Revecorp Privacy Policy

1. Scope

This Privacy Policy explains how Revecorp Inc. (“Revecorp,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information in connection with:

• The public website located at revecorp.com and any linked pages we control (the “Website”).
• The TransitCheck mobile and tablet application, related services, and web portal (the “App”).

If any part of this Policy conflicts with a service specific notice presented inside the App or Website, the service specific notice will govern for that service.

2. Who we are and how to contact us

Revecorp Inc. owns and operates the Website and the App. You can contact us using the details shown above for any privacy request, including exercising your rights, asking questions, or filing a complaint.

3. Categories of personal information we collect

We collect personal information directly from you, automatically from your device, from your employer or organization if it authorizes your App use, and from service providers that assist us. The categories may include:

1. Identifiers such as name, user ID, email address, phone number, postal address, IP address, online identifiers, and device identifiers including Android ID.
2. Device and technical data such as device make and model, operating system version, screen resolution, app version, crash and performance logs, and telemetry from interactions with our web services.
3. Internet or network activity such as log data for the Website and App, pages viewed, session duration, referrers, and actions taken within the App or portal.
4. Geolocation data when location permissions are enabled in the App, including precise GPS data while the App is open or running in the background if your organization requires continuous tracking.
5. Multimedia and content such as photos, videos, and voice recordings that you choose to upload for documentation.
6. Transaction and account data such as orders, subscriptions, job or asset records created in the App, support requests, and audit logs.
7. Professional or employment information when the App is used for inspections or other work tasks.
8. Sensitive personal information as defined by certain laws, which may include precise geolocation, biometric templates if enabled by your organization, and government issued identifiers captured in photos or forms. We do not intentionally collect Social Security numbers or financial account numbers through the App or Website.

4. App permissions

The App may request these permissions, which you can manage in your device settings. Some functions may not work without them.

• Camera to capture photos or video for documentation.
• Microphone for voice notes or speech to text.
• Location for GPS data while the App is open or running in the background.
• Phone and network to send data between the device and the web portal.
• Storage to temporarily store data until upload completes.

5. Purposes of use

We use personal information for the purposes listed below:

1. Provide and operate services including account creation, authentication, order processing, deliveries, and the core App features.
2. Customer support including responding to inquiries, troubleshooting, and quality assurance.
3. Security and integrity including fraud prevention, abuse detection, access controls, and incident response.
4. Analytics, research, and service improvement including debugging and measuring usage trends.
5. Legal compliance including required recordkeeping and responses to lawful requests.
6. Communications and optional marketing such as service notices and product updates. You can opt out of marketing messages at any time.

6. Cookies and similar technologies

On the Website and within the web portal we use cookies, SDKs, and web beacons to keep you signed in, remember preferences, measure usage, and secure the service. You can control cookies in your browser and operating system settings. Disabling cookies may limit some features. We do not currently respond to browser Do Not Track signals. If we begin to sell or share personal information for cross context behavioral advertising, we will honor Global Privacy Control signals as an opt out request.

7. Disclosures of personal information

We disclose personal information as follows:

1. Service providers and contractors that process data under written agreements that restrict further use. Examples include hosting, analytics, customer support, payment processing, and delivery partners.
2. Authorized users and your organization when your employer or customer account administrates the App.
3. Affiliates within our corporate group for the purposes described in this Policy.
4. Business transfers in connection with a merger, acquisition, financing, or sale of assets, subject to continuing protections.
5. Legal and safety to comply with law, enforce terms, or protect rights, property, or safety.

We do not sell or share personal information as those terms are defined by the CCPA as amended by the CPRA. We do not allow third parties to use your data for their own targeted advertising.

8. Data retention

We retain personal information only as long as needed for the purposes set out in this Policy, to comply with legal obligations, or to resolve disputes. Standard retention periods are:

• Temporary system logs up to 30 days.
• User generated content and inspection records up to 5 years, subject to your organization’s policy.
• Account data until the account is closed or deletion is requested, plus a reasonable period for backups.

We may anonymize data so it is no longer reasonably capable of identifying you and retain the anonymized data for analytics.

9. Information security

We use technical and organizational safeguards appropriate to the risks, including encryption in transit and at rest where feasible, access controls limited to authorized personnel, secure software development practices, and periodic security reviews and audits. No method of transmission or storage is perfectly secure.

10. Children’s privacy

The Website and App are not directed to children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you are in the European Union or United Kingdom, we rely on the higher local age of consent up to 16. If we learn we collected data from a child contrary to this section, we will delete it.

11. Your privacy rights

Depending on where you live, you may have the rights listed below. We will not discriminate against you for exercising these rights.

United States state laws including CCPA, CPRA, VCDPA, CPA, and TDPSA

• Right to know and access the categories and specific pieces of personal information collected.
• Right to correct inaccurate personal information.
• Right to delete personal information, subject to lawful exceptions.
• Right to data portability.
• Right to limit the use and disclosure of sensitive personal information where applicable.
• Right to opt out of sale or sharing for targeted advertising. Revecorp does not sell or share personal information as defined by these laws.
• Right to appeal a denial of your request in states that provide an appeal process. You can submit an appeal by replying to our decision email within 30 days.

European Union, EEA, United Kingdom, and Canada

Where applicable privacy laws such as GDPR or PIPEDA apply, you may also have rights to object to processing, to restrict processing, and to withdraw consent. Our legal bases include performance of a contract, legitimate interests, consent where required, and legal obligations.

How to exercise your rights
Submit a request by emailing privacy@revecorp.com or calling +1 916 786 1006. We will verify your identity using reasonable methods. Authorized agents may submit a request with proof of authorization. You can also ask us to provide this Policy in an alternative accessible format.

12. International data transfers

Your information may be stored and processed in the United States and other countries that may have different data protection laws than your country. Where required, we use approved legal mechanisms such as Standard Contractual Clauses and additional safeguards for cross border transfers.

13. Interactive features and user content

If you post content in areas that can be seen by others, including forums or feedback channels we operate, your content may be read, collected, and used by others. Your posts should not include personal information that you would not want to be public.

14. Updates to this Policy

We may update this Policy from time to time. We will post the updated version with a new effective date on the Website and, for material changes, we will provide prominent notice such as email or in product alerts. Your continued use after the effective date means you accept the changes.

15. California Notice at Collection and Shine the Light

Notice at Collection

• Categories collected: identifiers, device and technical data, internet or network activity, geolocation, multimedia, transaction and account data, professional information, and sensitive personal information as described above.
• Purposes: provide services, security, debugging, short term transient use, analytics, internal research, quality assurance, and communications.
• Retention: as described in Section 8.
• Sale or sharing: Revecorp does not sell or share personal information for cross context behavioral advertising.
• Sensitive personal information: used only for the service you request, security, and compliance. We do not use sensitive personal information to infer characteristics.

You can exercise your rights using the methods listed in Section 11.

Shine the Light
California Civil Code section 1798.83 allows California residents to request information regarding disclosure of personal information to third parties for their direct marketing. Revecorp does not disclose personal information to third parties for their direct marketing. You can still contact privacy@revecorp.com with questions.

16. Terms of Use

Your use of the Website or App is also subject to the Revecorp Terms of Use. If you create an account, place an order, or use the App, you agree to those terms and to this Policy.