Carpil

Privacy Policy

How we collect, use, and protect your personal information

Last updated: April 9, 2026

Introduction

This Privacy Policy (hereinafter, the “Policy”) governs the collection, processing, storage, transfer, and protection of personal data of users of the mobile application and associated services of Carpil (hereinafter, “Carpil”, “we”, “us”, “our”, or “the Platform”).

This Policy is an integral part of the Carpil Terms and Conditions and constitutes a binding agreement between the User and Carpil regarding the treatment of personal data.

By creating an account, using the app, posting or booking rides, or interacting with any Carpil service, you declare that you have read, understood, and accepted this Privacy Policy. If you do not agree with any provision herein, you must refrain from using the Platform.

1. Data Controller and Contact Information

Carpil, LLC A company duly incorporated under the laws of the State of Delaware, United States of America.

Carpil, LLC is the data controller (or “responsible for data processing” under Costa Rican law — Ley de Protección de la Persona Frente al Tratamiento de sus Datos Personales, Ley N° 8968) responsible for the personal data collected through the Platform.

1.2. Official Contact Channels for Data Protection Matters

These are the only official and authorized channels for inquiries, requests, complaints, or any communication related to privacy and personal data processing. Communications received through any other channel regarding data protection matters shall not be considered official.

1.3. Response Commitment

Carpil will acknowledge receipt of any data protection inquiry within five (5) business days and will provide a substantive response within thirty (30) calendar days, unless the complexity of the request requires additional time, in which case the User will be informed of the expected timeline.

2. Scope of Application

2.1. This Policy applies to:

  • The Carpil mobile application (available for iOS and Android), including all features accessible to Drivers and Passengers.
  • The Carpil website and any web-based interfaces associated with the carpooling service.
  • Any other digital channel, tool, API, or service operated by Carpil in connection with the Platform.
  • All personal data collected from Users, whether provided directly by the User, collected automatically through the Platform, or obtained from third-party service providers.

2.2. This Policy does NOT apply to:

  • Third-party services that Users access independently (e.g., WhatsApp, banking applications, SINPE móvil, Stripe, email providers), which are governed by their own respective privacy policies.
  • Websites, applications, or services linked from the Platform that are not owned or operated by Carpil.
  • Personal data processed by Drivers or Passengers independently and outside the scope of the Platform (e.g., direct communications between Users after exchanging contact information).

2.3. Applicable Legislation

Carpil processes personal data in compliance with the following regulations, to the extent applicable:

  • Costa Rica: Ley de Protección de la Persona Frente al Tratamiento de sus Datos Personales (Ley N° 8968) and its implementing regulations (Decreto Ejecutivo N° 37554-JP).
  • Costa Rica: Ley de Promoción de la Competencia y Defensa Efectiva del Consumidor (Ley N° 7472) — provisions on electronic commerce and consumer data protection.
  • United States: Applicable federal and state privacy laws governing Carpil, LLC as a Delaware entity.
  • General: Any other data protection regulation applicable in jurisdictions where Carpil operates or where its Users are located.

3. Personal Data We Collect

Carpil collects and processes the following categories of personal data:

3.1. Registration and Profile Data

Data provided directly by the User during account creation and profile management:

  • First name and last name (legal name).
  • Email address.
  • Phone number.
  • Profile photo (when voluntarily provided by the User).
  • Language and country preferences configured in the app (when applicable).
  • Account creation date and time.

Data collected during the registration and terms acceptance process:

  • Date and time of Terms and Conditions acceptance.
  • Date and time of Privacy Policy acceptance.
  • IP address at the time of acceptance.
  • Device identifier and model at the time of acceptance.
  • Operating system and app version at the time of acceptance.
  • Geolocation data at the time of acceptance (when available and permitted by device settings).
  • Email verification status and timestamp.
  • Record of consent given or withdrawn for specific processing purposes.

3.3. Ride Data (Carpooling)

Data related to rides created, booked, completed, or canceled through the Platform:

  • Origin and destination of the ride (city, address, or geographic reference as entered by the User).
  • Scheduled departure and arrival date and time.
  • Selected route (as determined by the Driver).
  • Number of seats offered, booked, and available.
  • Cost Contribution (price per seat) as set by the Driver.
  • Ride status (published, booked, completed, canceled, disputed).
  • History of all rides associated with the User’s Account.
  • Meeting point and drop-off point details.

