Privacy Policy

Effective: June 1, 2026

1. Who we are

This Privacy Policy describes how INU Technologies Inc., a corporation incorporated under the laws of the Province of Ontario, with its registered office at 33 Alyssum Court, Richmond Hill, Ontario L4E 4M7, Canada (“INU Technologies”, “we”, “us”, or “our”), handles personal information in connection with the operation of the CarFix online marketplace (the “Platform”). INU Technologies is the operator of the Platform and is the business that contracts with Customers and Shops. “CarFix” is the brand under which INU Technologies offers the Platform; the legal entity is INU Technologies Inc.

We handle personal information in accordance with the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) (“PIPEDA”); the Act respecting the protection of personal information in the private sector (CQLR c P-39.1), as amended by An Act to modernize legislative provisions as regards the protection of personal information (S.Q. 2021, c. 25) (together, “Quebec Law 25”); Canada's Anti-Spam Legislation (S.C. 2010, c. 23) (“CASL”); and other applicable provincial privacy legislation (including Alberta's Personal Information Protection Act and British Columbia's Personal Information Protection Act).

2. Our approach to privacy and governance

INU Technologies maintains an internal privacy-governance framework that sets out how personal information is classified, collected, used, disclosed, retained, and destroyed; how subprocessors are reviewed; how privacy-impact assessments are carried out where required (including for transfers outside Quebec under Quebec Law 25); how we respond to access, correction, and complaint requests; and how we handle security incidents. The title and contact details of the person in charge of the protection of personal information are set out in Section 19.

We follow the ten fair-information principles established under Schedule 1 to PIPEDA: accountability, identifying purposes, consent, limiting collection, limiting use and disclosure, accuracy, safeguards, openness, individual access, and challenging compliance. This Policy is written in plain language so that you can understand what we do with your information before you provide it. More technical governance documentation is held internally and is available on request, to the extent permitted by law, from the Privacy Officer.

3. What information we collect

We collect different categories of information depending on how you use the Platform. Some information you provide to us directly; some is generated automatically by your device or our systems. We treat the categories marked “private” and “sensitive” below with a higher level of access control than public content.

3.1 Account and contact information (identifying)

Your name, email address, phone number, a salted password hash (we never store passwords in plain text), your account role (customer, shop owner, team member, or administrator), and your notification preferences. For shop owners, we also collect a Know-Your-Customer (KYC) phone number used for verification.

3.2 Vehicle information (sensitive)

Your vehicle year, make, model, and trim; odometer readings; and, if you choose to provide it, your Vehicle Identification Number (VIN), licence plate, and powertrain code. Vehicle service history in your garage is populated from (a) entries you make manually, and (b) appointments completed through the Platform that you chose to associate with a vehicle. Vehicle information is visible to a Shop only when you expressly attach a vehicle to a quote request or a booking with that Shop. Vehicle information is not displayed publicly or shared with other users. VIN data, combined with mileage and service history, can be identifying in combination; we therefore restrict internal access to these fields to the circumstances described in Section 9.

3.3 Private service-coordination content (private)

The description of the problem you submit in a quote request; the list of services you select in a quote request and any flag indicating that you will supply your own parts for a service (a “BYOP” flag); photos you attach to a quote or an appointment; text and voice messages you exchange with a Shop through the in-app messaging feature (voice messages are stored as short audio recordings alongside their text-transcript metadata where available); digital vehicle inspection (DVI) findings recorded by a Shop for a job you authorized; and any warranty record created by a Shop for parts or labor delivered to your vehicle. This content is visible to the Shop you selected and to authorized CarFix staff under the conditions in Section 9. It is not displayed publicly.

3.4 Shop business information

For Shops: business legal name, trade name, business address, opening hours, services offered, pricing, amenities, certifications, specialties, public photos, insurance or licensing details uploaded during onboarding, team member records, and public business contact details. A Shop's public profile page is visible to anyone who visits the Platform; uploaded licensing or insurance documents are not public and are used only for verification and compliance. KYC phone numbers are used for verification and are not displayed as public business contact numbers. Shops can provide separate public business contact channels for profile visitors.

