Privacy Policy

Last updated: May 9, 2026

1. Introduction

ClubSport ("we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our vehicle co-ownership platform and management tools ("Services").

By using ClubSport, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide when you:

  • Create an account and profile
  • Add or manage vehicle information
  • Track expenses and maintenance records
  • Communicate with co-owners through our messaging system
  • Use Rhodes AI (our AI assistant) via web chat or SMS
  • Subscribe to membership plans
  • Contact customer support

This personal information may include:

  • Name, email address, and phone number
  • Profile information and avatar images
  • Payment information and billing details
  • Vehicle ownership documentation and records
  • Expense receipts and financial records
  • Communications and messages between co-owners
  • Rhodes AI: Messages you send to Rhodes (web chat, SMS), your linked phone number, and conversation history

2.2 Vehicle Information

We collect and store vehicle-related data including:

  • Vehicle identification numbers (VINs)
  • Make, model, year, and specifications
  • Ownership percentages and arrangements
  • Maintenance history and schedules
  • Vehicle photos and documentation
  • Insurance information and policy details
  • Market value estimates and appraisals

2.3 Usage and Technical Information

We automatically collect certain information when you access our Services:

  • Device information (IP address, browser type, operating system)
  • Usage patterns and feature interactions
  • Log data and error reports
  • Cookies and similar tracking technologies
  • Location data (if enabled)

2.4 Mobile Applications (iOS and Android)

If you access ClubSport through our native mobile applications (including apps that present our Services in a secure web view), we may collect and use the following in addition to the categories above:

  • Push notification tokens. With your permission, we collect and store a device push token (or registration identifier) issued by Apple or Google and associated with your ClubSport account. We use tokens only to deliver notifications you have opted into (for example, account, co-ownership, or service alerts). Delivery is handled by Apple Push Notification service (APNs) and, on Android, Google Firebase Cloud Messaging (FCM) or successor services. A push token can act as a device-level identifier for notification routing; it is not used for third-party advertising by ClubSport.
  • Biometric authentication (Face ID, Touch ID, fingerprint, or similar). If you choose to enable biometric unlock for the app, biometric verification is performed on your device by your operating system. ClubSport does not receive, store, or transmit your raw biometric data. We may store only a minimal app-specific indicator (for example, that you enabled unlock on this device) using the device's secure storage, solely to streamline access to the Services you are already logged into.
  • Device and app technical data. We may collect information such as device model, operating system version, app build version, and diagnostic or crash data (for example, via our error monitoring providers) to operate, secure, and improve the mobile experience.

3. How We Use Your Information

We use the information we collect to:

3.1 Platform Operations

  • Provide and maintain our co-ownership management services
  • Enable communication between co-owners
  • Process expense tracking and cost sharing calculations
  • Facilitate maintenance scheduling and coordination
  • Generate ownership reports and analytics

3.2 Account Management

  • Create and manage user accounts
  • Process subscription payments
  • Verify user identity and ownership claims
  • Provide customer support
  • Send important service notifications
  • Deliver mobile push notifications you have authorized, using your device push token and platform notification services (APNs / FCM)
  • Offer optional biometric unlock on supported devices, using only on-device verification as described in Section 2.4

3.3 Service Improvement

  • Analyze usage patterns to improve functionality
  • Develop new features and services
  • Troubleshoot technical issues
  • Conduct security monitoring

3.4 Rhodes AI Messaging Services

When you use Rhodes AI (web chat or SMS), we use your information to:

  • Process your messages to understand requests and provide assistance
  • Use your account and vehicle data to fulfill vehicle-related tasks
  • Store conversation history for continuity across sessions
  • Apply moderation and security measures to protect the service

Rhodes requires a verified phone number and your informed consent before use. Your conversations are stored securely in our database, encrypted at rest, and accessible only to you and authorized ClubSport systems. You may revoke consent at any time by contacting ClubSport support.

4. Information Sharing and Disclosure

4.1 Co-Owner Sharing

By using our platform, you understand that certain information will be shared with your vehicle co-owners, including:

  • Your name and contact information
  • Expense records and receipts you submit
  • Vehicle maintenance activities you schedule or report
  • Messages sent through our communication tools
  • Ownership percentage information

4.2 Service Providers

We may share your information with trusted third-party service providers who assist us in:

  • Payment processing and subscription management
  • Cloud hosting and data storage
  • Email delivery and communications
  • Analytics and performance monitoring
  • Customer support services
  • Mobile push delivery — Apple (APNs) and Google (FCM) receive the technical data needed to deliver notifications to your device; they process such data under their own policies

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal process (subpoenas, court orders)
  • Government investigations
  • Protecting our legal rights
  • Preventing fraud or illegal activities

4.4 We Do NOT Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. Data Security

We implement appropriate security measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Regular security audits and penetration testing
  • Access controls and employee training
  • Secure hosting infrastructure
  • Regular backups and disaster recovery procedures
  • Push tokens and account-linked device data stored with access controls appropriate to authentication and notification delivery
  • Biometric verification, when used, remains on your device; ClubSport does not collect biometric templates

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required by law to retain certain records.

Mobile: We remove or invalidate push notification tokens associated with your account when you delete your account, revoke notification permission in the app or device settings where supported, or sign out of the mobile app (as implemented in our Services). Timing may depend on platform behavior and backup retention.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

  • Request access to your personal information
  • Receive a copy of your data in a portable format

7.2 Correction and Deletion

  • Correct inaccurate personal information
  • Request deletion of your personal information
  • Withdraw consent where processing is based on consent

7.3 Communication Preferences

  • Opt out of marketing communications
  • Manage notification preferences
  • Disable or customize mobile push notifications through your device settings (iOS / Android) and through in-app notification preferences where we offer them
  • Turn off biometric unlock in the app or remove enrolled biometrics from your device settings; this does not delete your ClubSport account

To exercise these rights, please contact us at jose@clubsportco.io.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your login preferences
  • Analyze usage patterns and improve our services
  • Provide personalized features
  • Ensure platform security

You can control cookie settings through your browser preferences. However, disabling cookies may limit some functionality of our services.

9. Third-Party Integrations

Our platform may integrate with third-party services such as:

  • Payment processors (Stripe, PayPal)
  • Email service providers (Resend)
  • Authentication services (NextAuth.js, OAuth providers)
  • Cloud storage services
  • Analytics platforms
  • Rhodes AI: AI providers (e.g., OpenAI) for processing messages; Twilio for SMS delivery
  • Mobile platforms: Apple (APNs, Sign in with Apple, App Store) and Google (FCM, Google Play) for app distribution, authentication where offered, and push infrastructure

These third parties have their own privacy policies, and we encourage you to review them. We are not responsible for the privacy practices of these third-party services.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your personal information in accordance with this Privacy Policy and applicable laws.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: jose@clubsportco.io

Address: ClubSport Privacy Officer
ClubSport Co., LLC
California, United States

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how we use it
  • Right to delete personal information
  • Right to opt out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at jose@clubsportco.io with "CCPA Request" in the subject line.