Privacy Policy

1. Introduction & Contact Information

Welcome to CollisionOS, a cloud-based shop management system designed specifically for auto body repair shops in British Columbia. We are committed to protecting your privacy and handling your personal information responsibly and transparently.

CollisionOS is operated as a sole proprietorship based in Vancouver, British Columbia, Canada. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in compliance with:

• PIPEDA - Personal Information Protection and Electronic Documents Act (Federal Canada)
• BC PIPA - Personal Information Protection Act (British Columbia)
• Other applicable Canadian privacy laws

By using CollisionOS, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Roles & Responsibilities

Understanding who controls your data and who processes it is important for privacy compliance:

2.1 Your Shop (Data Controller / Organization)

As the auto body shop using CollisionOS, you are the data controller (or "organization" under PIPEDA/BC PIPA). This means:

• You decide what customer and vehicle data to collect and enter into CollisionOS
• You determine the purposes for which personal information is collected and used
• You are responsible for obtaining customer consent to collect and use their personal information
• You control who on your team has access to customer data
• You must comply with PIPEDA, BC PIPA, and other applicable privacy laws in your collection and use of customer data

2.2 CollisionOS (Service Provider / Processor)

CollisionOS acts as a service provider (or "processor") on your behalf. This means:

• We process data according to your instructions (i.e., how you use the software)
• We provide the tools for you to manage your customer data, but you control what data is entered
• We secure the infrastructure (cloud hosting, encryption, access controls) to protect the data you store with us
• We do not make decisions about what customer data to collect or how to use it for your business purposes
• We remain accountable for protecting data you entrust to us and ensuring our subprocessors (like Google Firebase) provide comparable protection

2.3 Why This Matters

This distinction is important because:

• You must ensure you have proper consent from your customers before entering their data into CollisionOS
• You are responsible for responding to customer access requests, corrections, and deletion requests for their personal information
• You must comply with privacy laws in your collection and use of customer data
• CollisionOS assists you in meeting these obligations by providing tools (data export, backup, access controls), but ultimate responsibility rests with you as the controller

3. What Information We Collect

We collect various types of information to provide and improve our cloud-based shop management services. Here's what we collect and why:

3.1 User Account Information

When you create an account or authenticate with CollisionOS, we collect:

• Email addresses - Used for all authentication methods and service communications
• Phone numbers - For phone-based authentication and customer contact records
• Display names and profile photos - When you sign in with Google OAuth
• Authentication - Handled by Firebase Authentication; we do not receive or store your plaintext password (Firebase securely hashes passwords using industry-standard methods)
• Account creation timestamps - To manage your subscription and service access

3.2 Shop Business Information

To provide shop management functionality, we collect and store:

• Shop details - Shop name, business address, phone number, email address
• Business configuration - Tax rates (GST/PST/HST), labor rates, currency settings, daily capacity
• Subscription information - Subscription tier (Basic/Premium), user count, billing details
• System settings - Watch folder locations, default settings, preferences

3.3 Customer Personal Information

As part of your repair order management, you may enter customer information including:

• Personal details - Full names, addresses, phone numbers, email addresses
• Insurance information - Insurance provider names, claim numbers, deductible amounts
• GST registration status - For commercial customers
• Vehicle information - VIN (Vehicle Identification Number), make, model, year, color, license plate, odometer readings, paint codes

3.4 ICBC-Specific Data

For shops working with ICBC (Insurance Corporation of British Columbia) claims, we process:

• ICBC claim numbers - Format examples: "CW71973-3-A", "IC123456-7-B"
• CIECA BMS 5.2 XML estimate files - Industry-standard estimate format imported from Mitchell and other estimating systems
• Insurance coverage details - RoadStar, RoadsidePlus, and other ICBC rental programs
• Tow classification - Whether towing was arranged by ICBC or customer-paid
• ICBC supplement numbers and estimate IDs - For tracking revisions and approvals

3.5 Repair & Financial Data

To manage your shop operations, we store:

• Repair orders - Parts lists, labor operations, pricing, job status
• Parts information - Part numbers, descriptions, costs, markups, OEM/Aftermarket/Used classification
• Labor details - Operation codes, labor hours, rates, technician assignments
• Technician records - Names, hourly rates, efficiency ratings, payroll information
• Invoice and estimate totals - Subtotals, tax amounts, discounts, final totals
• Tax breakdowns - GST, PST, HST calculations by jurisdiction
• Vehicle photos - Images of damage, repairs in progress, completed work

3.6 Technical & Usage Data

To improve our service and ensure security, we automatically collect:

• Device information - Browser type and version, operating system, screen resolution
• IP addresses - For security monitoring and fraud prevention
• Usage analytics - Pages visited, features used, time spent (via Google Analytics)
• LocalStorage data - Cached data for offline functionality and faster loading
• Session information - Login timestamps, session duration, activity logs
• Error logs - Technical errors and performance issues to improve service quality

4. How We Use Your Information

4.1 Primary Purposes

We use your personal information to provide and improve our cloud-based shop management services:

• Service delivery - Provide access to CollisionOS features including repair order management, customer records, scheduling, and reporting
• Data synchronization - Sync your data across multiple devices (web browsers, Electron desktop app, mobile devices)
• Multi-user collaboration - Enable multiple team members to access and update shop data in real-time
• Estimate processing - Import and process Mitchell XML and CIECA BMS 5.2 estimate files
• ICBC compliance tools - Provide local compliance checking and ICBC guideline reference tools (no external AI services used; all processing happens locally in your browser)
• Payment processing - Process subscription payments securely via Stripe
• Backup and recovery - Create automatic cloud backups and enable data export/restore functionality

4.2 Secondary Purposes (Optional)

With your consent, we also use your information for purposes beyond what is strictly necessary to provide the service:

• Service improvement and analytics - Analyze anonymized usage patterns to develop new features and improve existing functionality (you can opt out via browser settings or by contacting us)
• Product development research - Study how features are used to guide future development (you can opt out by contacting us)

To opt out of optional analytics and product improvement: Email privacy@collisionos.ca or use browser privacy settings to block analytics cookies. Opting out will not affect core service functionality.

4.3 Purposes That Are Necessary for Service Delivery

The following uses of your information are necessary to provide CollisionOS and cannot be opted out of while using the service:

• Communications - Send service-related notifications including security alerts, subscription reminders, and critical system updates
• Legal compliance - Maintain records for tax purposes (6-year retention per CRA requirements), respond to legal requests, and comply with Canadian regulations
• Security and fraud prevention - Detect and prevent unauthorized access, abuse, and fraudulent activity
• Customer support - Respond to your inquiries and provide technical assistance

4.4 Legal Basis for Processing (PIPEDA Compliance)

We process your personal information based on:

• Consent - You provide explicit consent when creating an account and using our services
• Contractual necessity - Processing is necessary to fulfill our service agreement with you
• Legal obligations - We must retain certain records to comply with Canadian tax laws
• Legitimate interests - Improving our services, ensuring security, and preventing fraud (where consent is obtained or processing is necessary)

5. Data Storage & Security

5.1 Cloud Storage

Your data is stored using industry-leading cloud infrastructure:

• Platform - Google Firebase/Firestore (Google Cloud Platform)
• Encryption in transit - All data transmitted between your device and our servers uses SSL/TLS encryption (HTTPS)
• Encryption at rest - All data stored in Firestore is encrypted using Google's default encryption (AES-256)
• Access controls - Firebase Authentication ensures only authorized users can access their shop's data
• Automatic backups - Firebase provides infrastructure-level backups and redundancy

5.2 Local Storage

For offline access and improved performance, we also store data locally on your devices:

• Browser localStorage - Caches frequently accessed data for faster loading and offline functionality
• Electron desktop app - Stores local database in your computer's AppData folder for desktop access
• User-controlled backups - JSON export files you download are stored only on your device

You control local data: You can clear browser localStorage, uninstall the desktop app, or delete backup files at any time. This does not affect your cloud-stored data.

