Drivurs Mobile App Privacy Policy
Mobile app policy: this document applies to the Drivurs mobile app, APIs, and related app services. It is not the Drivurs website-only policy.
This page includes the current mobile app Privacy Policy for both the United States and Canada. Use the section that applies to your location, subject to any mandatory privacy laws that apply to you.
Jurisdiction sections
United States
Effective date: June 17, 2026
This Privacy Policy explains how ScanAI Technologies Inc. (“ScanAI”, “we”, “us”, or “our”) collects, uses, discloses, and protects information in connection with the Drivurs mobile application, website, APIs, and related services, including community, garage, event, discovery, shop, mechanic, service-request, booking, scheduling, messaging, notification, review, and related operational features (the “Services”) for users located in the United States. In this Policy, “Drivurs” refers to the product and service operated by ScanAI, not to a separate legal entity.
This Policy is intended to be consistent with applicable U.S. privacy laws where they apply to us, including federal privacy and consumer-protection laws and state privacy laws such as the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), and other comprehensive state privacy laws. Some rights and disclosures in this Policy apply only to residents of particular states or only when a law applies to us.
This Policy forms part of our Terms of Use. Additional service-role terms, such as the Drivurs Shop Agreement, Drivurs Mechanic Agreement, and Drivurs Service User Terms, may also describe role-specific data practices.
1. Information We Collect
We collect the following categories of information, depending on how you use the Services:
- Account and profile information
- display name, username, password, email address, phone number where provided, authentication information, and account settings;
- optional profile details such as avatar, bio, region, preferences, interests, saved items, and notification settings;
- legal acceptance records, document versions, consents, preferences, unsubscribe records, and related compliance logs.
- Vehicle, garage, and modification information
- vehicle make, model, year, trim, specifications, images, VIN or license plate information if you choose to provide it, ownership-related details you choose to share, and user-submitted performance information;
- modification records, parts, costs, notes, dyno results, maintenance details, service history you choose to upload, and related content.
- Community, event, and content information
- posts, threads, comments, reactions, saved items, club/community memberships, event listings, RSVPs, invites, run-group data, routes, waypoints, waiver acknowledgements, reviews, ratings, reports, responses, and related metadata;
- images, videos, files, and other content you upload.
- Shop, provider, and business information
- shop display name, legal/business name where provided, owner/operator information, business contact details, support email, phone number, website, storefront or mobile-service status, service areas, public profile content, photos, media, services offered, price display modes, estimated durations, cancellation/reschedule policies, schedule/capacity settings, and activation/status information;
- shop address information, address-validation outputs, formatted address, map pin, place identifiers, geocoding/address-validation metadata, timezone, public/private display settings, and verification timestamps;
- business, license, insurance, certification, permit, tax, and compliance attestations or documents if we request or you choose to provide them.
- Mechanic, team, and authorization information
- mechanic profile information, invite/request status, shop affiliations, team roles, permissions, acceptance records, skill tags, schedule or availability data, resource assignments, assigned bookings, removal/revocation history, and related audit information;
- mechanic certifications, credentials, insurance, license, permit, or qualification information if we request or you choose to provide them.
- Service request, booking, and customer intake information
- selected shop, mechanic/resource where applicable, service/offering, requested/confirmed time, location, vehicle, symptoms, notes, photos, mileage, safe-to-drive indicators, preferred windows, cancellation/reschedule activity, status transitions, booking messages, and completion/review eligibility;
- mobile-service address or other service location information where applicable;
- transactional notification and delivery metadata, such as email/push/SMS delivery status, timestamps, display keys, and safe deep-link metadata.
- Messages, communications, moderation, and support information
- messages and communications sent through the Services, including event chats, direct messages, booking conversations, shop/customer messages, mechanic/team messages, reports, appeals, support requests, feedback, incident reports, copyright notices, and related correspondence;
- moderation decisions, enforcement notes, safety reviews, fraud-prevention signals, and abuse-prevention records.
- Location, telemetry, and device information
- approximate or precise location information if you enable relevant features or permissions;
- map interactions, nearby searches, service-area searches, event-location selections, route-related information, and address-related inputs;
- device identifiers, advertising identifiers where used, push tokens, operating system, app version, language, settings, IP address, access times, crash logs, diagnostic data, and screens or pages viewed;
- if you use timing, racing, or performance features, associated telemetry, session data, GPS-derived speed/acceleration/lap/run data, and technical diagnostics.
