• Home
  • Membership
  • Our Services
  • Additional Storage
  • Photography/Videography
  • Mechanical Services
  • Building Access
  • Privacy Policy
  • Account Deletion
  • Contact
  • More
    • Home
    • Membership
    • Our Services
    • Additional Storage
    • Photography/Videography
    • Mechanical Services
    • Building Access
    • Privacy Policy
    • Account Deletion
    • Contact
  • Home
  • Membership
  • Our Services
  • Additional Storage
  • Photography/Videography
  • Mechanical Services
  • Building Access
  • Privacy Policy
  • Account Deletion
  • Contact

Privacy Policy

Westerly Car Club and Vault

 

Privacy Policy for Westerly Car Club

Effective Date: May 16, 2025


1. Introduction

Welcome to Westerly Car Club! This Privacy Policy applies to your use of our website, westerlycarclub.com (the "Website"), and our associated Westerly Car Club mobile application available on Google Play (the "App"). This policy describes how Westerly Car Club ("we," "us," or "our") collects, uses, shares, and protects your personal and sensitive user data. We are committed to protecting your privacy and handling your data in an open and transparent manner.

This Privacy Policy, together with any in-app disclosures, comprehensively discloses how our App accesses, collects, uses, and shares user data. The entity named in our Google Play store listing is Westerly Car Club, which is also named in this policy.

By using our Website or App, you agree to the collection and use of information in accordance with this policy.


2. Developer Information and Privacy Point of Contact

Westerly Car Club [2 Crosswind Road, Westerly, RI] 401-596-6888 Info@WesterlyCarClub.com WesterlyCarClub.com

If you have any questions about this Privacy Policy or our data practices, please contact us at Info@WesterlyCarClub.com.


3. Information We Collect (User Data)

We collect various types of information in connection with the services we provide, including but not limited to:

  • [CRITICAL: ACTION REQUIRED] You MUST replace this section with a detailed list of all personal and sensitive user data your app and website collect. Be specific. Examples include: 
    • Account Information: e.g., Name, email address, username, password, phone number (if collected).
    • Profile Information: e.g., Profile picture, user biography, car make/model/year/VIN (if applicable and collected for club purposes).
    • Location Data: Specify if you collect precise (GPS) or approximate location. For what features? Is it collected when the app is in use or also in the background? (e.g., "Precise location data, with your explicit consent, to display nearby club events or enable location sharing during club drives.").
    • Usage Data: e.g., Features accessed, pages viewed within the app, interaction with content, crash reports, IP address, device type, operating system, app version, resettable device identifiers (like Advertising ID).
    • Communications: e.g., When you contact us for support or provide feedback.
    • Payment Information (if applicable): e.g., "We use a third-party payment processor [Name of Processor, e.g., Stripe, PayPal] to handle membership fees or event payments. We do not directly store your full payment card details. Our processor provides us with transaction confirmation and partial card details for verification."
    • Photos and Media: e.g., If users can upload photos of their cars or events.
    • *Contacts (if applicable): e.g., "If you choose to use our feature to invite friends to the app, we will, with your explicit permission, access your contacts to facilitate this." *
    • Any other data collected through your services or third-party SDKs integrated into your app.


4. How We Use Your Information

We use the information we collect for various purposes, including:

  • To provide and maintain our services: Including account creation, managing your membership, event registration, and facilitating club activities.
  • To personalize your experience: Tailoring content and features to your interests.
  • To communicate with you: Sending service updates, newsletters (with your consent), responding to inquiries, and providing customer support.
  • For App and Service Functionality: To enable features reasonably expected by you, such as displaying event locations on a map if location data is provided.
  • For analytics and improvement: To understand how our users interact with our Website and App, identify areas for improvement, and enhance user experience.
  • For security and fraud prevention: To protect our services, our users, and to detect and prevent fraudulent activity.
  • To comply with legal obligations: Such as responding to valid governmental requests or legal processes.
  • For advertising (if applicable): If we extend the usage of personal and sensitive user data for serving advertising, we will comply with Google Play’s Ads policy. This may involve using data like your general interests (derived from app usage) or approximate location to show relevant ads. We will not use sensitive categories for advertising.
  • Service Providers: We may transfer data as necessary to service providers who assist us in operating our services (e.g., hosting, payment processing, analytics).

