Privacy Policy

This Privacy Policy explains how Gearify, Inc. (“Gearify,” “we,” “us,” “our”) collects, uses, shares, and protects personal information when you use our website, apps, and services (the “Platform”). By using the Platform, you consent to the practices described here.

1) Scope & Roles

Gearify is the data controller for information we collect through the Platform.

Our payment processor (e.g., Stripe) and any optional insurance providers process data under their own privacy terms and may act as independent controllers for their activities.

2) Information We Collect

We collect information directly from you, automatically from your device, and from third parties:

A. You provide

Account details: name, email, phone, password.

Profile & listing details (Listers): photos of gear, descriptions, availability, location, pricing, deposit amount, required licenses/permits, and selected cancellation policy.

Bookings (Renters): rental dates/times, pickup/return info, messages with Listers, optional insurance selections.

Identity & verification (where required): government ID, selfies/biometrics (processed by our verification provider), driver or operator license info, date of birth.

Payments: last four digits and tokenized card data via Stripe (we don’t store full card numbers).

Claims & safety: timestamped pickup/return photos/videos, incident descriptions, damage/loss reports, communications with Support.

Referrals & marketing: friends’ emails (if you invite them), preferences, reviews/ratings.

B. Collected automatically

Device & usage: IP address, device IDs, browser type, pages viewed, session timestamps, crash logs.

Location: approximate location from IP; if you enable precise location, we process it to support nearby listings, fraud prevention, and safety.

C. From third parties

Payment processor (e.g., Stripe): payment status, charge/dispute metadata.

Identity/KYC & sanctions screening providers: verification results and fraud risk indicators.

Analytics/advertising partners: aggregated traffic and attribution metrics (no sale of personal info; see Section 10).

Public & safety sources: recall lists, lost/stolen registries (to help prevent prohibited listings).

3) Why We Use Your Information (Purposes & Legal Bases)

We process information to:

Provide the Platform (create accounts, enable listings/bookings, messaging, support).

Legal basis (EEA/UK): contract necessity.

Process payments, deposits, and payouts via Stripe; manage cancellations/refunds.

Legal basis: contract necessity; legal obligation (financial/tax).

Marketplace safety, verification, and fraud prevention, including ID checks, sanctions screening, abnormal activity detection, chargeback defense, and claims handling.

Legal basis: legitimate interests; legal obligation.

Insurance facilitation (if offered/selected) and claims coordination.

Legal basis: contract necessity; legitimate interests.

Communicate transactional notices, policy updates, and service messages; send marketing with your consent where required (opt-out anytime).

Legal basis: contract necessity (transactional); consent or legitimate interests (marketing).

Improve the Platform, analytics, debugging, training models to detect fraud/risk, personalize content.

Legal basis: legitimate interests; consent where required for cookies.

Comply with laws (tax, AML/KYC, consumer protection) and enforce our Terms.

Legal basis: legal obligation; legitimate interests.

Automated decisions: We may use automated risk scoring (e.g., fraud checks). You can request human review of decisions that significantly affect you (where required by law).

4) How We Share Information

We do not sell personal information. We share only as needed:

Payment processor (Stripe): to process charges, holds, captures, payouts, and disputes.

Identity/KYC & fraud providers: to verify identity and prevent misuse.

Insurance providers/adjusters (if you opt in): to administer coverage and claims.

Other Users: limited profile and listing/booking details needed to complete transactions (e.g., first name, listing photos, pickup/return instructions).

Service providers: hosting, email/SMS, analytics, customer support, content moderation, cloud storage, bound by contract to protect data.

Law enforcement/authorities: when required by law, to protect rights and safety, or to investigate fraud/theft (e.g., police reports in theft cases).

Corporate transactions: in a merger, acquisition, or sale of assets, subject to confidentiality and continuity safeguards.

Public content (e.g., reviews, listing photos/descriptions) is visible to others on the Platform.