5.3 Security Measures

We implement multiple layers of security to protect your information:

• Authentication security - Firebase Authentication with secure password hashing (bcrypt), multi-factor authentication support, and session management
• Database security rules - Firestore security rules restrict data access to authorized users only
• Regular security updates - We keep all dependencies and frameworks up to date with security patches
• Access logging - We monitor and log access to detect suspicious activity
• HTTPS enforcement - All connections to CollisionOS use encrypted HTTPS

5.4 Data Breach Notification

In the unlikely event of a data breach involving your personal information, we will:

• Notify affected users - Via email to your registered email address as soon as feasible after determining there is a real risk of significant harm
• Report to Privacy Commissioner - Notify the Office of the Privacy Commissioner of Canada as soon as feasible if the breach poses a real risk of significant harm
• Maintain breach records - Keep records of all breaches for at least 2 years as required by PIPEDA
• Provide details - Explain what information was affected, what we're doing about it, and steps you can take to protect yourself
• Take corrective action - Immediately address the security vulnerability and implement additional safeguards

6. Data Sharing & Third-Party Services

We do not sell, rent, or trade your personal information. However, we work with trusted third-party service providers to deliver and improve CollisionOS. Here's who has access to your data and why:

6.1 Google/Firebase (Cloud Infrastructure)

CollisionOS uses multiple Firebase services, each with different data processing locations:

Firebase Firestore (Database) - Canada:

• Purpose - Storage of all customer data, repair orders, vehicle information, and business records
• Location - Toronto, Canada
• What's stored - Your shop's operational data remains in Canada

Firebase Authentication - United States:

• Purpose - User login, password management, and session handling
• Location - United States (Firebase Auth processes data exclusively in US data centers)
• What's processed - Email addresses, phone numbers (if used for login), IP addresses, authentication tokens

Firebase Hosting (CDN) - Global:

• Purpose - Delivery of the CollisionOS web application
• Location - Global CDN (content cached at edge locations worldwide)
• What's processed - Static application files; request metadata (IP addresses, referrer) may be logged

Privacy policy - Google Privacy Policy

6.2 Google Analytics (Usage Analytics)

• Purpose - Understand how users interact with CollisionOS to improve features and usability
• Data shared - Anonymous usage data (pages visited, features used, session duration), device type, browser type, general location (city/region)
• Privacy policy - Google Privacy Policy
• Opt-out - You can opt out of Google Analytics using browser extensions or settings

6.3 Stripe (Payment Processing)

• Purpose - Process subscription payments securely
• Data shared - Billing name, email address, payment method details (credit/debit card information)
• Important note - We NEVER see or store your full credit card numbers. Stripe handles all payment card data securely and is PCI DSS compliant
• Privacy policy - Stripe Privacy Policy

6.4 Mitchell Connect (Estimate Import)

• Purpose - One-way import of CIECA BMS 5.2 XML estimate files that you provide from Mitchell estimating software
• Data transmission - CollisionOS imports files you manually provide; we do not automatically transmit your data to Mitchell unless you explicitly enable an integration (no such integration currently exists)
• No outbound sharing - This is strictly a file import feature. We do not send repair orders, customer data, or any information back to Mitchell
• How it works - You export estimates from Mitchell as XML files and manually import them into CollisionOS. No automatic API connection or background data sharing with Mitchell

6.5 What We DO NOT Do

To be absolutely clear:

• ❌ We DO NOT sell or rent your personal information to third parties
• ❌ We DO NOT share customer data with ICBC or insurance companies
• ❌ We DO NOT use your data for advertising or marketing purposes beyond our own service
• ❌ We DO NOT share your data with competitors or other auto body shops
• ❌ We DO NOT provide your data to data brokers or marketing companies

7. Cross-Border Data Transfer & Infrastructure Access

7.1 Data Storage and Processing Locations

Different types of data are processed in different locations:

• Customer operational data (repair orders, customer records, vehicle information, invoices) - Stored in Canada (Toronto) via Firebase Firestore
• Authentication data (login credentials, email addresses, IP addresses during login) - Processed in the United States via Firebase Authentication
• Website delivery (application files) - Served globally via Firebase Hosting CDN

7.2 Potential Cross-Border Access

While your data is stored in Canada, there may be limited circumstances where it could be accessed from other jurisdictions:

• Google Cloud subprocessors - Google may use personnel or subprocessors outside Canada for infrastructure management, support, or security purposes
• Technical support - In rare cases, technical support may require authorized Google Cloud Platform personnel to access infrastructure from other jurisdictions
• Legal process - Data could potentially be subject to:
  • Canadian court orders and legal processes
  • US CLOUD Act (allows US law enforcement to request data from US-based cloud providers under certain circumstances)
  • Other foreign laws applicable to Google and its subprocessors