- Analytics, usage, and inference information
- information about how you use the Services, including feature usage, event engagement, content interaction, searches, saved items, booking behavior, notification interactions, and technical performance;
- recommendations, rankings, safety signals, fraud signals, preference inferences, or similar product outputs generated from your activity and settings.
- Payment or commerce information, if enabled
- if Drivurs enables paid features, subscriptions, deposits, payments, or commerce workflows, we or our payment processors may collect transaction metadata, billing contact information, and payment status. We should not store full payment card numbers unless a separate payment implementation and policy expressly allows it.
We seek to limit collection to what is reasonably necessary for the purposes described in this Policy and for the features you use.
2. How We Use Information
We use information to:
- operate, maintain, secure, and improve the Services;
- create, authenticate, and manage accounts;
- enable community, vehicle, garage, modification, event, discovery, messaging, safety, and notification features;
- enable shop, mechanic, service-provider, service-request, booking, scheduling, team, review, reporting, saved-item, and related operational features;
- validate, normalize, and display addresses, service areas, map pins, location context, timezones, and availability;
- connect customers with independent shops or mechanics and share booking-relevant information with the selected provider or authorized team members;
- send transactional and service-related communications, including account alerts, security notices, service requests, booking confirmations, cancellations, reschedules, reminders, review prompts, legal notices, and policy updates;
- send marketing communications where permitted by law and your preferences;
- personalize the user experience, such as by suggesting communities, events, shops, services, mechanics, or content;
- maintain trust, safety, and platform integrity, including moderation, report review, fraud prevention, abuse prevention, security monitoring, and enforcement of our Terms and policies;
- debug, analyze, test, develop, and improve performance, reliability, user experience, and features;
- comply with legal obligations, respond to lawful requests, preserve legal rights, and protect users, the public, ScanAI, and third parties; and
- create de-identified, aggregated, or anonymized information for analytics, research, safety, product improvement, and business purposes.
We do not use service request notes, customer vehicle/service photos, precise mobile-service addresses, or booking messages for public advertising profiles unless we provide a separate disclosure and obtain any consent required by law.
3. Sensitive Data, State Privacy Rights, and Choices
Certain information may be considered sensitive under some U.S. state privacy laws. Depending on the feature, this may include precise geolocation, contents of messages, account credentials, government identification numbers if collected, driver’s license or professional credential information if collected, vehicle location/service-location information, biometric information if ever enabled, health or disability information if you choose to include it in a service note or support request, and similar information.
Where applicable U.S. state privacy laws apply, you may have rights to:
- know or confirm whether we process your personal information;
- access personal information we maintain about you;
- receive a portable copy of certain information;
- correct inaccurate personal information;
- delete certain personal information;
- opt out of certain uses or disclosures, such as “sales,” “sharing,” targeted advertising, or certain profiling, as those terms are defined by applicable law;
- limit the use and disclosure of sensitive personal information where required by law;
- appeal a denied privacy request where required by law;
- use an authorized agent to submit certain requests where permitted by law; and
- not be discriminated against for exercising privacy rights.
We do not sell personal information for money. Some analytics, advertising, social, or tracking technologies may be considered a “sale,” “sharing,” or “targeted advertising” under certain state privacy laws if those technologies are enabled. Where required and supported by our active product surfaces, we will provide a way to opt out, such as through privacy settings, a Do Not Sell or Share My Personal Information link, a Your Privacy Choices link, or another legally recognized method.
Where required by law and supported by our systems, we will recognize valid opt-out preference signals, such as Global Privacy Control, for browsers, devices, or sessions that communicate those signals. We will not rely on this statement to launch covered advertising, sharing, or targeted-advertising features until the required controls are implemented.
Under laws such as the CCPA/CPRA, precise geolocation may be treated as sensitive personal information. Where we collect precise location, continuous telemetry, or similar sensitive data, we aim to do so only for disclosed product purposes and with the permissions, notices, opt-outs, or consent required by law.
We do not disclose driving-behavior, precise-geolocation, service-location, or vehicle-service data to insurers, consumer reporting agencies, data brokers, or advertising networks for eligibility, pricing, underwriting, credit, employment, housing, insurance, or similar decisions without a separate legal basis and any consent required by law.
To exercise available rights, contact us using the details below or use any privacy-request tool we make available. We may need to verify your identity and request before responding. If we deny a request and applicable law gives you an appeal right, you may appeal by replying to our decision or using the appeal method we provide.
4. California Notice at Collection and Additional State Disclosures
This section supplements the rest of this Policy for residents of California and other states with similar disclosure requirements, where those laws apply to us.