Note on Location Data: The location information used by Carpil refers to the ride’s origin and destination as entered by the User. Carpil does not currently track or collect real-time GPS location data from Users’ devices during rides. In the future, Carpil may incorporate approximate location features to improve the user experience; any such implementation will be regulated in accordance with this Policy and communicated to Users through updates.

3.4. Technical and Usage Data

Data collected automatically through the User’s device and interaction with the Platform:

  • Device identifiers (device ID, advertising ID, when available).
  • Device model, manufacturer, and hardware specifications.
  • Operating system type and version.
  • App version and build number.
  • Usage logs, including: screens visited, features used, buttons clicked, session duration, and frequency of use.
  • Technical events: app crashes, errors, performance metrics, load times, and exceptions.
  • Network type (Wi-Fi, cellular) and connection quality indicators.
  • Time zone and locale settings.

Tools used for technical data collection:

  • Firebase Crashlytics (provided by Google LLC): Collects crash reports, error logs, device information, and app state data to identify and resolve technical issues. Firebase Crashlytics may collect: crash traces, device state, device identifiers, and installation UUIDs. Data is processed in accordance with Google’s Privacy Policy and the Firebase Data Processing Terms.

  • Sentry (provided by Functional Software, Inc.): Collects error and performance monitoring data, including: error messages, stack traces, device and browser information, IP addresses (which may be anonymized), and contextual breadcrumbs. Data is processed in accordance with Sentry’s Privacy Policy and Data Processing Agreement.

3.5. Authentication Data

Data processed through authentication services:

  • Firebase Authentication (provided by Google LLC): Manages user account creation, email verification, login sessions, and authentication tokens. Firebase Authentication processes: email address, authentication provider information, login timestamps, session tokens, and associated device identifiers. Data is processed in accordance with Google’s Privacy Policy and the Firebase Data Processing Terms.

  • Carpil does not store passwords in plain text. Authentication credentials are managed securely through Firebase Authentication’s built-in encryption and hashing mechanisms.

3.6. Payment and Transaction Data

Data related to financial transactions on the Platform:

  • Payment method information processed through Stripe, Inc. or other authorized payment processors.
  • Transaction identifiers, amounts, currencies, and payment statuses.
  • Payment receipt data related to SINPE móvil when provided by the User or integrated as part of the payment flow.
  • Payout information for Drivers (bank account details or payment method for receiving disbursements).
  • Refund and chargeback records.

Important: Carpil does not directly store, process, or have access to complete payment card data (card numbers, CVV, expiration dates). This information is managed exclusively by third-party payment processors (primarily Stripe) in accordance with PCI DSS (Payment Card Industry Data Security Standard) requirements and their own privacy policies. See Stripe’s Privacy Policy.

3.7. Identity Verification Data (Future Implementation)

In the future, Carpil may integrate external identity verification services. When implemented:

  • Veriff or similar document verification providers: May process copies of identity documents (ID card, passport, driver’s license) and associated metadata (document number, expiration date, verification result). Carpil will retain only the verification result (e.g., “verified” / “not verified”) and a reference identifier, not copies of identity documents.

  • World (formerly Worldcoin) or similar biometric verification providers: May process iris biometric data for identity uniqueness verification. Carpil will not store photos, videos, iris images, or biometric templates. Carpil will only retain the result of the verification process (e.g., a validation token or verified/not-verified status).

Carpil does not directly process, store, or have access to biometric data. Any biometric processing is performed exclusively by the third-party verification provider under their own privacy policies and data processing agreements.

3.8. Communications and Support Data

Data related to User interactions with Carpil’s support team:

  • Content of messages, emails, and communications sent to official support channels (email and WhatsApp).
  • Files, screenshots, photographs, or other media voluntarily submitted by the User to report issues, disputes, or incidents.
  • Support ticket metadata: date, time, category, resolution status, and assigned team member.
  • Records of disputes, complaints, and their resolution outcomes.

3.9. In-App Chat Messages

The Platform includes a chat system for communication between Drivers and Passengers:

  • Chat message content is designed to be fully encrypted (end-to-end encryption) such that Carpil cannot routinely access, read, or process the content of messages.
  • Carpil does not proactively review, moderate, or monitor the content of in-app chat messages.
  • Carpil may collect and store chat metadata, including: existence of a conversation between Users, number of messages exchanged, timestamps of messages sent and received, and participants in the conversation.
  • In case of a dispute or investigation, Carpil can only act based on:
    • Information and evidence voluntarily provided by the User (e.g., screenshots of chat messages).
    • Available metadata as described above, when technically accessible and legally appropriate.