5. How We Share Your Information

We do not sell your Personal and Sensitive User Data. "Sale" means the exchange or transfer of personal and sensitive user data to a third party for monetary consideration.

We may share your information in the following circumstances:

  • With Service Providers: We may share your information with third-party vendors, consultants, and other service providers who perform services on our behalf (e.g., payment processors, hosting providers, email service providers, analytics providers). These service providers are contractually obligated to protect your data and use it only for the purposes for which it was disclosed. We ensure that any third-party code (e.g., SDKs) included in our app, and their practices with respect to user data, are compliant with Google Play Developer Program policies, including ensuring they do not sell personal and sensitive user data from our app.
  • For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency), or to protect our rights, property, or safety, or that of our users or others.
  • Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will provide legally adequate notice to users before their personal information is transferred and becomes subject to a different privacy policy.
  • With Your Consent: We may share your information with other third parties with your explicit consent. For example, if you choose to share your car profile publicly within the club community.
  • Aggregated or De-Identified Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for various purposes, including analytics or research.

6. Prominent Disclosure & Consent Requirement

In cases where our App's access, collection, use, or sharing of personal and sensitive user data may not be within the reasonable expectation of the user (e.g., data collection occurs in the background when the user is not engaging with our app, or for sensitive data types like precise location), we will provide:

  • Prominent In-App Disclosure: 
    • This disclosure will be within the app itself, not just in the app description or on a website.
    • It will be displayed in the normal usage of the app and not require the user to navigate into a menu or settings.
    • It will describe the data being accessed or collected.
    • It will explain how the data will be used and/or shared.
    • It will not be placed only in a privacy policy or terms of service.
    • It will not be included with other disclosures unrelated to personal and sensitive user data collection.
  • Consent and Runtime Permissions: 
    • Requests for in-app user consent and runtime permission requests will be immediately preceded by the in-app disclosure described above (if applicable).
    • The consent dialog will be presented clearly and unambiguously.
    • It will require affirmative user action (e.g., tap to accept, tick a check-box).
    • Navigation away from the disclosure (including tapping away or pressing the back or home button) will not be interpreted as consent.
    • Auto-dismissing or expiring messages will not be used as a means of obtaining user consent.
    • Consent must be granted by the user before our app can begin to collect or access the personal and sensitive user data requiring such consent.
    • If we rely on other legal bases to process personal and sensitive user data without consent, such as a legitimate interest under the EU GDPR, we will comply with all applicable legal requirements and provide appropriate disclosures to users, including in-app disclosures as required.


7. Secure Data Handling Procedures

We take the security of your personal and sensitive user data seriously. We implement appropriate technical and organizational measures to protect your data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

  • Encryption: Transmitting personal and sensitive user data using modern cryptography (e.g., over HTTPS).
  • Access Controls: Limiting access to personal and sensitive user data to authorized personnel who need it to perform their job duties.
  • Secure Storage: Storing data on secure servers with appropriate safeguards.
  • Regular Reviews: Regularly reviewing our data collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to systems. While we strive to use commercially acceptable means to protect your Personal Data, remember that no method of transmission over the Internet, or method of electronic storage is 100% secure.


8. Data Retention and Deletion Policy

We will retain your personal and sensitive user data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements, and for providing and improving our services.

  • Account Data: We retain your account information as long as your account is active or as needed to provide you services.
  • Other Data: Other data is retained for the period necessary to support the specific feature or service for which it was collected, or as required by law.
  • Deletion: When your data is no longer needed, we will securely delete or anonymize it. You can request the deletion of your account and associated data as described in Section 10 ("Account Deletion Requirement"). If we need to retain certain data for legitimate reasons such as security, fraud prevention, or regulatory compliance, we will clearly inform users about these data retention practices.


9. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal data, including:

  • Access: The right to access the personal data we hold about you.
  • Rectification: The right to request correction of inaccurate personal data.
  • Erasure (Deletion): The right to request deletion of your personal data, subject to certain exceptions (see Account Deletion below).
  • Restriction of Processing: The right to request that we limit the processing of your personal data.
  • Data Portability: The right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Objection: The right to object to our processing of your personal data.
  • Withdraw Consent: If we rely on your consent to process your data, you have the right to withdraw that consent at any time.
  • Opt-out of Communications: You can opt-out of receiving promotional emails from us by following the unsubscribe link in those emails. To exercise any of these rights, please contact us at Info@WesterlyCarClub.com. We will respond to your request in accordance with applicable law.