The categories of personal information we may collect are described in Section 1 above. They may include identifiers, account information, commercial information, internet or electronic network activity, geolocation data, audio/visual content you upload, professional or employment-related information for shops/mechanics where provided, inferences, sensitive personal information, and other information you choose to provide.
We collect and use these categories for the purposes described in Section 2 above, including to provide the Services, manage accounts, enable service requests and bookings, communicate with you, maintain safety and security, personalize features, improve the Services, comply with law, and enforce our terms.
We may disclose categories of personal information to the categories of recipients described in Section 6 below, including service providers/vendors, other users where you make information visible, selected shops/mechanics and authorized team members for booking/service workflows, event hosts or club administrators where relevant, payment processors if payments are enabled, professional advisers, transaction counterparties, law enforcement/regulators/legal process where required or permitted, and other parties with your direction or consent.
We retain personal information as described in the Data Retention section below. Retention depends on the type of information, account status, feature use, legal obligations, safety/security needs, dispute needs, audit needs, and backup/deletion cycles.
We do not knowingly sell or share personal information of users under 16 in a way that requires opt-in consent under the CCPA/CPRA.
Where required and supported by the product, we will provide methods to opt out of sales, sharing, targeted advertising, and certain profiling, and to limit the use or disclosure of sensitive personal information.
5. Children’s Privacy
The Services are not directed to children under 13. We do not knowingly permit children under 13 to maintain accounts or submit personal information through the Services. If we learn that a child under 13 has provided us with personal information in a manner not permitted by law, we will take reasonable steps to delete or de-identify it.
If you are between 13 and 17, you may use general community features only with the consent and supervision of a parent or legal guardian, as described in our Terms. Service-related features may be restricted to users who are at least 18 or otherwise legally able to authorize service work or bind a business.
If you are a parent or guardian and believe a child has used the Services in violation of this Policy, please contact us.
6. How We Share Information
We may share information:
- With service providers and vendors who assist with hosting, storage, analytics, communications, email, push notifications, SMS where enabled, mapping, address validation, security, identity, moderation, support, payment processing where enabled, testing, debugging, and similar functions.
- With other users when you choose to share content, profile information, vehicle information, events, posts, comments, reviews, ratings, messages, or other information through public or shared features.
- With event hosts, club administrators, and community moderators as reasonably necessary for event, club, community, safety, and moderation features.
- With selected shops, mechanics, and authorized provider team members when you send a service request, request a booking, message a provider, submit a review/report, or otherwise use service-related features. This may include your display name, contact or messaging route, selected vehicle, service requested, service notes, photos, mileage where provided, safe-to-drive indicator, requested/confirmed time, cancellation/reschedule status, customer service location for mobile service, and other booking-relevant information.
- With shop owners/managers when a mechanic accepts an invite, requests to join a shop, is assigned to work, manages availability where allowed, or participates in shop/team workflows.
- With mechanics or assigned resources when a booking is assigned to them or when they need information to perform or coordinate the requested service.
- With payment processors or commerce providers if paid features, subscriptions, deposits, or payment workflows are enabled.
- With professional advisers and transaction counterparties, such as lawyers, auditors, insurers, acquirers, financing sources, or counterparties involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our business.
- With law enforcement, regulators, courts, or legal process in response to lawful requests, subpoenas, warrants, court orders, regulatory inquiries, or as otherwise required or permitted by law.
- To protect rights and safety when we believe in good faith that disclosure is necessary to protect users, the public, ScanAI, the Services, or third parties, or to investigate fraud, abuse, security incidents, policy violations, or legal claims.
- With your direction or consent, including when you connect third-party services, share links, invite others, or authorize a disclosure.
We do not provide real-time GPS tracking services to law enforcement, insurers, consumer reporting agencies, or other third parties. We do not disclose the exact private operating base of a mobile mechanic or the exact customer mobile-service address publicly unless the product clearly discloses that public display and any required consent is obtained.
7. Data Retention
We retain personal information for as long as reasonably necessary to:
- provide the Services and maintain accounts;
- support community, event, shop, mechanic, service-request, booking, review, reporting, messaging, and notification features;
- maintain safety, security, fraud prevention, abuse prevention, and moderation;
- maintain legal acceptance, consent, notification, delivery, audit, address-verification, booking, review, report, dispute, and compliance records;
- comply with legal obligations and recordkeeping requirements; and
- resolve disputes and enforce agreements.
Certain content may be soft deleted in our systems while retained in logs, backups, archives, audit tables, moderation records, legal holds, or security systems for a limited period or longer where required or permitted by law.
