Effective Date: [Insert Date] | Version 1.1
At After20Solutions Inc., operating as Drivestamp ("Drivestamp", "we", "our", or "us"), we are committed to protecting the privacy and personal information of every individual who interacts with our Platform. This Privacy Policy explains who we are, what personal information we collect, why we collect it, how we use and protect it, and what rights you have in relation to it.
By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.
After20Solutions Inc. is a corporation incorporated under the laws of Ontario, Canada, operating the Drivestamp vehicle condition documentation platform. After20Solutions Inc. acts as the data controller in respect of all personal information collected through the Platform. We are responsible for ensuring that personal information is collected, used, retained, and disclosed in accordance with PIPEDA and, where applicable, the CPPA under Bill C-27.
For any questions or requests relating to this Privacy Policy, please contact our Privacy Officer through the official support channel on the Platform. We will respond within thirty (30) days of receipt.
When an Initiating Party creates a Drive, we collect: (a) the Initiating Party's email address; (b) the email address of the vehicle owner; and (c) the email address of the driver or counterparty. The Initiating Party represents and warrants that all email addresses are accurate and provided with the consent of the relevant individuals.
Payment is processed exclusively by our third-party payment processor. After20Solutions Inc. does not collect, store, or have access to credit card numbers or bank account details.
During a Session, Users submit vehicle images, photographs, and associated data through the Platform. This User Content is processed by our AI systems to generate the Stamp.
When a User accesses the Platform or Drive Record, we automatically collect: IP address and general geographic region; browser type and version; device type and operating system; and the date and time of access.
We collect data relating to User interactions with the Platform, including steps completed within a Session and Drive Record activity. This data is used to maintain session continuity and improve the Platform.
Where an Initiating Party has consented to receive marketing communications, we collect and retain their email address and marketing consent record.
3.1 Platform Delivery — To operate the Platform and fulfill our service obligations, including creating and managing Drives, delivering Smart Links and Drive IDs, providing access to the Drive Record, processing Sessions, generating Stamps, and delivering Stamp PDFs.
3.2 Payment Processing — To facilitate and confirm payment for Session Packages through our third-party payment processor.
3.3 Session Continuity — To maintain the state and progress of an active Session and ensure a consistent User experience within the Drive Record.
3.4 Communications — To send transactional communications necessary to the delivery of the Platform, including Smart Link and Drive ID delivery, Session status notifications, and Stamp PDF delivery.
3.5 AI Model Development and Platform Improvement — To train, test, validate, and improve our artificial intelligence models and Platform features using anonymized and de-identified data derived from completed Sessions.
3.6 Email Marketing — Where an Initiating Party has provided their express consent to receive marketing communications, to send product updates, new feature announcements, and promotional offers. Users may withdraw this consent at any time.
3.7 Legal and Compliance Obligations — To comply with applicable law, respond to lawful requests from regulatory authorities or courts, and enforce our Terms and Conditions of Use.
3.8 Security and Fraud Prevention — To monitor Platform activity, detect and prevent fraudulent or unauthorized use of the Platform, and maintain the security of our systems.
We engage trusted third-party service providers including: (a) cloud hosting providers to host the Platform and store data; (b) email delivery services to transmit transactional and marketing emails; (c) payment processors to handle all payment transactions; and (d) analytics providers to collect and analyze aggregated usage data. All third-party processors are engaged under written agreements requiring them to protect personal information consistently with PIPEDA.
Some of our third-party service providers may store or process data outside of Canada. Where personal information is transferred to a jurisdiction outside Canada, we take reasonable steps to ensure it receives a comparable level of protection to that provided under PIPEDA.
Counterparty email addresses are provided to Drivestamp by the Initiating Party. By providing these email addresses, the Initiating Party represents and warrants that they have the knowledge and consent of those individuals. Counterparty email addresses are used solely for the purpose of automatically delivering the Stamp PDF upon completion of a Session. Drivestamp will not send marketing communications to counterparties without their independent consent.
7.1 Active Drives — For active Drives, After20Solutions Inc. retains all personal information and User Content for so long as is necessary to maintain the Initiating Party's lifetime access to the Interactive Stamp and to fulfill our obligations under applicable law.
7.2 User-Initiated Deletion — Upon user-initiated deletion of an Interactive Stamp, Drivestamp will permanently delete: (a) the personal information of the Initiating Party associated with that Drive; and (b) all vehicle images submitted during the Session. Deletion is permanent and irreversible.
7.3 Anonymized Data Retained After Deletion — Upon deletion, After20Solutions Inc. will retain, in permanently anonymized and de-identified form: AI damage analysis outputs, vehicle metadata including inspection scores and condition classifications, and aggregated usage data. This retained data contains no personal information and is used exclusively to improve the Company's AI models.
7.4 General Retention Periods — Where no deletion is initiated, personal information is retained only for as long as is reasonably necessary for the purposes described in this Privacy Policy, or as required by applicable law.
Under PIPEDA and applicable Canadian privacy law, you have the following rights:
To exercise any of these rights, please contact our Privacy Officer through the official support channel on the Platform.
After20Solutions Inc. implements commercially reasonable technical, administrative, and organizational safeguards to protect personal information, including: encryption of data in transit using TLS protocols; access controls limiting internal access to authorized personnel; use of cryptographically generated Smart Links and Drive IDs; regular review and testing of security practices; and contractual requirements imposed on third-party processors.
The Platform is not directed at individuals under the age of eighteen (18). After20Solutions Inc. does not knowingly collect personal information from individuals under the age of eighteen (18).
The Platform may contain links to third-party websites or services not operated by After20Solutions Inc. This Privacy Policy does not apply to those third-party websites or services.
After20Solutions Inc. reserves the right to update this Privacy Policy at any time. When we make material changes, we will update the effective date and post the revised policy on the Platform. Your continued use of the Platform constitutes acceptance of the revised policy.
This Privacy Policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein, including PIPEDA and its successor legislation.
We use cookies to keep your session running smoothly, understand how you use our Platform, and send relevant emails if you've opted in to marketing. You can choose which cookies to allow.