Carpil processes personal data for the following specific purposes, each supported by one or more legal bases as required by applicable data protection law:

4.1. Provision of the Carpil Service

  • Create, manage, and maintain User accounts.
  • Allow Drivers to post rides and Passengers to search for and book available seats.
  • Facilitate connections between Drivers and Passengers to share seats and travel costs.
  • Process, manage, and track payments and disbursements related to rides.
  • Send transactional communications (booking confirmations, cancellations, payment receipts, ride reminders).
  • Maintain ride history and transaction records for the User’s reference.

Legal basis: Performance of the contractual relationship between the User and Carpil (acceptance of Terms and Conditions).

4.2. Security, Fraud Prevention, and Platform Integrity

  • Verify the authenticity of accounts and User identity to the extent technically feasible.
  • Detect, investigate, and prevent suspicious, fraudulent, or abusive activities.
  • Monitor for violations of the Terms and Conditions and Code of Conduct.
  • Temporarily or permanently withhold payments when there are reasonable indications of fraud, abuse, or serious breach of Terms.
  • Maintain logs and records necessary to support security investigations and incident response.
  • Implement and maintain technical security measures to protect the Platform and User data.

Legal bases:

  • Carpil’s legitimate interest in the security of the Platform and the protection of its Users and business operations.
  • Compliance with legal obligations (anti-fraud, anti-money laundering, and consumer protection regulations, when applicable).
  • Respond to lawful requests from competent authorities (courts, law enforcement, regulatory agencies).
  • Comply with accounting, tax, financial reporting, and other applicable legal obligations.
  • Maintain records required by consumer protection, electronic commerce, and data protection regulations.
  • Cooperate with data protection authorities (e.g., Agencia de Protección de Datos de los Habitantes — PRODHAB — in Costa Rica) in response to inquiries or complaints.

Legal basis: Compliance with legal obligations applicable to Carpil.

4.4. Platform Improvement and Internal Analysis

  • Analyze app functionality, performance, stability, errors, and system crashes to improve the Platform.
  • Conduct aggregate and anonymized usage analytics (e.g., total number of rides, most popular routes, peak usage times).
  • Test new features, conduct A/B testing, and evaluate user experience improvements.
  • Generate internal reports and business intelligence to guide Platform development.

Legal bases:

  • Carpil’s legitimate interest in continuously improving its service and user experience.
  • Consent, when specifically required by applicable regulations for certain types of analytics or tracking.
  • Send emails, push notifications, in-app messages, or WhatsApp messages related to:
    • Registration and email verification.
    • Ride booking confirmations and cancellations.
    • Relevant changes to bookings or ride details.
    • Payment confirmations and receipts.
    • Security alerts and Account-related notifications.
    • Platform updates, maintenance notices, and service changes.

Legal bases:

  • Performance of the contractual relationship (transactional communications).
  • Carpil’s legitimate interest in keeping Users informed about essential service operations.

4.6. Promotional Communications and Marketing

  • Send information about app updates, new features, promotions, surveys, referral programs, or Carpil-related campaigns.

Legal bases:

  • User consent, when required by applicable regulations.
  • Carpil’s legitimate interest, to the extent permitted by law, with the User’s ability to opt out at any time.

Opt-out: Users may unsubscribe from promotional communications at any time by using the unsubscribe mechanism provided in each communication, adjusting their notification preferences in the app, or contacting Carpil’s official support channels. Opting out of promotional communications will not affect transactional or service-essential communications.

4.7. Dispute Resolution and Incident Management

  • Review, analyze, and respond to reports, complaints, and disputes between Users.
  • Investigate alleged infractions and determine appropriate sanctions.
  • Resolve disputes over rides, cancellations, payments, refunds, or other incidents.
  • Maintain records of disputes, investigations, and their outcomes for legal defense purposes.
  • Take administrative action (warnings, suspensions, bans) on accounts that violate Carpil’s rules.

Legal bases:

  • Performance of the contractual relationship.
  • Carpil’s legitimate interest in maintaining Platform integrity and protecting Users.
  • Compliance with legal obligations, when applicable.