7.3 PIPEDA Compliance & Accountability

Under PIPEDA, organizations must obtain consent for cross-border transfers and use contractual or other safeguards to provide a comparable level of protection. We comply by:

• Transparency - Clearly disclosing that your data is stored in Canada via a US-based cloud provider (Google)
• Consent - Obtaining your explicit consent to this cross-border transfer when you create an account
• Contractual safeguards - We use Google's Firebase/Firestore services under Google Cloud Platform Terms of Service, which include data protection commitments, security controls, and compliance certifications (ISO 27001, SOC 2)
• Technical safeguards - All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Access controls - Firebase Authentication and security rules restrict data access to authorized users only
• Accountability - We remain accountable for personal information transferred to third-party processors and ensure they provide a comparable level of protection through contractual and technical measures

7.4 Your Acknowledgment

By using CollisionOS, you acknowledge and understand that:

• Customer operational data (repair orders, customer records, invoices) is stored in Canada (Toronto region)
• Authentication data (login emails, passwords, session tokens) is processed in the United States via Firebase Authentication
• The web application is delivered globally via Firebase Hosting CDN
• Google is a US-based company, and Google Cloud personnel or subprocessors may access infrastructure from outside Canada for support or management purposes
• Your data could potentially be subject to foreign legal processes (e.g., US CLOUD Act) in addition to Canadian laws

7.5 Data Residency Configuration

We store your operational data in Google Firebase/Firestore's Toronto, Canada data center. Your data is configured to remain within Canada. If our regional configuration changes, this policy will be updated with at least 30 days advance notice.

8. ICBC Data Handling

8.1 What ICBC-Related Data We Process

Many BC auto body shops work with ICBC claims. When you use CollisionOS for ICBC repairs, we process:

• XML estimate files - CIECA BMS 5.2 format estimates containing claim numbers, customer data, vehicle information, and repair details
• ICBC claim numbers - To track and manage ICBC-related repair orders
• Insurance program data - RoadStar, RoadsidePlus, and other ICBC rental coverage programs
• Tow classification - Whether towing was arranged/paid by ICBC or by the customer

8.2 ICBC Compliance Tools

CollisionOS includes ICBC compliance reference tools that help you check repair orders against common ICBC guidelines. Important information about these tools:

• Local processing only - All compliance checking happens locally in your browser; no data is sent to external AI or third-party services
• Reference guidelines only - The compliance rules are based on publicly available ICBC guidelines and may not reflect the most current policies
• Not a substitute for official sources - Always verify procedures with the official ICBC Material Damage Procedures Portal
• No guarantee of compliance - Using these tools does not ensure your shop is compliant with ICBC requirements

Best practice: Use the compliance tools as a quick reference, but always confirm procedures with the official ICBC MDP Portal at mdp.partners.icbc.com before completing repairs.

8.3 Your Responsibilities as a Shop Owner

When you use CollisionOS to process ICBC claim data, you are responsible for:

• Customer consent - Ensuring you have your customers' consent to upload their personal information into CollisionOS
• ICBC vendor compliance - Complying with any ICBC vendor agreements or requirements that apply to your shop (if you are an approved ICBC vendor)
• Verifying compliance information - Checking all compliance tool suggestions against official ICBC documentation
• Data accuracy - Ensuring the ICBC claim data you enter or import is accurate and complete
• Your own ICBC compliance - Maintaining compliance with all ICBC Material Damage Procedures and vendor requirements

8.4 No ICBC Data Sharing

We want to be crystal clear:

• ✅ We DO NOT share your ICBC claim data with ICBC
• ✅ We DO NOT have any data-sharing agreement with ICBC
• ✅ We DO NOT report repair information to ICBC on your behalf
• ✅ ICBC claim data stays within your CollisionOS account (and our cloud infrastructure as described in this policy)

You remain solely responsible for any ICBC reporting requirements that apply to your shop.