Service request, booking, review, report, address-verification, legal acceptance, and transactional-notification records may be retained longer than ordinary account content because they may be needed for safety, fraud prevention, legal compliance, dispute resolution, audit, or enforcement.
Where feasible, we seek to delete, de-identify, or aggregate information when it is no longer reasonably necessary for the purposes described in this Policy, subject to backup cycles and legal holds.
8. Security
We use reasonable technical and organizational measures designed to help protect personal information, such as encryption in transit, access controls, role-based permissions, audit logging, monitoring, and internal access restrictions. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Service-related workflows may involve sharing booking-relevant information with independent shops, mechanics, and authorized team members. Those parties are responsible for protecting information they receive and using it only for lawful service-related purposes.
If we become aware of a data breach or security incident that triggers notification obligations under applicable law, we will take steps required by law.
9. Cross-Border Processing
The Services are provided by a company based in Canada and may involve processing in Canada, the United States, or other jurisdictions. By using the Services, you understand that your information may be transferred to and processed in jurisdictions that may have different data-protection laws than your state.
When we transfer or process information across borders, we use safeguards appropriate to the nature of the information and the processing, such as contractual restrictions, vendor review, access controls, and security measures where appropriate.
10. Your Choices and Controls
You may:
- update account and profile information in app settings, where available;
- control certain notification preferences;
- enable or disable location permissions at the device level, which may limit some features;
- manage marketing email preferences through available unsubscribe mechanisms;
- opt out of SMS/text messages where enabled by following provided instructions, subject to receiving necessary non-SMS service communications through other channels;
- request access to, correction of, deletion of, or portability of personal information, subject to legal limitations;
- opt out of sales, sharing, targeted advertising, or certain profiling where applicable law gives you those rights and the relevant processing is enabled; and
- appeal certain denied privacy requests where required by law.
Some operational communications are necessary to provide the Services, such as security alerts, account notices, booking confirmations, service request notices, cancellation/reschedule notices, policy notices, and legal notices. Disabling optional notifications may not stop these operational communications, although hard delivery constraints such as an invalid email address, provider suppression, or account-deletion policy may prevent a particular delivery attempt.
11. Cookies, Tracking, and Opt-Out Preference Signals
The Drivurs app and website may use cookies, local storage, SDKs, analytics tools, device identifiers, advertising identifiers where enabled, push tokens, permissions-based location features, and similar technologies to keep you signed in, remember settings, enable notifications, understand usage, measure performance, detect fraud, improve the Services, and support marketing where permitted.
Some browsers and devices allow you to send Do Not Track or opt-out preference signals. Where applicable law requires recognition of legally valid opt-out preference signals and the relevant sale, sharing, targeted-advertising, or profiling processing is enabled, we will support those signals before launching that processing. Other Do Not Track signals may not have a uniform industry or legal meaning, and we may not respond to them unless required by law.
For more detail, see our Cookie and Tracking Technologies Disclosure and any privacy-choice controls we make available.
12. Email, Push, and SMS Communications
We may send service and transactional communications such as account alerts, security notices, service requests, booking confirmations, cancellations, reschedules, reminders, review prompts, safety notices, legal notices, and policy updates. These communications are part of operating the Services.
We may send optional marketing communications where permitted by law and your preferences. Marketing emails will include an unsubscribe method where required by law.
If SMS/text messaging is enabled, we will provide disclosures and obtain consent where required before sending automated or marketing text messages. You may opt out of SMS messages using the instructions provided with those messages, though we may still send necessary service communications through other available channels.
13. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the Services, by email, in-app notice, or another reasonable method. Where required by law, we may request consent, provide additional notice, or give you an opportunity to review changes before they apply.
Your continued use of the Services after the effective date of material changes constitutes acceptance of the updated Policy, except where law requires a different process.
14. Contact Us
For questions, privacy requests, appeals, or complaints regarding this Privacy Policy, please contact:
ScanAI Technologies Inc. Privacy Inquiries - Drivurs 19098 63b Avenue, Surrey, BC, Canada, V3S 8G5 Email: legal@drivurs.com Phone: (450) 400-7423
Please include enough information for us to understand and verify your request. Do not send sensitive vehicle, health, financial, government ID, or legal information unless we specifically request it through a secure process.
Canada
Effective date: June 17, 2026
This Privacy Policy explains how ScanAI Technologies Inc. (“ScanAI”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal information in connection with the Drivurs mobile application, website, APIs, and related services (the “Service”) for users located in Canada. In this Policy, “Drivurs” refers to the product and service operated by ScanAI, not to a separate legal entity.