5. Recipients and Data Sharing

Carpil may share personal data with the following categories of recipients, always under appropriate confidentiality agreements and data processing agreements, and strictly for the purposes described in this Policy:

5.1. Infrastructure and Hosting Providers

  • Railway (provided by Railway Corp.): Hosts Carpil’s backend services, APIs, and server-side application logic. Railway processes data on servers located in the United States. Personal data transiting through Railway’s infrastructure includes: API request data, server logs, database queries, and application state. Data is processed in accordance with Railway’s Privacy Policy and their applicable data processing terms.

  • Firebase / Google Cloud Platform (provided by Google LLC): Provides database services (Firestore/Realtime Database), user authentication (Firebase Authentication), and crash reporting (Firebase Crashlytics). Firebase processes and stores User data including: account information, authentication credentials, ride data, and application performance data. Firebase infrastructure is distributed globally with data primarily processed in the United States. Data is processed in accordance with Google Cloud’s Data Processing Terms and Google’s Privacy Policy. Google Cloud Platform maintains certifications including ISO 27001, ISO 27017, ISO 27018, SOC 1/2/3, and other internationally recognized security standards.

5.2. Analytics, Error Logging, and Performance Monitoring Providers

  • Firebase Crashlytics (provided by Google LLC): As described in Section 3.4. Collects crash reports, error data, and device information to diagnose and resolve application issues.

  • Sentry (provided by Functional Software, Inc.): As described in Section 3.4. Collects error and performance monitoring data. Sentry processes data on servers located in the United States. Sentry maintains compliance with SOC 2 Type II standards and offers a Data Processing Agreement in compliance with applicable data protection regulations. See Sentry’s Security & Compliance.

5.3. Payment Processors and Financial Services

  • Stripe, Inc.: Processes payment transactions, manages payment methods, and handles disbursements to Drivers. Stripe is PCI DSS Level 1 certified and processes data in accordance with Stripe’s Privacy Policy and Data Processing Agreement. Stripe may process data in the United States and other jurisdictions where Stripe operates.

  • Banks, financial institutions, or payment intermediaries related to the payment flow, including SINPE móvil integration (when applicable) and international transfer services (e.g., Wise/TransferWise) for operational disbursements.

5.4. Identity Verification Providers (Future Implementation)

  • Veriff or equivalent document verification services.
  • World (formerly Worldcoin) or equivalent biometric verification services.

When implemented, these providers will process personal data strictly for identity verification purposes under their own privacy policies and under data processing agreements with Carpil, as described in Section 3.7.

5.5. Communication and Notification Providers

  • Email delivery services for transactional and marketing communications.
  • Push notification services (Apple Push Notification Service for iOS, Firebase Cloud Messaging for Android).
  • WhatsApp Business API (provided by Meta Platforms, Inc.) for support and service communications.

5.6. Competent Authorities

  • Courts, law enforcement agencies, regulatory bodies, or other competent authorities, only when there is a lawful requirement, court order, subpoena, or applicable regulation that obligates Carpil to cooperate or disclose information.
  • Data protection authorities (e.g., PRODHAB in Costa Rica), in response to formal inquiries, audits, or complaints.

5.7. Important Commitments on Data Sharing

  • Carpil does not sell, rent, trade, or commercially share personal data with third parties.
  • Any transfer or disclosure of personal data to third parties is made solely for the purposes described in this Policy and under the corresponding legal basis.
  • Carpil requires all third-party data processors to maintain appropriate technical and organizational security measures and to process personal data only in accordance with Carpil’s instructions and this Policy.

6. International Data Transfers

6.1. Since Carpil, LLC is incorporated in the United States and uses third-party service providers located in various countries (including the United States, the European Union, and other jurisdictions), personal data may be transferred to, stored in, and processed outside the User’s country of residence.

6.2. The following service providers process data outside Costa Rica:

ProviderServicePrimary Data Location
Railway Corp.Backend hostingUnited States
Google / FirebaseDatabase, authentication, crashlyticsUnited States (global infrastructure)
SentryError and performance monitoringUnited States
StripePayment processingUnited States (global infrastructure)
Meta (WhatsApp)Support communicationsUnited States / Global

6.3. To ensure adequate protection for international data transfers, Carpil relies on:

  • Data processing agreements with each third-party provider incorporating standard data protection clauses and security obligations.
  • Privacy policies, security certifications, and compliance frameworks maintained by providers (e.g., Google Cloud’s ISO 27001, SOC 2/3 certifications; Stripe’s PCI DSS Level 1 certification; Sentry’s SOC 2 Type II compliance).
  • Providers’ own commitments to data protection standards equivalent to or exceeding those required by applicable law.