Shop-managed operational records. Shops on paid plans may use, depending on their subscription tier, additional internal record-keeping features that store business data about jobs done for Customers: inventory and parts(the Shop's own SKU list, stock counts, parts metadata, and per- appointment deductions); warranty tracking (warranty records the Shop creates for parts and labour delivered to a Customer's vehicle, including coverage period and Customer reference); and internal noteswritten by Shop staff about a Customer or appointment. Inventory data and internal notes are visible to Shop staff only and are not shared with Customers. Warranty records created for a Customer's vehicle are visible to that Customer through their CarFix account so the Customer can see the coverage attached to their work.

Shop-owner identity verification (Stripe Identity). As part of Shop-owner onboarding, we use Stripe Identity to verify the identity of the individual creating the Shop account. The Shop owner uploads a government-issued identity document (such as a driver's licence or passport) and a real-time selfie directly to Stripe through Stripe's hosted verification flow. The document image and the selfie are sent to Stripe; CarFix does not see, receive, or store the image of the document or the selfie. Stripe returns to us only the verification outcome (verified, requires action, or failed), the document type, and limited non-image metadata necessary to record that we performed verification. Stripe's handling of the underlying biometric and document data is governed by Stripe's own privacy notice. We retain the verification result for as long as the Shop account exists and for the period set out in Section 12.

3.5 Reviews and ratings (public)

Ratings and written reviews that you publish about a Shop after a completed service. Reviews are displayed publicly on the Shop's profile, and the name or handle you have chosen on your account is displayed with each review.

3.6 Support communications

The content of support tickets, emails, and chat messages you send to our support team, together with any attachments you upload.

3.7 Subscription billing information (Shops only)

CarFix bills subscribed Shops for the cost of their monthly or annual plan. For this purpose only, our Subscription Payment Processor, Stripe Payments Canada, Ltd. and its affiliates, provides us with a transaction identifier, the card brand, the last four digits of the card, the billing postal code, and the outcome of each charge. We do not receive or store full card numbers, CVV values, or full billing addresses. CarFix does not process, receive, or route any payment between a Customer and a Shop for repair services.

3.8 Technical and security information

  • Usage data. Pages and screens visited, features used, click and tap events, and session timestamps.
  • Device and connection data. IP address, user-agent string, browser type, operating system, device type, and coarse language and time-zone settings.
  • Security and abuse-prevention signals. Login attempts, rate-limit triggers, suspicious-pattern flags, and CAPTCHA results.
  • Cookies. Session and preference cookies used to keep you signed in and to remember settings. We do not use third-party advertising cookies.
  • Performance and product analytics. When you visit the Platform we record aggregated, non-identifying performance metrics (page-load timings, Core Web Vitals) and product-usage events (page views, navigation events) through Vercel Analytics and Vercel Speed Insights. These signals are processed in pseudonymous form by Vercel, our hosting provider, and are used only to operate and improve the Platform. We do not link analytics events to your account identifier or use them to target advertising.
  • Push notification subscriptions. If you enable browser or device push notifications, we store the push subscription endpoint and the associated authentication keys provided by your browser or device push service (such as Apple Push Notification service, Google Firebase Cloud Messaging, or Mozilla's autopush). This subscription information is technical infrastructure used only to deliver notifications you have asked to receive; it is deleted from our database when you disable notifications in your account settings or when your browser revokes the subscription.

3.9 Approximate location (user-provided)

A city or postal code you type into the shop-search form so that we can show you nearby Shops. We do not collect precise device GPS coordinates. If a future feature requires GPS, we will ask for your permission separately through your browser or device before enabling it.

4. Required versus optional information

Some information is required for the Platform to work; other information is discretionary. If you choose not to provide the required information, we may not be able to provide the corresponding feature.