This Policy is designed to support compliance with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), British Columbia’s Personal Information Protection Act (PIPA), other substantially similar provincial private-sector privacy laws, applicable Quebec private-sector privacy requirements, and other privacy, anti-spam, consumer-protection, and data-security laws that may apply to particular features or users.
Because Drivurs may be used across Canada, the privacy law that applies to a particular collection, use, disclosure, retention, access request, correction request, complaint, or cross-border transfer may depend on factors such as your province or territory, the location of a shop or mechanic, the location where a service is requested or performed, and whether information is handled across provincial, territorial, or national borders.
By using the Service, you consent to the collection, use, and disclosure of personal information as described in this Policy, subject to any choices and settings available to you.
1. Who Is Responsible for Your Information?
ScanAI Technologies Inc. operates the Drivurs service and is responsible for personal information collected through it.
For privacy-governance purposes, ScanAI designates a privacy contact / person in charge of personal information. Contact details are listed at the end of this Policy.
2. Information We Collect
We collect the following categories of information:
- Account & profile information
- Display name, username, email address;
- Optional profile details such as avatar, bio, home region, preferences, and interests.
- Vehicle, garage, and modification information
- Vehicle make, model, year, specifications, images, and user-submitted performance information;
- Modification records, parts, costs, notes, dyno results, and related content you choose to upload.
- Community, event, and content information
- Posts, threads, comments, reactions, saved content, community memberships, clubs, and event participation;
- Event details such as title, time, venue, route waypoints, safety notes, waitlist status, run-group assignment, and waiver acknowledgements.
- Location, mapping, and telemetry information
- Approximate or precise location information, depending on the features you enable, your device settings, and the permissions you grant;
- Map interactions, nearby-event searches, event-location selections, and route-related information you choose to create or use;
- If you use racing, timing, or performance features, session metadata and telemetry information associated with those features, which may include GPS-derived speed, acceleration, run or lap timing, and related technical diagnostics.
- Device, technical, and usage information
- Device identifiers, app version, operating system, language, push tokens, and similar technical identifiers;
- Log data such as IP address, timestamps, crash data, security events, and feature-usage information.
- Communications, moderation, and support information
- Messages you send to us, including support requests, feedback, copyright notices, incident reports, and related correspondence;
- Reports, moderation decisions, appeals, enforcement notes, and records created to maintain platform safety and integrity.
- Consent and preference records
- Records of privacy consents, marketing preferences, notification settings, unsubscribe actions, and related compliance logs.
- Shop, provider, and business information
- Shop name, business/display name, owner/operator details, business contact details, public profile content, service categories, service listings, photos, hours, schedule/capacity settings, service areas, shop status, reports, moderation status, and public/private address display settings;
- Address-validation and location-resolution data, such as formatted address, address components, coordinates, timezone, place identifiers, validation status, precision/confidence metadata, verification timestamps, and related audit records;
- Optional or required business attestations, such as licensing, insurance, certification, authorization, tax, workplace-safety, or compliance statements, where supported by the Service.
- Mechanic and team information
- Mechanic profile information, shop affiliations, invite/request status, role/permission status, schedule/availability, skill tags, service eligibility, assigned bookings, customer-facing mechanic information where enabled, and related operational records;
- Information submitted by a shop about a mechanic, including name, email, phone number, invite details, authorization status, and proposed role, subject to invite/claim and consent flows where required.
- Service request, booking, and vehicle-service information
- Service category, requested service, selected shop or mechanic, selected vehicle, service notes, symptoms, photos, mileage, safe-to-drive indicators, appointment preferences, service address for mobile service, booking status, cancellation/reschedule information, messages, estimates/quotes submitted through the Service, review eligibility, and related support records;
- Booking lifecycle records, notification records, transactional email records, delivery status, deep-link metadata, and audit logs needed to operate service requests and appointments.
- Reviews, reports, and trust/safety information
- Shop reviews, mechanic reviews, ratings, review responses, review reports, provider reports, abuse reports, moderation decisions, enforcement notes, appeal records, evidence submitted to us, and records used to prevent fraud, fake reviews, unsafe services, or misuse.
- Legal acceptance and compliance records
- Records of terms, privacy policy, shop agreement, mechanic agreement, service-user terms, consent, attestation, notification preference, unsubscribe, and other legal acknowledgements, including version IDs, timestamps, source, and related technical metadata.
We seek to limit collection to what is reasonable and necessary for the purposes described in this Policy.