6.4. Carpil maintains copies of relevant data processing agreements and provider certifications and will make them available upon request by competent data protection authorities.

7. Data Retention Periods

Carpil retains personal data for the following periods:

7.1. Account and Profile Data

  • Retention period: For as long as the User’s Account remains active on the Platform.
  • After Account deletion: Data is deleted or irreversibly anonymized within ninety (90) calendar days of Account deletion, except for data that must be retained for legal, tax, or compliance purposes.

7.2. Ride History and Transaction Data

  • Retention period: For as long as the Account is active, and for a minimum of five (5) years after the last transaction or ride, to comply with:
    • Tax and accounting obligations.
    • Consumer protection statutory limitation periods.
    • Defense against potential legal claims.
  • Retention period: For as long as the Account is active, and for a minimum of five (5) years after Account deletion or termination, to serve as evidence of informed consent and contractual acceptance.

7.4. Technical and Usage Data (Crashlytics, Sentry)

  • Retention period: Crash reports and error logs are retained for a maximum of twelve (12) months from the date of collection, after which they are automatically deleted or anonymized.
  • Aggregate and anonymized analytics data may be retained indefinitely.

7.5. Identity Verification Data (When Implemented)

  • Retention period: Verification results (verified/not-verified status and reference tokens) are retained for as long as the Account is active and for a reasonable period after deletion for fraud prevention purposes.
  • Copies of identity documents are not retained by Carpil (managed exclusively by verification providers).

7.6. Support and Dispute Data

  • Retention period: For as long as necessary to manage the case, plus a minimum of three (3) years after resolution, to account for applicable legal limitation periods.

7.7. Chat Metadata

  • Retention period: For as long as the associated Accounts remain active. Chat message content (encrypted) is deleted in accordance with the Platform’s technical data lifecycle.

7.8. General Principle

Once the applicable retention period has concluded, Carpil will proceed with deletion or irreversible anonymization of the personal data, unless there is a specific legal obligation to retain it for a longer period.

8. Information Security

8.1. Security Measures

Carpil adopts reasonable and proportionate technical, organizational, and administrative measures to protect personal data against unauthorized access, accidental or unlawful loss, destruction, alteration, misuse, or unauthorized disclosure. These measures include:

Technical measures:

  • Encryption of data in transit using TLS/SSL protocols.
  • End-to-end encryption of in-app chat messages.
  • Secure authentication through Firebase Authentication with industry-standard hashing and token management.
  • Use of hosting infrastructure (Railway, Google Cloud/Firebase) that maintains internationally recognized security certifications (ISO 27001, SOC 2, etc.).
  • Use of payment processors (Stripe) compliant with PCI DSS Level 1 standards.
  • Regular security updates and patch management for Platform dependencies.
  • Logical access controls and role-based permissions for Carpil team members accessing backend systems.

Organizational measures:

  • Limitation of access to personal data to authorized Carpil team members on a need-to-know basis.
  • Confidentiality obligations for all persons with access to personal data.
  • Documented data processing procedures and security protocols.
  • Incident response procedures for data breaches.

8.2. Third-Party Provider Security

Carpil relies on the security infrastructure and certifications of its third-party service providers:

ProviderKey Certifications / Compliance
Google Cloud / FirebaseISO 27001, ISO 27017, ISO 27018, SOC 1/2/3, HIPAA
RailwayIndustry-standard cloud security practices
SentrySOC 2 Type II
StripePCI DSS Level 1, SOC 1/2, ISO 27001

Carpil maintains records of provider certifications and data processing agreements and can present them to the Agencia de Protección de Datos (PRODHAB) or any competent authority upon lawful request.

8.3. No Absolute Guarantee

No system is completely secure. Carpil cannot guarantee absolute security against all possible threats, including but not limited to: sophisticated cyberattacks, zero-day vulnerabilities, social engineering, or unauthorized access by third parties. Carpil will, however, promptly notify affected Users and competent authorities in the event of a data breach that poses a significant risk to Users’ rights, in accordance with applicable law.

8.4. User Responsibilities

Users must also adopt reasonable security measures, including:

  • Not sharing their password or login credentials with anyone.
  • Using strong, unique passwords.
  • Keeping their device, operating system, and the Carpil app updated to the latest available versions.
  • Notifying Carpil immediately of any suspected unauthorized access to their Account.
  • Verifying the identity and information of other Users before sharing a ride.
  • Not installing unauthorized or malicious software on their devices.