  • Required to create an account: name, email address, phone number, password.
  • Required to submit a quote request: vehicle make, model, year, and a description of the issue.
  • Required to book an appointment: a confirmed account, the accepted quote, and the time slot you select.
  • Required for a Shop to go live: business name, address, services, opening hours, owner contact details, and owner identity verification.
  • Optional everywhere: VIN and licence plate, mileage logs, photos attached to a quote, avatar image, social-media links, secondary contacts on your account, and marketing communications.
  • Optional per search: city or postal code; you can browse without entering either.

We rely on your consent to collect, use, and disclose personal information. Consent may be express (for example, ticking an opt-in box) or implied from the circumstances (for example, submitting a quote request implies that the information in the request may be sent to the Shops you selected). You may withdraw consent at any time, subject to reasonable notice and to legal or contractual restrictions, by contacting our Privacy Officer using the details in Section 19. Withdrawing consent may limit our ability to provide some or all of the Platform's features.

Marketing communications require separate, express opt-in consent. Creating an account, submitting a quote request, or booking an appointment does not, by itself, constitute consent to receive marketing (see Section 13).

5. How we use your information

We use the information described in Section 3 for the purposes below, and only to the extent necessary for each purpose:

  • To create and maintain your account and to authenticate your sessions.
  • To operate the marketplace, match Customers with Shops, and deliver quote requests, quote responses, bookings, and appointment confirmations.
  • To share a Customer's phone number with the selected service provider only after the Customer accepts a quote or books an appointment, so the provider can coordinate the authorized service.
  • To provide informational features, including maintenance reminders, mileage prompts, warranty tracking, and recall notifications relayed from the U.S. National Highway Traffic Safety Administration (NHTSA).
  • To bill subscribed Shops for their CarFix plan and to handle accounting, chargebacks, invoices, and tax reporting related to that subscription billing.
  • To send service-related communications (booking confirmations, reminders, policy updates, security alerts). These are transactional and are not marketing. We do not issue payment receipts for customer-to-shop transactions; the receipt for services paid at the counter is issued by the Shop directly to the Customer.
  • To send marketing communications, only where you have given separate express consent.
  • To provide customer support and to investigate issues reported by you or by another user.
  • To detect, investigate, and prevent fraud, abuse, spam, credential compromise, security incidents, and breaches of our Terms of Service.
  • To comply with legal obligations, respond to lawful requests from regulators, law-enforcement authorities, or courts, and to establish, exercise, or defend legal claims.
  • To measure how features are used and to improve the Platform, using aggregated or de-identified information that does not identify you individually.

We do not sell your personal information, and we do not rent or trade it. We do not use your personal information to target third-party advertising to you on other platforms.

6. What CarFix does not do

To avoid any ambiguity about how your data flows, the following activities are outside the scope of the Platform:

  • CarFix does not process or route payments between a Customer and a Shop for repair, maintenance, diagnostic, or any other motor-vehicle service. Service payment happens directly between the Customer and the Shop at the appointment.
  • CarFix does not store full payment card numbers, CVV values, or full billing addresses.
  • CarFix does not collect customer deposits, does not issue refunds for repair services, and does not operate a payout system to Shops for those services.
  • CarFix does not sell, rent, or trade your personal information to advertisers or data brokers.
  • CarFix does not share your personal information with third-party generative artificial intelligence providers for the purpose of training their models.
  • CarFix does not collect precise device GPS coordinates without your permission.
  • CarFix does not knowingly collect personal information from individuals under the age of 18 (see Section 18).

7. Service providers and what data they receive

We rely on the third-party service providers (subprocessors) listed below to operate the Platform. Each provider is engaged under a written agreement that restricts its use of personal information to the services we engage it to perform and requires appropriate safeguards. The description against each provider is the category of personal information that reaches it in the normal course of operations.

