Privacy Notice

• Account data — email address, username, and authentication identifiers when you sign up or sign in (including via Google).
• Location data — the suburb you type in, or an approximate location derived from your device when you tap "Use my location". We do not store precise GPS coordinates beyond the request that resolves them to a suburb.
• Service content — trips you generate, escapes you save, spots you submit, and preferences such as vibe, drive time and budget.
• Subscription & billing metadata — your subscription tier, status, renewal date, and an opaque customer identifier returned by our payment provider. We do not receive or store your full card number.
• Device & usage data — IP address, device/browser type, language, and basic usage events used to operate and secure the Service.
• Support data — the content of any message you send us.

• Provide the Service (generate trips, save escapes, sync across devices) — performance of a contract (Art. 6(1)(b)).
• Account creation and authentication — performance of a contract (Art. 6(1)(b)).
• Process subscriptions and payments via our payment provider — performance of a contract (Art. 6(1)(b)) and legal obligation for tax/invoicing (Art. 6(1)(c)).
• Security, fraud and abuse prevention — legitimate interests (Art. 6(1)(f)) in keeping the Service safe.
• Product improvement and aggregate analytics — legitimate interests (Art. 6(1)(f)).
• Service announcements and support replies — legitimate interests (Art. 6(1)(f)) / contract (Art. 6(1)(b)).
• Marketing emails (if ever sent) — consent (Art. 6(1)(a)), which you may withdraw at any time.

Paid subscriptions to Carvac+ are processed by Paddle.com, our online reseller and Merchant of Record. When you purchase a subscription, you provide your billing details directly to Paddle, which acts as a controller of that payment data. Paddle shares with Carvac limited metadata about your subscription (status, plan, renewal date, country, and an opaque customer ID) so we can grant and manage your access. Paddle also provides customer service inquiries and handles returns and refunds for our orders. See Paddle's privacy policy at paddle.com/legal/privacy.

• Paddle — Merchant of Record for payment processing, subscription management, tax calculation, invoicing and refunds.
• Lovable Cloud — managed backend hosting for your account, saved escapes and subscription records.
• Google Maps Platform — to look up real places, ratings, photos and driving directions for stops you view.
• OpenStreetMap (Nominatim) — to turn an approximate device location into a suburb name.
• Open-Meteo — for the weather badge on each trip.
• AI text generation providers — to draft trip ideas from your vibe, interests and drive-time inputs.
• Professional advisers (legal, accounting) and authorities where required by law.

We do not sell your personal data and we do not share it for cross-context behavioural advertising.

Some of the providers above are located outside Australia, the United Kingdom and the EEA. Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or the provider's own adequacy mechanisms.

• Account, saved escapes and submitted spots — kept while your account is active and deleted within 30 days of account closure (longer only where required by law).
• Subscription & billing records — retained for 7 years after the last transaction to meet Australian and EU tax/accounting obligations.
• Trip history cached on your device — kept locally until you clear it or uninstall the app.
• Support messages — kept for up to 24 months after the issue is resolved.
• Security/abuse logs — kept for up to 12 months.

We apply appropriate technical and organisational measures designed to protect your personal data, including: encryption in transit (TLS), encryption at rest for our managed database, access controls and least-privilege role separation, row-level security policies on user data, hashed passwords, multi-factor sign-in options via Google, and routine review of third-party sub-processors. No system is perfectly secure; please use a strong unique password and notify us promptly if you suspect any unauthorised access.

Subject to applicable law (including the EU/UK GDPR and the Australian Privacy Act), you may:

• Access the personal data we hold about you.
• Rectify inaccurate or incomplete data.
• Erase your data ("right to be forgotten") where applicable.
• Restrict or object to certain processing, including processing based on legitimate interests.
• Portability — receive your data in a structured, machine-readable format.
• Withdraw consent at any time where processing is based on consent.
• Lodge a complaint with your local supervisory authority (in Australia: the OAIC; in the EU: your national DPA; in the UK: the ICO).

To exercise any of these rights, email hello@carvac.app. We respond within one month.

Carvac uses strictly necessary cookies and browser local storage to keep you signed in, remember your preferences, and cache trips for offline use. We do not use third-party advertising cookies.

Carvac is not directed at children under 13. If you believe a child has signed up, contact us and we will delete the account.

We may update this notice from time to time. Material changes will be reflected here with a new "last updated" date.

Carvac · hello@carvac.app