8.5 Not an ICBC Vendor

CollisionOS itself is not an ICBC-approved vendor or partner. We are a software tool that shops can use. Whether or not your shop is an approved ICBC vendor is between you and ICBC, not related to your use of our software.

9. Your Privacy Rights (PIPEDA & BC PIPA)

Under Canadian privacy laws (PIPEDA and BC PIPA), you have important rights regarding your personal information. Here's what you can do:

9.1 Right to Access Your Information

You have the right to request and receive a copy of all personal information we hold about you.

How to exercise:

• Self-service export - Use the "Backup Data" function in Settings to immediately download all your shop data as a JSON file
• Request via email - Contact privacy@collisionos.ca to request a copy of your personal information
• Response time - We will respond to access requests within 30 days. We may extend this period where permitted by law (e.g., if the request is complex or voluminous) and will notify you of any extension

9.2 Right to Correction

You have the right to request correction of inaccurate or incomplete personal information.

How to exercise:

• Direct editing - You can update most information directly in the CollisionOS application (customer records, shop settings, etc.)
• Request assistance - Contact support@collisionos.ca if you need help correcting data or if there's an error you cannot fix yourself
• Account information - Update your email address, display name, and profile information in your account settings

9.3 Right to Deletion

You have the right to request deletion of your personal information. We provide self-service tools to delete customer data directly from the application.

What you can delete immediately:

• Customer personal information (name, email, phone, address)
• Customer notes and communication history
• Vehicle information associated with customers
• Marketing preferences and communications

How to delete customer data: Go to Settings → Privacy Rights → Manage Customer Data / Deletion. You can search for customer data and delete or anonymize it directly.

9.4 Right to Withdraw Consent

You can withdraw your consent to our collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions.

How to withdraw consent:

• Stop using the service - You can cancel your subscription and stop using CollisionOS at any time
• Export your data first - Before canceling, use the backup function to export all your data
• Account closure - Contact support@collisionos.ca to request account closure

Consequences of withdrawal: If you withdraw consent, you will no longer be able to use CollisionOS. Your account will be moved to read-only mode, and you will only be able to view and export your existing data.

9.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, machine-readable format.

How we provide portability:

• JSON export - Our backup function exports all your data as JSON files (industry-standard format)
• Includes all data - Export contains repair orders, customers, vehicles, technicians, vendors, settings, appointments, and more
• Import capability - You can restore from backup files or potentially use the data with other systems

9.6 Right to Object/Complain

If you believe we are not handling your personal information in compliance with PIPEDA or BC PIPA, you have the right to complain.

Step 1 - Contact us first:

• Email: privacy@collisionos.ca
• We will investigate your complaint and respond within 30 days

Step 2 - Contact the Privacy Commissioner:

If you are not satisfied with our response, you can file a complaint with:

9.7 No Fee for Access Requests

We do not charge a fee for access requests or exercising your privacy rights, unless your request is clearly unfounded, repetitive, or excessive. In such cases, we may charge a reasonable administrative fee or refuse the request.

10. Cookies & Tracking Technologies

CollisionOS uses cookies and similar technologies to provide functionality and improve your experience. Here's what we use and why:

10.1 Essential Cookies

These cookies are necessary for the service to function and cannot be disabled:

• Authentication cookies - Keep you logged in across sessions (Firebase Authentication)
• Session cookies - Maintain your session state while using CollisionOS
• Security cookies - Protect against CSRF attacks and unauthorized access

10.2 LocalStorage

We use browser localStorage (not cookies) extensively for:

• Offline functionality - Cache data so you can continue working when internet connection is lost
• User preferences - Remember your theme (dark/light mode), sidebar collapse state, and other settings
• Performance - Store frequently accessed data locally to reduce server requests and load times
• Draft data - Preserve unsaved changes in case of browser crash or accidental closure

You control localStorage: You can clear localStorage through your browser settings (typically under "Clear browsing data" > "Cookies and site data"). This will not delete your cloud-stored data, but you will lose offline cached data and preferences.