  • Supabase (Supabase Inc.). Primary database and file storage, Canadian region. Receives and stores all structured Platform data, including account records, vehicle data, quote and appointment records, private messages, review content, and uploaded files.
  • Vercel (Vercel Inc.). Application hosting and global edge network. Processes inbound HTTPS requests, request logs (including IP address and user-agent), performance telemetry, and build artifacts. User content is served from Vercel's edge without persistent storage on Vercel beyond standard request logs. Also provides Vercel Analytics and Vercel Speed Insights, which collect pseudonymous page-view, navigation, and Core Web Vitals metrics used to monitor Platform performance; these analytics signals are not linked to your account identifier and are not used for advertising.
  • Stripe (Stripe Payments Canada, Ltd. and its affiliates). Used for two distinct purposes, each scoped to Shops only. (i) Subscription billing. Receives the Shop owner's name, email address, billing postal code, and card details entered at checkout, and returns a transaction identifier and outcome. (ii) Stripe Identity verification for Shop-owner KYC during onboarding. The Shop owner uploads a government-issued identity document (such as a driver's licence or passport) and a real-time selfie directly to Stripe through Stripe's hosted flow; CarFix does not see or store the document image or the selfie. Stripe returns to us only the verification outcome, the document type, and limited non-image metadata required to record the result. Stripe is not engaged for Customer-to-Shop payments, and no payments between Customers and Shops pass through Stripe.
  • Resend (Plus Five Five, Inc.). Transactional email delivery. Receives the recipient's email address and the subject and body of each outgoing email we send on your behalf.
  • Twilio (Twilio Inc.). SMS delivery for appointment reminders, status updates, and security codes. Receives the recipient's phone number and the text of each message. Twilio does not receive account identifiers or contact directories.
  • Upstash (Upstash, Inc.). Used for two purposes: (i) rate-limiting and short-lived key-value storage (Upstash Redis), which receives non-identifying keys derived from IP address or user ID and numeric counters; and (ii) reliable and sometimes time-delayed delivery of notifications (Upstash QStash), such as appointment reminders and other transactional and account notifications. For an email routed through this queue, the job payload includes the recipient's email address and the subject and body of the message; for an SMS or push notification it includes the recipient's phone number or device token and the message text. These payloads are held only transiently, until the notification is delivered. Authentication messages such as password-reset and email-verification links are sent without passing through this queue, and QStash never receives passwords, payment-card details, or identity documents. Upstash Redis receives no message content or contact information.
  • Sentry (Functional Software, Inc., d.b.a. Sentry). Technical error monitoring used for security and reliability. Receives stack traces, exception messages, request paths, HTTP status codes, and a limited set of request metadata. Personal identifiers, request bodies, and user-submitted field values are scrubbed before transmission through our Sentry configuration. We use Sentry because it is necessary to detect and fix faults in the Platform; it is not used for analytics or advertising.
  • Google (Google LLC). Two integrations: Sign in with Google for optional account creation, and Google Maps Platform (Places Autocomplete, Maps JavaScript, Geocoding) for address entry and Shop-location mapping. See Section 8 for the full description of what each Google integration accesses, how we use it, and how to disconnect.
  • NHTSA (U.S. National Highway Traffic Safety Administration). Public recall-lookup API. Receives the VIN of a vehicle when a recall check is requested for it. NHTSA does not receive Customer identifiers.

We may also disclose personal information to professional advisers (such as lawyers and auditors), and to regulators, law-enforcement authorities, or courts, where required by law, pursuant to valid legal process, or to establish, exercise, or defend legal claims.

8. Google API Services and the Limited Use requirements

CarFix integrates with several services operated by Google LLC (“Google”) to provide core Platform functionality. This Section describes what information from those services we access, how we use it, how we store and protect it, and how you can disconnect or request deletion. CarFix's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. You can review the Google API Services User Data Policy at developers.google.com/terms/api-services-user-data-policy.