5) International Transfers

We operate globally. Your information may be processed in the United States and other countries that may have different data protection laws than your home country. Where required, we use EU Standard Contractual Clauses (SCCs) or other lawful mechanisms for cross-border transfers, and we apply appropriate safeguards.

6) Cookies & Similar Technologies

We use:

Essential cookies: sign-in, security, and core features.

Analytics: to understand usage and improve the Platform.

Functional: preferences (language, currency).

Advertising/measurement: limited attribution; we do not sell personal information.

Manage cookies in your browser settings and, where offered, via our Cookie Banner/Preferences tool.

7) Data Retention

We keep data only as long as needed for the purposes described, including:

Account data: while your account is active and for a reasonable time after for support, disputes, and legal obligations.

Transactions & tax records: typically 3–7 years (jurisdiction-dependent).

KYC/verification: per legal requirements and fraud defense windows.

Claims evidence (photos, communications): retained through the claim lifecycle and applicable limitation periods.

When no longer needed, we delete or de-identify the data.

8) Security

We use administrative, technical, and physical safeguards (encryption in transit, access controls, monitoring). No system is 100% secure; please use a strong, unique password and enable available security features.

9) Your Choices

Email/SMS marketing: opt out via the message footer or in settings.

Profile & listing info: you can edit or delete certain data in your account.

Location: disable precise location in your device settings.

Cookies: manage via browser and our banner (where available).

10) Your Privacy Rights (Region-Specific)

We honor applicable rights. You (or your authorized agent) can submit requests at [email protected] and we’ll verify your identity.

EEA/UK (GDPR):

Rights to access, correct, delete, restrict, and port your data; to object to processing based on legitimate interests; to withdraw consent (doesn’t affect prior processing).

Contact our EU/UK representative or DPO (if designated) via [email protected] . You may lodge a complaint with your supervisory authority.

California (CCPA/CPRA):

Rights to know/access, delete, correct, and to opt out of “sale”/“sharing” for cross-context behavioral advertising (we don’t sell personal info; if we ever “share,” we’ll provide a “Do Not Sell or Share” link).

Right to limit use of sensitive personal information to what’s necessary to perform services.

We do not discriminate for exercising your rights.

Canada (PIPEDA), Australia (Privacy Act), Brazil (LGPD), and others:

Rights to access/correct personal information and to complain to local regulators. We’ll honor requests consistent with local law.

11) Children’s Privacy

The Platform is not for children under 13 (or the minimum age in your country). We do not knowingly collect data from children. If you believe a child has provided data, contact [email protected] and we will take appropriate action.

12) Marketplace Safety & Compliance

To protect users and comply with laws (e.g., AML/KYC, sanctions), we may require ID verification, conduct sanctions screening, and review claims evidence (photos, messages, timestamps). For categories with legal requirements (e.g., drones, certain powered gear), we may ask for licenses/permits. Failure to provide or pass checks may limit access.

13) Third-Party Links

The Platform may link to third-party sites (payments, insurance, help docs). We aren’t responsible for their privacy practices; review their policies.

14) Changes to this Policy

We may update this Policy from time to time. We’ll post the new Policy with the “Last updated” date. Material changes will be highlighted or notified where appropriate.

15) Contact Us

Email: [email protected]

Mail: Gearify, Inc., [Street Address], [City, State ZIP], USA

Support: [email protected]

16) Key Definitions (Plain English)

Personal information: data that identifies or relates to an identifiable person.

Processing: any operation performed on personal information (collecting, storing, using, sharing).

Controller/processor: the party deciding how/why to process data (controller) vs. acting on instructions (processor).

Implementation Tips (product & ops)

Add a Cookie Banner with granular preferences where required.

Keep a Data Retention Schedule (operations doc) with category-by-category timeframes.

Document DPA/SCCs with vendors (Stripe, ID verification, hosting, analytics).

Expose a simple Privacy Request form (access/delete/correct).

Log all consents (marketing, cookies, ID verification photos).

In theft/damage flows, store claim evidence securely and restrict access.