3. How We Use Your Information
We use personal information for the following purposes:
- To operate and provide the Service
- Create and manage your account and profile;
- Display community content, garages, vehicles, modifications, and events;
- Enable features such as RSVPs, reactions, messaging, notifications, saved content, mapping, and account security;
- Enable shop, mechanic, service discovery, service request, booking, schedule, team, review, reporting, and service-notification features;
- Validate, standardize, and display shop addresses, mobile-service areas, shop-local timezones, and safe public/private location information;
- Share booking-relevant information with the shop, mechanic, or authorized team members involved in a service request;
- Generate and route transactional service notifications, Activity Hub items, email confirmations, push notifications, and deep links;
- Maintain legal acceptance, role authorization, provider status, and service-readiness records.
- To maintain safety, trust, and integrity
- Enforce our Terms of Service, Community Guidelines, Acceptable Use Policy, and event-related rules;
- Investigate and respond to abuse reports, incident reports, intellectual-property complaints, and suspected violations;
- Prevent, detect, and address fraud, security incidents, and misuse.
- To provide location, event, and recommendation features
- Show nearby events and automotive content;
- Support event planning, route creation, discovery, and participation features;
- Generate recommendations, rankings, or similar product outputs using signals such as your activity, preferences, region, followed communities, or feature usage.
- To communicate with you
- Send service-related emails, push notifications, and in-app messages, including account alerts, event reminders, service request confirmations, appointment updates, booking reminders, shop/team invite notices, review prompts, support messages, legal notices, and policy updates;
- Send optional marketing communications where permitted by law and with consent where required.
- To improve and develop the Service
- Analyze usage patterns to improve performance, reliability, user experience, and features;
- Troubleshoot product issues and evaluate how users interact with features.
- To support service trust, safety, and legal compliance
- Verify or review address/location information for shops and mobile service areas;
- Enforce shop, mechanic, service-user, booking, review, report, and moderation rules;
- Detect fake reviews, undisclosed endorsements, duplicate reports, unsafe service listings, fraud, spam, abuse, unauthorized access, and policy violations;
- Maintain records needed for disputes, legal holds, regulatory inquiries, consumer complaints, privacy requests, safety issues, and auditability.
- To comply with legal and regulatory obligations
- Respond to lawful requests from law enforcement, regulators, or courts;
- Maintain records required by privacy, consumer-protection, tax, accounting, safety, or other legal obligations.
We do not sell your personal information in the ordinary meaning of that term.
4. Consent, Sensitive Features, and Quebec Transparency
Where required by law, we rely on your consent to collect, use, and disclose personal information. In other cases, we may process information where reasonably necessary to provide the Service, comply with legal obligations, protect the Service and our users, or pursue other lawful business purposes consistent with applicable law.
We seek separate or more specific consent where appropriate for features involving more sensitive information, such as:
- precise location permissions;
- optional racing or telemetry features;
- marketing communications;
- optional uploads or disclosures that may contain sensitive personal information;
- service requests and bookings that share vehicle, contact, location, notes, photos, and appointment information with selected shops, mechanics, and authorized provider team members;
- mobile-service addresses and any exact location information needed for a shop or mechanic to provide a requested service;
- shop or mechanic profile information, business attestations, availability, assigned booking information, and public-facing profile content;
- legal acceptance, role authorization, and compliance attestations for shop, mechanic, and service-user features.
If a feature uses technology that identifies you, locates you, or helps profile your preferences or usage patterns, we aim to explain that feature’s purpose and available controls in context, such as in onboarding text, permissions prompts, settings, or supporting disclosures.
For service-related features, we aim to provide in-context disclosures before you submit a service request, create or publish a shop profile, accept a mechanic invitation, provide a mobile-service address, upload vehicle-service photos or notes, or make information public on a shop or mechanic profile. If you submit a service request, we may share the booking-relevant information with the selected shop, assigned or authorized mechanic, and provider team members who need it to respond to or perform the requested service.
If a mobile mechanic or shop uses a private operating base or private service address, we may store the exact address for verification, safety, legal, fraud-prevention, and operational purposes while displaying only a less precise public location or service area where our product and legal settings allow it.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. If you withdraw consent, some features may no longer be available.
5. How We Share Information
We may share personal information with:
- Service providers and vendors Third parties that provide hosting, storage, analytics, mapping, address validation, geocoding, communications, email, push notification, SMS, moderation support, security, payment, customer-support, or similar services on our behalf. These providers only receive personal information as reasonably necessary to perform services for us and are expected to protect it appropriately.