8.1 Sign in with Google (optional account creation)

Both Customers and Shops may choose to create or sign in to a CarFix account using “Sign in with Google” instead of an email-and-password registration. When you sign in with Google we receive your name, your Google account email address, and the URL of your Google profile picture (which becomes your initial CarFix avatar). We do not request any additional Google scopes during this flow beyond the standard OpenID Connect basics (openid, email, profile).

We use this information solely to create or authenticate your CarFix account and to populate your basic profile. The OAuth refresh token issued by Google is stored encrypted in our primary database so we can re-authenticate your session without prompting you to sign in to Google again on every visit. You can revoke CarFix's access at any time by signing in to your Google Account at myaccount.google.com/permissions and removing CarFix from the list of connected apps, or by deleting your CarFix account from your account settings, in which case your stored tokens are deleted on the schedule set out in Section 12.

8.2 Google Maps Platform (Maps, Places Autocomplete, Geocoding)

CarFix uses Google's Maps Platform APIs to support address entry during quote requests and Shop onboarding (Places Autocomplete), to display the location of Shops on a map (Maps JavaScript API), and to resolve postal addresses to and from geographic coordinates (Geocoding API). These integrations are used by both Customers and Shops and do not require Google sign-in.

When you type an address into a CarFix input field, the text fragments you type are sent to Google's Places Autocomplete API through our server-side proxy so that Google can return matching suggestions. We do not send your account identifier, the contents of any other Platform field, or any other personal information to Google as part of an autocomplete request. When a Shop location is displayed on a map, the latitude and longitude of the Shop are sent to Google to render the map tiles. Geocoding requests send a postal address to Google to retrieve matching coordinates, or a coordinate to Google to retrieve the corresponding address.

We do not retain Google Maps Platform responses beyond what is needed to fulfill your immediate request. Coordinates we receive for a Shop location are stored on the Shop record so that we do not have to call Google again to display the same map; coordinates derived from Customer-entered addresses are retained only for the lifecycle of the related quote request, on the schedule set out in Section 12.

8.3 Limited Use commitment

Our use of information accessed through Google APIs is subject to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We use Google API data only to provide and improve the user-facing features described in this Section (account sign-in, address entry, mapping).
  • We do not sell, rent, or licence Google API data to any third party for advertising, marketing, lead generation, or analytics.
  • We do not use Google API data for advertising or to retarget you on or off the Platform.
  • We do not use Google API data to train, fine-tune, or otherwise contribute to any artificial-intelligence or machine-learning model, whether operated by us or by a third party.
  • We do not allow human read access to Google API data except (i) where you provide affirmative agreement for a specific session, (ii) where necessary for security purposes (such as investigating an integrity issue or a suspected breach), (iii) where required to comply with applicable law or valid legal process, or (iv) for internal operations on de-identified data that cannot reasonably be re-associated with you.

8.4 Disconnecting and requesting deletion

  • Sign in with Google: sign in to your Google Account at myaccount.google.com/permissions and remove CarFix from the list of connected apps, or delete your CarFix account from your account settings.
  • All Google-sourced data: contact our Privacy Officer using the details in Section 19, identifying the integration the request concerns.

9. When CarFix staff can access your data

Access to personal information by INU Technologies personnel is limited to what is reasonably necessary for an authorized business purpose. Access is role-based and logged. Staff may access the categories of information in Section 3, including private service-coordination content (quote descriptions, photos, and in-app messages) and vehicle information, only in the following situations:

  • When responding to a support ticket or enquiry you have submitted, and only to the extent necessary to answer it.
  • When investigating a report of abuse, harassment, fraud, safety risk, or a breach of our Terms of Service, and only to the extent necessary for that investigation.
  • When reviewing a Shop application or an audit flag related to Shop verification.
  • When operating, debugging, or repairing the Platform, in which case personal identifiers are minimized or pseudonymized where possible.
  • When responding to a lawful request from a regulator, law-enforcement authority, or court, after a reasonableness check.
  • When establishing, exercising, or defending a legal claim that involves your use of the Platform.

