Legal / Privacy policy
Effective
May 6, 2026
Last updated
June 9, 2026

01

Who we are

FairDrives is an independent, community-powered car price transparency platform. We are not affiliated with, funded by, or sponsored by any car dealership, automotive manufacturer, or dealer network.

02

What we collect

When you browse

  • An anonymous session identifier stored in a cookie on your device to keep you signed in.
  • Standard server logs from our hosting provider (Vercel), including IP address, browser type, and pages visited, used for security and to keep the service running reliably.
  • Basic crash and error reports when something breaks, used only to diagnose bugs.
  • Privacy-friendly, cookieless usage analytics (Vercel Web Analytics) that count aggregate page views and traffic patterns. This does not use cookies, does not track you across other websites, and does not build an advertising profile of you.

When you create an account

  • Your email address. On the web, you sign in with an email and password, or with Google. If you choose Google sign-in, Google shares the account information needed to authenticate you.
  • A username you choose. It appears only to you inside your own account and is never attached to your deal submissions, which are always shown anonymously to other users.
  • Your password is salted and hashed by our auth provider (Supabase). It is never stored or transmitted in plain text.

When you sign in or sign up

To stop automated abuse, our sign-in and sign-up forms use hCaptcha, a bot-detection service from Intuition Machines, Inc. hCaptcha may process your IP address and device and browser signals, and set a cookie, to tell humans apart from bots. We receive only a pass-or-fail result, not the underlying signals. hCaptcha’s handling of that data is governed by its own privacy policy.

When you submit a deal

  • Vehicle details: condition (new or used), year, make, model, and optional trim.
  • Purchase details: country, province or state, city, purchase date, and payment type (cash, finance, or lease).
  • Price data: MSRP, out-the-door (OTD) price paid, dealer asking price, documentation fee.
  • Financing details if applicable: interest rate, loan term, down payment, monthly payment.
  • Lease details if applicable: monthly payment, lease term, annual kilometre allowance, money factor.
  • Optional additional context you choose to add as a note.
  • Your account ID is associated with each submission so you can manage it later. Your email address and identity are never shown alongside the deal to other users.

Verification document uploads

You may voluntarily upload a purchase agreement after removing personal information. Uploaded documents are stored privately.

  • You must redact names, addresses, signatures, account numbers, government identifiers, and other personal information before uploading.
  • FairDrives reviews only the vehicle, price, and purchase date needed to verify the submission.
  • Documents are deleted within 60 days of upload, whether or not they have been reviewed. Uploads that are never attached to a submission are deleted after 24 hours.
  • Never display the document to other users.

FairDrives does not automatically redact uploaded documents.

Cookies and local storage

FairDrives uses only the cookies and local storage needed to run the service. We do not use advertising, marketing, or cookie-based tracking. A short notice on your first visit confirms we use these essential cookies; there is no tracking to opt out of.

  • Sign-in cookies — first-party cookies set by our auth provider (Supabase) that keep you signed in between visits.
  • Security cookies — set by hCaptcha on the sign-in and sign-up pages, used only to tell humans apart from bots.

You can clear or block these in your browser settings, but if you block the sign-in cookies you will not be able to log in or submit a deal.

What we never collect

  • Your precise location.
  • Any file beyond the documents you actively choose to upload.
  • Advertising or cross-site tracking identifiers.
  • Dealer names. We do not collect, store, or display these by design.

03

How we use your information

We use the information described above only for the purposes listed below.

Purpose
Legal basis
Providing the FairDrives service
Performance of service
Aggregating OTD prices into community benchmarks
Legitimate interest
Verifying submitted deals
Consent
Detecting fraudulent or spam submissions
Legitimate interest
Improving the Service via aggregated, de-identified usage signals
Legitimate interest

We do not use your data for targeted advertising, do not sell it to dealerships, and do not use it for any purpose not listed above.

04

How we share your information

We do not sell your personal information. We share data only:

With service providers we rely on to run FairDrives

  • Supabase — database, authentication, and file storage.
  • Vercel — web hosting, edge networking, and privacy-friendly, cookieless aggregate analytics.
  • hCaptcha (Intuition Machines, Inc.) — bot and abuse prevention on our sign-in and sign-up forms.
  • Google — sign-in provider when you choose to use it.

Each provider is bound by a data processing agreement. They may only process your data on our instructions and for the purposes described in this policy.

As anonymised, aggregated benchmarks

We may publish or license anonymised aggregate pricing benchmarks — for example, “the median OTD price for a 2025 Toyota RAV4 in Vancouver was $44,800 across 38 verified reports.” This data cannot identify any individual buyer or submission.

When required by law

We may disclose information if compelled by a valid legal order. Where permitted, we will notify the affected user, and we will challenge requests we consider overbroad. We will never voluntarily disclose user identity to a dealership.

05

Data retention

Data
Retention
Account information
Until your account is deleted
Deal submissions
Until you delete them or your account
Uploaded verification documents
Deleted within 60 days of upload
Server and crash logs
Up to 24 months
Payment records
As required by applicable tax law

06

Your privacy rights

You have the right to:

  • Access a copy of the personal information we hold about you, within 30 days of your request.
  • Correct information you believe is inaccurate or incomplete.
  • Delete your account and the data tied to it.
  • Export the deals you have submitted.

You can delete your account and the data tied to it yourself, at any time, from your Account page. Self-serve data export is coming soon; in the meantime, email privacy@fairdrives.com from the address on your account and we will action any access, correction, or export request within 30 days.

If you believe we have not handled your request properly, you can file a complaint with the privacy or data protection regulator responsible for your jurisdiction.

07

Security

  • All data is encrypted in transit using TLS 1.2 or higher.
  • Passwords, where used, are salted and hashed by our auth provider; we do not see or store plaintext passwords.
  • Uploaded verification documents live in private, access-controlled storage and are deleted on the schedule described in “What we collect” above.
  • Row Level Security is enforced on every database table holding user data.
  • In the event of a breach affecting personal information, we will notify you and the relevant authorities in line with applicable breach reporting requirements.

08

Children

FairDrives is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has submitted information, contact privacy@fairdrives.com and we will delete it promptly.

09

Cross-border transfers

Some of our service providers process or store data in the United States. All providers are bound by data processing agreements meeting applicable privacy standards.

10

Changes to this policy

We will tell you about material changes through a notice on our website and, if you have an account, by email at least 14 days before they take effect. Continued use of FairDrives after the new effective date means you accept the updated policy.