9. Data from Minors

9.1. Use of the Carpil Platform is limited to persons eighteen (18) years of age or older for account creation and independent use.

9.2. Carpil does not knowingly or intentionally collect personal data from minors (persons under 18 years of age) without the consent of a parent or legal guardian.

9.3. If a minor travels as a Passenger accompanied by a responsible adult, all data processing is conducted through the adult’s Account. The minor does not need to create an Account.

9.4. If Carpil detects or is informed that it has inadvertently collected personal data from a minor without appropriate consent, it will proceed to delete such data as promptly as reasonably practicable.

9.5. Parents, guardians, or responsible adults who believe that a minor’s data has been collected without proper consent may contact Carpil through the official channels to request deletion.

10. User Rights (ARCO Rights and Additional Rights)

In accordance with applicable data protection regulations (including Costa Rica’s Ley N° 8968), Users may exercise the following rights regarding their personal data:

10.1. Right of Access

The right to know what personal data Carpil processes about them, the purposes of processing, the categories of recipients, and the retention periods.

10.2. Right of Rectification

The right to request correction of inaccurate, incomplete, or outdated personal data.

10.3. Right of Erasure (“Right to Be Forgotten”)

The right to request deletion of personal data when:

  • The data is no longer necessary for the purposes for which it was collected.
  • The User withdraws consent (where consent was the legal basis).
  • The User objects to processing and there are no overriding legitimate grounds.
  • The data has been unlawfully processed.

Limitations: Carpil may deny or delay erasure requests when retention is necessary for: compliance with legal obligations, defense against legal claims, pending transactions or disputes, or other legitimate grounds recognized by law.

10.4. Right to Restriction of Processing

The right to request that Carpil restrict (limit) the processing of personal data in certain circumstances, such as when the accuracy of data is contested or when processing is unlawful but the User prefers restriction over erasure.

10.5. Right to Object

The right to object to processing based on legitimate interest, including certain commercial communications. Upon objection, Carpil will cease the relevant processing unless it demonstrates compelling legitimate grounds that override the User’s rights.

10.6. Right to Data Portability

The right to receive personal data provided to Carpil in a structured, commonly used, machine-readable format (e.g., JSON, CSV), and to request that such data be transmitted to another controller, where technically feasible.

Where processing is based on consent, the User has the right to withdraw consent at any time, without affecting the lawfulness of processing conducted prior to the withdrawal.

10.8. How to Exercise Your Rights

To exercise any of the above rights, Users may contact:

Requirements for requests:

  • The request must identify the User and specify the right(s) being exercised.
  • Carpil may request additional information or documentation to verify the identity of the requester before processing the request, to prevent unauthorized access to personal data.
  • Carpil will respond to requests within thirty (30) calendar days. If additional time is required, the User will be informed.

Limitations on compliance: In some cases, Carpil may not be legally obligated or able to fully comply with a request, including but not limited to:

  • When there are pending rides, transactions, or disputes associated with the Account.
  • When retention is required for legal, tax, or compliance purposes.
  • When retention is necessary for the defense against potential legal claims.
  • When the request would adversely affect the rights of other Users.

In such cases, Carpil will explain the reasons for the limitation.

By creating an Account and accepting these Terms and the Privacy Policy, the User provides their free, specific, informed, and unambiguous consent to the collection and processing of their personal data as described in this Policy.

Carpil records and maintains evidence of the User’s consent, including:

  • The specific version of the Privacy Policy accepted.
  • Date and time of acceptance.
  • IP address, device information, and geolocation (when available) at the time of acceptance.
  • The specific consent mechanism used (checkbox, button click, etc.).

Users may withdraw their consent at any time by contacting Carpil through the official channels. Withdrawal of consent does not affect the lawfulness of processing conducted prior to the withdrawal. Depending on the scope of the withdrawal, it may result in the inability to continue using certain or all features of the Platform.

11.4. Specific Consents

Certain types of processing may require separate, specific consent (e.g., biometric verification, promotional communications). When applicable, Carpil will request such consent separately and clearly, and the User may accept or decline independently of their general consent to this Policy.