Staff access to these categories is subject to access controls and is recorded in an internal audit log. We do not allow staff to browse private messages, vehicle information, or quote content for curiosity, marketing, or any purpose outside the situations listed above.

10. Storage location and cross-border processing

Our primary application database and Customer file storage are hosted in Canada. Some service providers listed in Section 7 are based outside Canada or operate global infrastructure, and may process limited personal information outside Canada in the course of providing their service. In particular:

  • Vercel's edge network and CDN may route requests through points of presence outside Canada.
  • Stripe may process subscription-billing data in the United States and in other jurisdictions where its infrastructure operates.
  • Resend (Plus Five Five, Inc.), our transactional email provider, processes outgoing email on infrastructure located in the United States (Amazon Web Services, US East region). The personal information involved is limited to the recipient's email address and the contents of the message we send, which may include your name and details of your quotes, bookings, or vehicles. Resend processes it solely to deliver email on our behalf, under a written data-processing agreement requiring comparable safeguards, and INU Technologies Inc. remains accountable for it.
  • Twilio, Sentry, Upstash, and Google may operate from, or route traffic through, the United States or other jurisdictions.
  • NHTSA recall queries are sent to servers operated by the United States government.

Where personal information is transferred outside Canada, it may become subject to the laws of the foreign jurisdiction, including laws permitting access by foreign courts, law-enforcement authorities, and national-security agencies. We require our service providers to protect personal information at a comparable standard through contract, and we conduct a privacy-impact assessment before engaging a new provider that will handle personal information outside Quebec, as required under Quebec Law 25 (section 17). You may contact our Privacy Officer for more details about a particular transfer.

11. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information against loss, theft, and unauthorized access, disclosure, copying, use, or modification. These include: encryption in transit (TLS); encryption at rest for our primary database; salted-hash password storage; role-based access controls; separate environments for development, staging, and production; security logging and monitoring; rate limiting; application-layer input validation; and periodic review of access rights, dependencies, and security configurations. No method of electronic storage or transmission is perfectly secure, and while we use commercially reasonable means, we cannot guarantee absolute security.

12. Retention

We keep personal information only for as long as reasonably necessary for the purposes for which it was collected, for legal or regulatory obligations, or for the establishment, exercise, or defence of legal claims. Our retention periods by category are, at the date of this Policy, approximately:

  • Account records. For as long as your account is open, plus thirty (30) days after you request deletion, after which personal identifiers are removed or irreversibly anonymized.
  • Unverified accounts. If you create an account using email and password and you have not verified your email address, your account record is automatically deleted thirty (30) days after creation, on a once-daily run, provided no quotes, appointments, or shops are associated with it. In addition, if another person attempts to register an account with the same email address you used, and your account has been unverified for more than seventy-two (72) hours, your unverified record may be removed at that point to release the email back to its real owner. These behaviours are designed to prevent email-squatting and to ensure that abandoned accounts do not retain personal information indefinitely.
  • Vehicle and garage data (including VIN). While the vehicle is in your garage. If you remove a vehicle, we retain it for up to twelve (12) months for fraud prevention and dispute support, unless a longer period is required by law. On account deletion, vehicle data is handled on the same schedule as account records.
  • Quote requests and appointments. Twenty-four (24) months from the date of the quote or the appointment, for service continuity, warranty support, and dispute resolution.
  • In-app messages and chat transcripts. Twenty-four (24) months from the last message in a thread.
  • Photos attached to a quote or appointment. While the related quote or appointment is retained, plus twelve (12) months.
  • Reviews. While the reviewing account exists and the Shop remains on the Platform. Removed reviews are retained in an internal archive for up to twelve (12) months in case of appeal.
  • Subscription-billing records (Shops). Seven (7) years, consistent with the Canada Revenue Agency's general books-and-records retention requirement.
  • Security, audit, and abuse-prevention logs. Twelve (12) months, with shorter retention for verbose debug logs.
  • Marketing-consent records. For the period you are opted in, and for three (3) years after withdrawal of consent, to demonstrate compliance with CASL.
  • Privacy-incident and breach register. At least twenty-four (24) months, as required by the Breach of Security Safeguards Regulations (SOR/2018-64).

