive to collect and retain only the minimum amount of personal information necessary to provide our services. This helps reduce the potential risks associated with data security breaches.
2. Incident Response. In the event of a data breach or security incident, we have a comprehensive incident response plan in place to:
   • Contain and Assess: Immediately contain the breach and assess the extent of the impact on personal information.
   • Notify Affected Individuals: If a breach affects your personal information, we will notify you as required by applicable laws, outlining the nature of the breach, the type of data involved, and the steps you should take to protect yourself.
   • Report to Authorities: Where legally required, we will also notify the appropriate regulatory authorities of the breach.
3. Data Security for Third-Party Providers. When we work with third-party service providers, we ensure that they meet high standards of data security. All third parties that process your personal information on our behalf are contractually obligated to implement appropriate security measures in compliance with applicable privacy laws.

Data Retention

We are committed to retaining personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, enforce our agreements, and ensure the security and privacy of our users. This section outlines how long we retain personal information and the criteria we use to determine retention periods.

We retain personal information based on the following criteria:

1. Purpose Fulfillment. We retain personal information for as long as necessary to achieve the specific purpose for which it was collected. This may include:
   • Providing you with access to our services.
   • Managing and improving our platform.
   • Fulfilling contractual obligations.
2. Legal and Regulatory Compliance. Certain data may need to be retained for longer periods to comply with legal or regulatory obligations, including but not limited to:
   • Legal Claims: We may retain personal information for the duration of any statutory limitation periods where such data is relevant to potential or actual legal claims.
3. Fraud Prevention and Security. We may retain personal information for extended periods where necessary to detect, prevent, and address security incidents, fraud, and abuse of our services.
4. User Consent. If you have given consent for us to retain your personal information for a specific purpose, we will retain it for as long as you continue to provide your consent. You may withdraw your consent at any time.

Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or technological advancements. When we make significant changes to this policy, we will:

1. We will notify you of any major updates by posting the revised policy on our website and, where required by law, by providing notice via email or through your account.
2. Each updated version of the Privacy Policy will include an “Effective Date” to help you identify when the changes were made.

If you continue to use our services after the updated Privacy Policy takes effect, you will be deemed to have accepted the revised policy. However, if any changes materially affect the way we handle your personal information, we will seek your consent where necessary before proceeding with those changes.

We do not respond to "Do Not Track" signals.

Third-Party Websites and Services

Our Services include links to third-party websites and services. Such websites and services, and any information you process, submit, transmit or otherwise use with or to such websites and services are governed by such third party’s terms and privacy practices and policies, and not by this Privacy Policy. We encourage you to carefully read the terms and privacy policies of such websites and services.

US State Law Disclosures

These additional disclosures are required by certain state privacy laws to the extent they apply to your use of our Services and serve as a Notice at Collection under the California Privacy Rights Act.

Categories of personal information collected: The personal information that we may collect, or may have collected from consumers in the preceding twelve months, fall into the following categories established by the California Privacy Rights Act and other state privacy laws, depending on how you engage with our Services:

• Identifiers, such as your name, alias, address, phone numbers, or IP address, your account log-in information, or a government-issued identifier (such as an ID you provide for identity verification, which in some cases may reflect citizenship or immigration status);
• personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as your name,  physical characteristics or description and your payment information;
• characteristics of protected classifications under California or US federal law, such as age, race, or gender;
• information used to prevent and detect fraud or other unauthorized activity, including informing Customers if such activity were to affect them;
• Images of your face and your person (we do not collect biometric information);
• geolocation data, which may in some cases constitute precise geolocation information, such as the location of your device or computer;
• professional or employment-related information, for example, data you may provide about your business; and
• inference data, such as information about your preferences.

We collect this information from you, automatically through your interaction with our platform, or from third parties. We collect this information for the business and commercial purposes described in the “How We Use Personal Information” section above.

Categories of personal information disclosed for a business purpose. The personal information that we may have disclosed about consumers for a business purpose in the preceding twelve months fall into the following categories established by the California Privacy Rights Act and other state privacy laws, depending on how you engage with our Services:

• Identifiers, such as your name, alias, address, phone numbers, or IP address, your account log-in information, or a government-issued identifier (such as an ID you provide for identity verification, which in some cases may reflect citizenship or immigration status);
• personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as your name,  physical characteristics or description and your payment information;
• characteristics of protected classifications under California or US federal law, such as age, race, or gender;
• information used to prevent and detect fraud or other unauthorized activity, including informing Customers if such activity were to affect them;
• Images of your face and your person (we do not collect biometric information);
• geolocation data, which may in some cases constitute precise geolocation information, such as the location of your device or computer;
• professional or employment-related information, for example, data you may provide about your business; and
• inference data, such as information about your preferences.

“Sale” and “Sharing” of Personal Information: The CCPA places requirements on businesses relating to the “sale” or “sharing” of personal information. Where we refer to “sell” or “share” (or their variants) in quotes, we are referring to those terms as uniquely defined in the CCPA. We do not “sell” or “share” personal information, as such terms are defined in the CCPA and other similar regulations. 

De-identified Data Disclosure: We may use de-identified data in some instances. We either maintain such data without attempting to re-identify it or treat such data as personal data subject to applicable law.

California Privacy Rights Act Sensitive Personal Information Disclosure. The categories of data that we collect and disclose for business purpose include “sensitive personal information” as defined under the California Privacy Rights Act. We do not use or disclose sensitive personal information for any purpose not expressly permitted by the California Privacy Rights Act.

California Privacy Rights Act Non-Discrimination Statement. We will not discriminate against any consumer for exercising their rights under the California Privacy Rights Act.

Colorado Privacy Act and Oregon Privacy Act Profiling Disclosure. We do not engage in profiling of consumers in furtherance of automated decisions that produce legal or similarly significant effects, as those terms are defined under the Colorado Privacy Act or the Oregon Privacy Act. 

California Shine the Light: California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits California residents that have an established business relationship with a business to annually request, free of charge, information about certain categories of Personal Information a business has disclosed to third parties for those parties’ direct marketing purposes in the preceding calendar year. We do not disclose Personal Information to third parties for their direct marketing purposes.

Automated Decision Making: We do not use Personal Information for profiling or to make automated decisions or inferences about you. 

How to Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please do not hesitate to reach out to us. You can contact us at legal@ownli.co. We value your privacy and are committed to addressing any concerns you may have regarding the protection and use of your personal information.