12. Email, WhatsApp, and Push Notification Communications

12.1. Communication Channels

Carpil uses the following channels to communicate with Users:

  • Email (to the registered email address).
  • WhatsApp (+506 8448-1439) for support and, when applicable, service-related messages.
  • Push notifications through the mobile application.
  • In-app messages within the Platform.

12.2. Types of Communications

  • Transactional / Service-essential: Ride confirmations, cancellations, payment receipts, security alerts, Account notices, Terms/Policy updates. These communications are necessary for service provision and cannot be opted out of while maintaining an active Account.
  • Promotional / Marketing: Information about new features, promotions, surveys, campaigns, or Carpil-related content. Users may opt out of these communications at any time.

12.3. Opting Out

Users may manage their notification preferences through:

  • The in-app notification settings.
  • The unsubscribe mechanism included in promotional emails.
  • Contacting Carpil’s official support channels.

Opting out of promotional communications will not affect transactional or service-essential communications.

13. Cookies and Similar Technologies

13.1. The Carpil mobile application does not use browser cookies. However, the app and its integrated services may use similar technologies, including:

  • Local storage and cache on the User’s device to store preferences and session data.
  • Firebase Analytics identifiers for usage analytics and performance monitoring.
  • Device identifiers and installation IDs for technical and analytical purposes.

13.2. Third-party services integrated into the Platform (e.g., Firebase, Sentry, Stripe) may use their own tracking technologies in accordance with their respective privacy policies.

14. Relationship with Terms and Conditions

14.1. This Privacy Policy complements and forms an integral part of the Carpil Terms and Conditions.

14.2. Key provisions reiterated from the Terms:

  • Carpil acts solely as a facilitator and intermediary connecting Drivers and Passengers; it does not provide transportation services nor guarantee the identity, conduct, punctuality, or safety of Users.
  • Carpil is not responsible for incidents arising from physical interactions between Users (including inappropriate behavior, harassment, criminal acts, lost or damaged items), without prejudice to cooperating in good faith with the victim and authorities to the extent legally permitted.
  • The Driver independently determines the route, schedule, Cost Contribution, and all operational aspects of each Ride. Carpil exercises no control or supervision over Drivers.

14.3. In the event of any conflict between this Privacy Policy and the Terms and Conditions regarding data processing matters, this Privacy Policy shall prevail.

14.4. Users must carefully review the Terms and Conditions to understand the full scope of the Platform’s services, limitations, and liability framework.

15. Data Breach Notification

15.1. In the event of a personal data breach that is likely to result in a significant risk to the rights and freedoms of Users, Carpil will:

  • Notify the competent data protection authority (e.g., PRODHAB in Costa Rica) within seventy-two (72) hours of becoming aware of the breach, where feasible.
  • Notify affected Users without undue delay through the most effective available channel (email, in-app notification, or other means).
  • Provide information about the nature of the breach, the likely consequences, and the measures taken or proposed to address the breach and mitigate its effects.

15.2. Carpil maintains an internal incident response plan for data breaches and conducts periodic reviews to ensure readiness.

16. Modifications to the Privacy Policy

16.1. Carpil reserves the right to modify this Privacy Policy at any time to adapt it to legislative or regulatory changes, modifications in Carpil’s services, or improvements and clarifications.

16.2. Material changes will be communicated to Users through one or more of the following means:

  • In-app notification.
  • Email to the registered email address.
  • Prominent notice on the Platform.

16.3. The current version of this Policy will always be available through the application or Carpil’s official channels, with the date of the last update clearly indicated.

16.4. Continued use of the Platform after publication of an updated Privacy Policy constitutes acceptance of the updated Policy. Users who do not agree with the changes must cease use of the Platform and may request Account deletion.

16.5. Carpil may require Users to affirmatively re-accept the Privacy Policy upon material changes.

17. Contact, Complaints, and Regulatory Authorities

17.1. Contact

For any inquiries, exercise of rights, or complaints related to the processing of personal data:

Carpil, LLC

17.2. Right to File Complaints

Without prejudice to contacting Carpil directly, Users retain the right to file complaints with the competent data protection or consumer protection authority in their jurisdiction. In Costa Rica:

  • Agencia de Protección de Datos de los Habitantes (PRODHAB)

  • Ministerio de Economía, Industria y Comercio (MEIC) — for consumer protection matters.

17.3. Cooperation

Carpil will cooperate fully with competent data protection authorities in the investigation and resolution of any complaint or inquiry related to personal data processing.