- Other users When you post content, join events, participate in communities, publish profile information, submit reviews, respond to reviews, or use messaging features, certain information will be visible to other users consistent with the product’s functionality, your settings, and applicable law.
- Event hosts and organizers When you RSVP or participate in an event, certain information may be shared with the event host to manage the event, including your display name, associated vehicle information you choose to attach, acknowledgements, and event-related status information.
- Shops, mechanics, and authorized provider team members When you request or manage a service, we may share booking-relevant information with the selected shop, assigned mechanic, authorized mechanics, owners, managers, or provider team members who need it to respond to, manage, perform, reschedule, cancel, complete, review, or support the service request. This may include your display name, contact or messaging details, selected vehicle, service category, appointment time, service notes, photos, mobile-service address, safe-to-drive information, booking status, and related messages or support records.
- Customers and prospective customers If you create a shop or mechanic profile, service listing, public review response, or other public-facing service content, we may display the information you choose to publish or that the Service is designed to display, such as shop name, public address or service area, service categories, photos, hours, availability, ratings, reviews, and public mechanic information where enabled.
- Shops or mechanics that invite or are invited by you If a shop invites you as a mechanic, or you request to join a shop, we may share the information needed to manage that invite/request, including name, contact method, shop affiliation, role status, acceptance/decline status, and related operational metadata.
- Review, report, trust, and safety workflows We may share limited information as needed to process reports, review moderation, abuse prevention, dispute handling, support, enforcement, appeals, or safety workflows. We do not intentionally disclose private reporter details to reported shops or mechanics unless required by law, needed to administer a process fairly, or otherwise disclosed in context.
- Professional advisers and transaction counterparties Lawyers, auditors, insurers, acquirers, financing sources, or counterparties involved in a financing, merger, sale, or similar transaction, subject to appropriate legal protections.
- Law enforcement, regulators, courts, tribunals, consumer-protection bodies, privacy commissioners, and legal process Where required or permitted by law, we may disclose information in response to lawful requests, court orders, subpoenas, warrants, regulator requests, consumer-protection processes, privacy investigations, or to protect rights, safety, or property.
We do not provide real-time tracking or live monitoring services for third parties, including law enforcement, except to the extent we are required by law to disclose information already in our possession.
Shops, mechanics, event hosts, and other independent users may receive personal information through the Service and may have their own legal obligations as independent organizations, businesses, employees, contractors, or individuals. Their use of information outside Drivurs may also be governed by their own privacy practices and applicable law.
6. Cross-Border Processing
Your personal information may be transferred to, stored in, or processed in jurisdictions outside your province, territory, or Quebec, including elsewhere in Canada or outside Canada, where data-protection laws may differ.
When we use service providers or systems located outside your home jurisdiction, we take steps that are intended to protect personal information in a manner appropriate to the sensitivity of the data and the nature of the processing.
Service-related information may also be accessed or processed by shops, mechanics, owners, managers, provider team members, service providers, or support personnel located in a different province, territory, or country from you, where necessary to provide the requested feature or service workflow. We use contractual, technical, and organizational measures intended to protect personal information in a manner appropriate to the sensitivity of the information and applicable law.
7. Data Retention
We keep personal information only for as long as reasonably necessary for the purposes described in this Policy or as otherwise required or permitted by law.
Our baseline retention schedule is described in our Data Retention & Deletion Policy. In summary:
- account records are generally retained while your account is active and for limited post-closure periods needed for deletion processing, fraud prevention, security, dispute handling, or legal compliance;
- event, waiver, moderation, and incident records may be retained longer because of safety, legal, and audit needs;
- logs, breach records, and consent records are retained according to operational and legal compliance requirements;
- shop, mechanic, service request, booking, transactional notification, review, report, legal acceptance, and moderation records may be retained for periods needed to operate the Service, support users, maintain auditability, handle disputes, prevent fraud or fake reviews, comply with legal obligations, and enforce our terms;
- address-validation snapshots, public/private location rules, and provider status records may be retained while a shop or mechanic profile exists and for a reasonable period afterward for safety, fraud-prevention, dispute, legal, and audit purposes;
- service request photos, notes, messages, and mobile-service addresses are retained only as long as reasonably necessary for the purposes described in this Policy, subject to backup cycles, legal holds, safety needs, dispute handling, and account-deletion limits.
If information is no longer required, we seek to delete it, anonymize it, or de-identify it, subject to backup cycles and legal holds.