After the applicable retention period, we delete personal information or irreversibly anonymize it. In some cases, such as legal holds or active investigations, a longer retention period may apply.

13. Marketing communications and CASL

CASL requires consent before most commercial electronic messages may be sent to a Canadian recipient. We treat marketing email, marketing SMS, and marketing push notifications as subject to CASL. We request your consent separately from acceptance of the Terms of Service, through an unchecked opt-in box or equivalent affirmative action. We keep a record of the date, method, and scope of your consent.

You may withdraw marketing consent at any time by: using the unsubscribe link in an email; replying STOP to an SMS; turning off push notifications in your device or account settings; or emailing privacy@carfix.to. Withdrawal takes effect within ten (10) business days, which is the maximum period permitted by CASL. Service-related communications (booking confirmations, reminders, security alerts, policy updates, warranty or recall notifications for vehicles you have added to your garage, and one-time email-verification follow-up reminders) are not marketing and are not subject to CASL consent.

Marketing suppression for unverified accounts. As an additional safeguard, we do not send marketing communications to an email address whose ownership has not been verified through the activation link sent at signup, even where a consent flag was captured. Once you verify your email address by clicking the activation link, marketing communications you consented to begin sending normally. This safeguard exists so that a commercial message cannot reach an inbox whose owner has not affirmatively confirmed receipt.

14. Your rights

Under PIPEDA, Quebec Law 25, and other applicable provincial privacy legislation, you have the rights set out below. Each right is subject to the conditions, exceptions, and limits imposed by the applicable legislation.

  • Access. You may ask us for a copy of the personal information we hold about you, together with a description of how it is used and to whom it has been disclosed, subject to limits under PIPEDA section 9 (for example, information subject to legal privilege or that would reveal personal information about another individual).
  • Correction. You may ask us to correct information that is inaccurate, incomplete, or out of date.
  • Withdrawal of consent. You may withdraw consent to the collection, use, or disclosure of personal information, subject to reasonable notice and to legal or contractual restrictions. Withdrawing consent may prevent us from providing some or all of the Platform to you.
  • Deletion. You may ask us to delete personal information, subject to the retention periods in Section 12, legal obligations that require us to keep it, and interests that legitimately outweigh the request (such as active dispute resolution or a legal hold).
  • Portability (Quebec Law 25). Where technically feasible and legally required, you may ask us to provide, in a structured and commonly used technological format, the computerized personal information you have given us.
  • De-indexing and cessation of dissemination (Quebec Law 25, section 28.1). Where the conditions set out in that section are met, you may ask us to stop disseminating your personal information or to de-index a hyperlink that is causing serious injury to your reputation or privacy.
  • Automated decision-making (Quebec Law 25, section 12.1). Where a decision that affects you is made based exclusively on automated processing of your personal information, you may ask to be informed of the information used, the reasons and principal factors that led to the decision, and the right to have the decision reviewed by a human. At the date of this Policy, CarFix does not make exclusively automated decisions that produce legal or significant effects on users.
  • Objection to marketing. You may object to the use of your personal information for marketing at any time, using the channels described in Section 13.

To exercise any of these rights, contact our Privacy Officer using the details in Section 19. We will acknowledge your request promptly and will respond within thirty (30) days, or within a shorter period where required by law. We may ask for information necessary to confirm your identity before processing your request. Exercising any of these rights is free of charge unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, and we will tell you the reason.

15. Use of automated tools

The Platform does not send your personal information to third-party generative artificial intelligence providers, and does not use third-party generative AI to produce content that is shown to you. The instant-estimate tool, which displays a rough price range while you describe a repair, calculates that range entirely from anonymized historical quote totals in your area on the Platform, together with a static fallback table; it does not send your input outside the Platform. Outputs of this tool are informational only, are not a quote, do not bind any Shop, and are not used to make significant-effect automated decisions about you.