10.3 Google Analytics

We use Google Analytics to understand how users interact with CollisionOS:

• Data collected - Anonymous usage patterns (pages visited, features used, session duration), device and browser type, general geographic location (city/region level, not specific address)
• Purpose - Identify which features are most used, find usability issues, measure performance, guide product development
• No PII - Google Analytics does not receive your name, email, customer data, or repair order information

How to opt out:

• Install the Google Analytics Opt-out Browser Add-on
• Use browser privacy settings to block analytics cookies
• Use ad-blocking browser extensions that block analytics trackers

10.4 Firebase Analytics

Firebase provides app performance monitoring and crash reporting:

• Data collected - App performance metrics, error logs, crash reports, device information
• Purpose - Identify and fix bugs, monitor service uptime, improve app stability
• No sensitive data - Crash reports do not contain customer PII or repair order details

10.5 No Third-Party Advertising

We do NOT use:

• ❌ Advertising cookies or tracking pixels
• ❌ Third-party advertising networks
• ❌ Retargeting or remarketing cookies
• ❌ Social media tracking pixels (Facebook Pixel, LinkedIn Insight Tag, etc.)

CollisionOS is ad-free and funded by subscriptions only.

11. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations.

11.1 Active Accounts

While your account is active (trial or paid subscription):

• All data remains accessible in your account indefinitely
• Continuous cloud sync and automatic backups
• No automatic deletion of old records
• You control when to delete individual repair orders, customers, or other records

11.2 Expired or Canceled Accounts

When your trial expires or subscription is canceled:

• Account status - Moved to "read-only mode" immediately
• Data access - You can still view all data and export backups
• No editing - You cannot create new repair orders or edit existing records
• Reactivation - You can reactivate your subscription at any time to regain full access

11.3 Retention Periods by Data Type

We retain different types of data for different periods:

Customer Personal Data (deletable anytime):

• Customer contact information (names, phone numbers, addresses, emails)
• Vehicle information (VINs, make/model, photos)
• Notes and communication history
• Retention: You control this data. Delete or anonymize anytime via Settings → Privacy Rights

Your Business Financial Records (your responsibility):

• Invoice amounts and tax calculations
• GST/PST/HST tax breakdowns
• Parts and labor pricing from completed invoices
• Note: CRA requires you to keep your business financial records for 6 years. This is your tax compliance obligation, not ours.

System Logs (90 days - 1 year):

• Security logs and access records
• Error logs and performance metrics
• Retention: Automatically deleted after 90 days to 1 year

11.4 Self-Service Deletion

You can delete customer data at any time:

• Go to Settings → Privacy Rights → Manage Customer Data / Deletion
• Search for customer by email, phone, or name
• Choose to anonymize (keeps RO records) or delete permanently
• Download confirmation report for your records

11.5 Legal Holds

In certain circumstances, we may need to retain data longer:

• Active legal proceedings or investigations
• Government or court orders
• Unresolved disputes or claims

We will notify you if your data is subject to a legal hold.

12. Children's Privacy

CollisionOS is a business management tool designed for commercial auto body shops. Our service is restricted to users 18 years of age or older.

• We do not knowingly collect personal information from anyone under 18
• You must be at least 18 years old and legally able to enter into contracts to create an account
• If we discover that a user is under 18, we will immediately terminate the account and delete the associated data (except as required by law)

If you believe a minor has created an account: Please contact us immediately at privacy@collisionos.ca so we can take appropriate action.

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

13.1 How We Notify You

When we make changes, we will:

• Update the "Last Updated" date at the top of this policy
• Email notification - Send advance notice to your registered email address (at least 30 days for material changes)
• In-app notification - Display a prominent notice in CollisionOS dashboard
• Version number - Increment the version number for tracking purposes

13.2 Material Changes

For significant changes (such as changes to data sharing practices, retention periods, or your rights), we will:

• Provide at least 30 days advance notice
• Require you to acknowledge the updated policy on your next login
• Give you the option to export your data and cancel your account if you disagree

13.3 Acceptance

Continued use of CollisionOS after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the updated policy, you should stop using the service and contact us to close your account.

13.4 Version History

We maintain a version history of our Privacy Policy. You can request previous versions by emailing privacy@collisionos.ca.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

What to include in your message:

• Your name and registered email address
• Nature of your request (access, correction, deletion, complaint, etc.)
• Detailed description of your concern or question
• Any relevant account information (without including passwords)

Response time: We will acknowledge your inquiry within 3 business days and provide a substantive response within 30 days.