Last Updated on June 10, 2025
29.1 What Constitutes PII in Chariot
Personally Identifiable Information (PII) includes:
Name, email, phone
VIN (Vehicle Identification Number)
Uploaded documents with personal names or signatures
GPS coordinates or metadata
Face, license plate, address visible in uploads
Apple/Google account identifiers
29.2 Source of PII
PII may be entered manually, extracted from files/images using AI, or passed through login platforms and analytics SDKs.
29.3 Biometric Data Definition
Biometric identifiers include:
Full or partial faces
Retinal patterns
License plates
VIN barcodes
Signatures
29.4 No Intentional Biometric Scanning
Chariot does not perform facial recognition, fingerprinting, or retina scanning. Any biometric elements present in uploads are treated as incidental.
29.5 Image Redaction Practices
Uploaded content may be subject to automatic redaction or blurring (e.g., faces, plates) to avoid biometric logging unless essential to report logic.
29.6 PII Encryption
All PII is encrypted in transit and at rest (TLS 1.3, AES-256) on Supabase and Railway infrastructure.
29.6 PII Encryption
Access to PII is restricted to system-level processes or audited admin roles. No manual access to face, license, or VIN image data is permitted by employees.
29.8 Temporary File Access Windows
Images and files containing PII (e.g., VINs, contracts) expire after 7–30 days unless linked to a paid report, in which case longer access may apply.
29.9 Consent-Based PII Logging
Users consent to the analysis of images and files that may contain PII when uploading them into the app or submitting chats.
29.10 Logging of Access to PII
All access to user-linked files or PII is logged and traceable for audit purposes.
29.11 GDPR Article 9: Special Category Protections
Biometric and PII data is never used for profiling, automated decision-making, or AI training. Chariot complies with GDPR obligations for sensitive categories.
29.12 CCPA/CPRA (California)
Chariot does not “sell” biometric data and honors “right to delete” or “do not track” requests for any user within California.
29.13 BIPA (Illinois)
We do not retain, process, or analyze biometric data in a manner that requires written consent under Illinois’ Biometric Information Privacy Act.
29.14 International Biometric Laws
Chariot is not intended for users in jurisdictions that mandate on-device-only biometric capture (e.g., parts of China, India). Usage voids biometric protections in these regions.
29.15 Subpoena Compliance
PII and biometric data may be disclosed to law enforcement upon valid subpoena or court order, unless prohibited by local law.
29.16 Right to Know What’s Collected
Users may request a full list of PII logged, extracted, or inferred during their use of the platform.
29.17 Right to Rectify
Users may request correction or deletion of inaccurately processed PII (e.g., name, VIN, scanned contract info).
29.18 Right to Opt Out of VIN Scan Storage
Users may disable VIN history logging from image uploads by toggling off vehicle data caching in their profile settings (where supported).
29.19 Report Expiry & PII Removal
All VIN-linked reports expire on a schedule (e.g., 90 days for purchases, 1 year for annual). Expiry triggers deletion of all linked PII unless legal hold is active.
29.20 Pseudonymization
Where feasible, PII is separated from usage logs and AI session data. Prompt inputs are decoupled from device IDs in training-eligible logs.
29.21 AI PII Filters
All file-processing AI models are paired with moderation layers to flag or reject images containing visible faces, ID cards, or other personal artifacts.
29.22 No Biometric Profiling
Chariot does not allow profiling based on face, gender, ethnicity, or personal appearance. We do not conduct demographic clustering.
29.23 Prompt Injection Protection
All AI prompt inputs are sanitized to prevent embedding of PII in a way that could result in model leakage or cross-session contamination.
29.24 Third-Party Vendor Boundaries
AI models (OpenAI, etc.) may briefly retain input content to support billing, abuse prevention, or model fine-tuning unless opted out at platform level.
29.25 Explicit Denial of Medical/Health Uploads
Users are forbidden from uploading biometric medical records (e.g., X-rays, prescriptions, disability forms). Chariot does not offer HIPAA-compliant storage.
29.26 Survival After Account Closure
PII-related protections and deletion rights survive for 24 months after account closure unless user requests earlier anonymization.
29.27 Clause Updates
This section may be updated with evolving state/federal biometric law. Material changes will be disclosed through in-app notice.
29.28 Facial Detection May Be Added
Future versions may include optional face obfuscation, license plate masking, or VIN auto-detection for user convenience, not biometric profiling.
29.29 Third-Party API Caution
If you integrate third-party tools that analyze images submitted to Chariot, their biometric/PII terms will govern your usage.
29.30 Limitation of Liability
Chariot disclaims liability for user-submitted images containing biometric/PII data that violate this section’s terms or applicable law.
Contact Us
If you have any questions or concerns about our Terms of Service or the handling of your personal information, please contact us at support@chariotreport.com