8. Cookies, Analytics, Location, and Similar Technologies
The Drivurs app and website may use local storage, analytics tools, device identifiers, push tokens, permissions-based location features, and similar technologies to:
- keep you signed in and maintain your session;
- remember your settings and preferences;
- enable notifications;
- understand feature usage, performance, and reliability;
- support event discovery, mapping, safety, service discovery, address validation, booking workflows, and recommendation features.
For further detail, see our Cookie & Tracking Disclosure.
9. Marketing Communications, Transactional Messages, and CASL
We may send:
- service and transactional communications such as account alerts, security notices, legal notices, event updates, service request confirmations, appointment updates, booking reminders, cancellation/reschedule notices, shop/team invite notices, review prompts, support messages, and policy notices; and
- optional marketing communications such as newsletters, promotions, product announcements, offers, or other commercial electronic messages where permitted by law and with consent where required.
For users in Canada, we aim to comply with Canada’s Anti-Spam Legislation (CASL). Optional marketing communications will include identification information and an unsubscribe mechanism where required by law. You can withdraw consent to receive optional marketing communications by using the unsubscribe mechanism in the message or by adjusting available settings in the Service.
Transactional, security, legal, service-request, booking, appointment, team-invite, and account-related communications may still be sent where permitted or required by law, even if you opt out of optional marketing communications or disable optional notification categories. We will still respect hard delivery constraints, legal suppressions, account deletion status, provider bounce/suppression records, and other requirements that prevent or limit delivery.
10. Children and Minor Users
The Service is not intended for children under 13. We do not knowingly allow children under 13 to maintain accounts. If we discover that we have collected personal information from a child under 13 in a manner not permitted by law, we will take steps to delete or de-identify the information.
If you are a parent or guardian and believe your child has provided us with personal information improperly, please contact us.
11. Your Privacy Rights
Subject to applicable law, you may have the right to:
- access the personal information we hold about you;
- request correction of inaccurate or incomplete information;
- request deletion, de-indexing, anonymization, or de-identification of information, subject to legal and operational limitations;
- withdraw consent to certain uses or disclosures;
- object to or restrict certain uses or disclosures where applicable;
- obtain information about how we use and disclose personal information;
- request portability or a copy of certain computerized personal information in a structured, commonly used technological format where applicable law provides that right;
- make a complaint about our privacy practices.
Some information may be difficult or impossible to delete immediately if it is needed for security, fraud prevention, legal compliance, dispute handling, consumer-protection obligations, safety investigations, moderation records, legal acceptance records, completed transactions, backup integrity, or the rights of other users. If we cannot fulfill a request in full, we will respond as required by applicable law.
Many settings can be managed directly in the Service. You can also contact us using the details below. We may need to verify your identity before responding.
Residents of particular jurisdictions, including Quebec, may have additional rights under applicable law. We will respond to rights requests in accordance with the law that applies to the request.
12. Security, Incident Handling, and Breach Records
We implement reasonable physical, organizational, and technical safeguards designed to protect personal information against loss, theft, unauthorized access, disclosure, copying, use, or modification. These measures may include encryption in transit, access controls, logging, and role-based restrictions.
If a breach involving personal information creates a real risk of significant harm or another legal notification threshold under applicable law, we may notify affected individuals, regulators, or others as required by law.
We also keep records of security incidents and breach assessments as required by law, including breach records that may need to be retained for at least 24 months.
For service-related features, we use role-based access controls and backend authorization rules intended to limit booking, customer, vehicle, mobile-service address, shop, mechanic, and team information to users and personnel who need it for the relevant feature, subject to our operational, legal, safety, and support needs.
No system is perfectly secure, and we cannot guarantee absolute security.
13. Third-Party Links & Services
The Service may contain links to third-party websites, apps, or services. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will indicate the latest effective date at the top of the Policy and, where appropriate, provide additional notice.
Where required by law, updates will take effect only after any required notice period.
15. Contact, Complaints, and Regulators
If you have questions about this Privacy Policy, wish to exercise privacy rights, or want to make a privacy complaint, please contact:
ScanAI Technologies Inc. Attn: Privacy - Drivurs / Person in Charge of Personal Information 19098 63b Avenue, Surrey, BC, Canada, V3S 8G5 Email: legal@drivurs.com Phone: (450) 400-7423
You may also have the right to file a complaint with the Office of the Privacy Commissioner of Canada, the Office of the Information and Privacy Commissioner for British Columbia, the Commission d’acces a l’information du Quebec, the Office of the Information and Privacy Commissioner of Alberta, or another privacy regulator that has jurisdiction over your concern.