Detail ChimpsDetail Chimps
Legal

Privacy Policy

Effective June 4, 2026 · Version 2026-06-04

DetailChimps ("DetailChimps," "we," "us") operates an on-demand mobile vehicle detailing marketplace that connects customers with independent detailing professionals ("Pros"). This Privacy Policy explains what personal information we collect, why we collect it, who we share it with, and the rights you have under Canadian (PIPEDA, Quebec Law 25), United States (CCPA/CPRA), and European Union / United Kingdom (GDPR / UK GDPR) law. It applies to our websites, mobile experiences, customer and Pro accounts, and any related services (the "Platform").

1. Who is the controller of your data?

For customers and visitors in Canada and the United States, DetailChimps is the controller of your personal information. For users in the EU/UK, DetailChimps acts as the data controller for account, booking, and marketing data. For Pros, DetailChimps and the Pro are independent controllers with respect to the booking each one fulfils. You can reach our Privacy Office at DetailChimps@gmail.com or by mail at DetailChimps — Privacy Office, 100 King St W, Toronto, ON, Canada.

Our designated person responsible for the protection of personal information (Quebec Law 25) and our Data Protection Officer (GDPR Art. 37) can be reached at dpo@detailchimps.com.

2. Information we collect

You provide directly

  • Account: name, email, phone, password hash, account type (customer or Pro).
  • Vehicle: make, model, year, color, photos, license plate (optional), notes.
  • Service address: street address, unit, gate codes, parking notes.
  • Payment: handled by Stripe — we receive card brand, last 4 digits, expiry, and a token. We do not store full card numbers.
  • Pro onboarding: government-issued ID, background-check inputs, banking/payout details (via Stripe Connect), insurance documents.
  • Communications: in-app chat, ratings, reviews, support requests, voice messages.

Collected automatically

  • Device: IP address, user-agent, locale, time zone, OS.
  • Usage: pages viewed, features used, error logs, crash diagnostics.
  • Approximate and precise location while you actively use the map / dispatch features. Pros also share live location while on-shift so customers can track them.
  • Cookies and similar technologies — see our Cookie Policy.

From third parties

  • Identity / background-check providers (Certn, Stripe Identity, or equivalent).
  • Payment processors (Stripe) for charges, payouts, and fraud signals.
  • Map and routing providers (Google Maps).
  • Authentication providers (Google) if you choose social sign-in.

3. Why we use it (purposes and legal bases)

PurposeGDPR legal basis
Create and operate your account; deliver bookings.Contract (Art. 6(1)(b))
Process payments, payouts, refunds, tax reporting.Contract; legal obligation (6(1)(b),(c))
Verify Pro identity and run background checks.Contract; legitimate interests in trust & safety
Real-time dispatch, ETAs, navigation.Contract
Service emails, SMS, push (booking updates, receipts).Contract
Marketing emails / promotions.Consent (Art. 6(1)(a)) — opt-in / CASL express consent
Fraud prevention, abuse detection, security.Legitimate interests; legal obligation
Analytics and product improvement.Legitimate interests / consent where required
Comply with tax, accounting, legal, regulatory requests.Legal obligation

4. How we share information

  • With the Pro assigned to your booking (or with the customer, if you are the Pro): name, photo, vehicle, address, and chat content needed to complete the job.
  • Service providers (processors) acting on our instructions — see Subprocessors for the live list.
  • Payment & banking partners (Stripe) for charges, payouts, and KYC.
  • Authorities and legal process when required by law or to protect rights, safety, and property.
  • Corporate transactions — in a merger, acquisition, or asset sale, with the acquirer under equivalent commitments.
  • We do not sell your personal information for money. We do not currently "share" it for cross-context behavioral advertising as defined under California law. You can still exercise your Do Not Sell or Share right at any time.

5. International transfers

Our service providers may process data in Canada, the United States, and the European Union. Where personal data is transferred out of the EU/UK, we rely on the European Commission's Standard Contractual Clauses (and the UK Addendum where applicable), supplemented by encryption in transit and at rest. A copy of the SCCs is available on request.

6. How long we keep it

  • Account data: while your account is active and for up to 24 months after closure (to handle disputes, chargebacks, and abuse).
  • Booking and payment records: 7 years (Canadian tax and bookkeeping obligations).
  • Identity / background-check artifacts (Pros): 3 years after deactivation, or as required by law.
  • Marketing consent records: until you opt out plus 24 months for proof of consent (CASL).
  • Aggregated / anonymized analytics: indefinitely.

7. Your rights

Subject to applicable law, you may:

  • Access the personal information we hold about you and receive a copy (right of access / portability).
  • Correct inaccurate information (rectification).
  • Delete your information (right to erasure / "right to be forgotten") — see Account → Privacy → Delete account.
  • Object to or restrict certain processing.
  • Withdraw consent at any time (this does not affect prior lawful processing).
  • Opt out of marketing communications using the unsubscribe link in any email.
  • California residents: exercise CCPA/CPRA rights, including the right to know, the right to delete, the right to correct, and the right to limit use of sensitive personal information (we do not currently use sensitive personal information for purposes that require a limit notice). See Do Not Sell or Share My Personal Information.
  • Quebec residents: rights to know, access, correct, withdraw consent, and to data portability under Law 25, including the right to be informed about automated decision-making.
  • EU/UK residents: rights of access, rectification, erasure, restriction, portability, objection, and to lodge a complaint with your supervisory authority (e.g. CNIL, ICO).

You can exercise most rights inside the app at Account → Privacy, or by emailing DetailChimps@gmail.com. We respond within the timeframes required by applicable law (typically within 30 days). If you live outside Canada and are unsatisfied with our response, you may contact your national regulator. Canadian users may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca; Quebec users may contact the CAI.

8. Automated decision-making

We use automated systems to match bookings to nearby Pros, calculate dynamic pricing, and flag suspicious activity. These decisions can be reviewed by a human at your request — email us at the address above.

9. Security

We use TLS in transit, AES-256 encryption at rest, row-level security in our database, scoped access tokens, audit logging, and regular vulnerability reviews. Read more on our Security page. No system is perfectly secure; you are responsible for protecting your password and keeping your contact information current.

10. Children

DetailChimps is intended for users 18 years of age or older. We do not knowingly collect information from anyone under 18. If you believe a minor has provided us with personal information, contact us and we will delete it.

11. Changes to this Policy

We will post material changes here and, where required, ask you to re-accept the updated Policy. The "Effective" date at the top reflects the most recent change.

12. Contact

Privacy Office — DetailChimps@gmail.com
Data Protection Officer (EU/UK + Quebec Law 25) — dpo@detailchimps.com
Mail — DetailChimps — Privacy Office, 100 King St W, Toronto, ON, Canada

See also: Privacy · Terms · Cookies · Security · Trust Center