10. Account Deletion Requirement

If you have created an account through our App, you have the right to request the deletion of your account and its associated user data.

How to Request Deletion:


  • Web Resource: You can request account deletion by visiting the following web page: [https://westerlycarclub.com/account-deletion] This link is also provided in our Google Play Console listing. Effect of Deletion: When you request deletion of your app account, we will also delete the user data associated with that app account. Temporary account deactivation, disabling, or “freezing” the app account does not qualify as account deletion.

Data Retention for Legitimate Reasons: We may need to retain certain data for legitimate reasons such as security, fraud prevention, or regulatory compliance (e.g., financial transaction records for accounting purposes). If we retain any data after an account deletion request for such reasons, we will clearly inform you about these data retention practices.


11. Children's Privacy

Our Website and App are not intended for use by children under the age of 13 (or a higher age if stipulated by applicable law in your jurisdiction, e.g., 16 in the EEA/UK). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you are aware that your child has provided us with Personal Data without your consent, please contact us at Info@WesterlyCarClub.com. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Our App does not target children and will not include an SDK that is not approved for use in child-directed services.


12. Third-Party Links and Services (including SDKs)

Our Website and App may contain links to other websites or services that are not operated by us, or may include third-party code (e.g., SDKs for analytics, payment processing). If you click on a third-party link or use a feature powered by a third-party SDK, you will be directed to that third party's site or service. We strongly advise you to review the Privacy Policy of every site you visit and every third-party service integrated into our App.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. You are responsible for ensuring that any third-party code (e.g., an SDK) you include in your app, and that third party’s practices with respect to user data from your app, are compliant with Google Play Developer Program policies. We will ensure that our SDK providers do not sell personal and sensitive user data from our app.


13. International Data Transfers (EU-U.S., UK, and Swiss Data Privacy Frameworks)

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, and we access, use, or process your personal information ("EU Personal Information"):

  • We will comply with all applicable privacy, data security, and data protection laws, directives, regulations, and rules.
  • We will access, use, or process EU Personal Information only for purposes that are consistent with the consent obtained from you or another applicable lawful basis.
  • We will implement appropriate organizational and technical measures to protect EU Personal Information against loss, misuse, and unauthorized or unlawful access, disclosure, alteration, and destruction.
  • We will provide the same level of protection as is required by the Data Privacy Framework Principles or the applicable transfer mechanism as described in the Google Controller-Controller Data Protection Terms.
  • We will monitor our compliance with these conditions on a regular basis. If, at any time, we cannot meet these conditions (or if there is a significant risk that we will not be able to meet them), we will immediately notify Google by email to data-protection-office@google.com and immediately either stop processing EU Personal Information or take reasonable and appropriate steps to restore an adequate level of protection. (Note: This section related to notifying Google is quite specific. Ensure this aligns with any direct agreements you might have with Google regarding data processing. If not, a more general statement about using appropriate transfer mechanisms like SCCs might be suitable.)

14. Specific Google Play Requirements:

  • Persistent Device Identifiers: We do not link persistent device identifiers (e.g., IMEI, IMSI, SIM Serial #) to other personal and sensitive user data or resettable device identifiers, except for telephony linked to a SIM identity (which is not a feature of our current app) or enterprise device management apps (which our app is not). Any such use, if ever implemented, would be prominently disclosed to users.
  • Financial or Payment Information or Government Identification Numbers: We will never publicly disclose any personal and sensitive user data related to financial or payment activities or any government identification numbers.
  • Non-public Phonebook or Contact Information: We do not allow unauthorized publishing or disclosure of people's non-public contacts. If our app requests access to contacts (e.g., to invite friends to the club), it will be with your explicit permission and for a clear, user-initiated purpose, as disclosed in Section 3 and at the time of request.
  • Data Safety Section: We have completed a clear and accurate Data safety section for our App in the Google Play Console, detailing our collection, use, and sharing of user data. This information is kept up-to-date and is consistent with the disclosures made in this Privacy Policy.


15. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this Privacy Policy. For material changes, we may also provide a more prominent notice (such as an in-app notification or email).

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Copyright © 2025 Westerly Car Club - All Rights Reserved.

Powered by