We do not sell, licence, or otherwise make your personal information available to third-party providers of generative AI for the purpose of training their models. We may use aggregated or de-identified information derived from Platform activity (which does not identify you individually) to improve the Platform's own features, such as search relevance, fraud detection, and service-quality measurement.

16. Breach notification

Where a breach of security safeguards creates a real risk of significant harm to an individual, we will notify the Office of the Privacy Commissioner of Canada and the affected individuals as soon as feasible, as required by PIPEDA and the Breach of Security Safeguards Regulations (SOR/2018-64). Where Quebec Law 25 applies to the incident, we will also notify the Commission d'accès à l'information du Québec (“CAI”). Where a provincial privacy statute imposes additional or different notification obligations (for example, in Alberta under the Personal Information Protection Act), we will comply with those obligations as well. We maintain an internal register of confidentiality incidents and breaches of security safeguards for at least twenty-four (24) months, and we will provide a copy of that register to the OPC or CAI on request.

17. Complaints process

If you have a concern about how your personal information has been handled, please raise it with our Privacy Officer first so that we have an opportunity to investigate and respond. The process is as follows:

  • How to submit. Email privacy@carfix.to or write to the address in Section 19. Please describe the concern as specifically as you can, including the account email or other identifier we can use to find the relevant records, the dates or time period in question, and what outcome you would like.
  • Acknowledgement. We will acknowledge receipt within five (5) business days.
  • Investigation and response. We will investigate the concern and provide a written response within thirty (30) days of the initial complaint, or within a shorter period where required by law. If the matter is complex and we need longer, we will tell you the reason and give you a revised timeline.
  • Outcome. Our written response will state the outcome, the reasons for our decision, any remedial action we are taking, and your right to escalate to a regulator.
  • Escalation. If you are not satisfied with our response, you may file a complaint with:
    • the Office of the Privacy Commissioner of Canada (priv.gc.ca);
    • if you are resident in Quebec, the Commission d'accès à l'information du Québec (cai.gouv.qc.ca);
    • the Office of the Information and Privacy Commissioner in Alberta or British Columbia, where applicable to your circumstances; or
    • the Canadian Radio-television and Telecommunications Commission (crtc.gc.ca) for complaints relating to CASL.

18. Children, minors, and parent or guardian involvement

The Platform is not directed to children, and we do not market the Platform to minors. We do not collect date of birth from ordinary customer accounts, because date of birth is not required for the basic use of the Platform.

By creating an account, submitting a quote request, or booking an appointment, you confirm that you are legally able to enter into the governing agreement in your province or territory, or that you are using the Platform with the involvement and consent of a parent or legal guardian who accepts responsibility for that use. Where a person below the age of majority uses the Platform with parent or guardian involvement, the parent or guardian is the responsible party for the account and for the information submitted through it.

We do not knowingly collect personal information from a person we know to be a minor without appropriate parent or guardian involvement. If we learn that we have, we may delete the information, restrict the account, or take other appropriate steps. Shop-owner and business accounts may be created only by individuals who are legally able to bind the business they represent.

If you believe we hold information about a minor without appropriate parent or guardian involvement, please contact our Privacy Officer using the details in Section 19 and we will take appropriate steps.

19. Contact and changes to this Policy

If you have a question about this Policy, wish to exercise a right described in Section 14, or wish to file a complaint, please contact:

Privacy Officer
INU Technologies Inc. (operating as CarFix)
33 Alyssum Court
Richmond Hill, Ontario L4E 4M7
Canada
Email: privacy@carfix.to

We may update this Policy from time to time. If we make a material change, we will notify you by email, in-app notice, or a prominent notice on the Platform at least thirty (30) days before the change takes effect, unless a shorter period is required to address a legal or security risk. The effective date at the top of this Policy indicates when it was last updated. Earlier versions of this Policy are available from the Privacy Officer on request.