1) Scope

This Privacy Policy (the "Policy") explains how [FRS Dealer Solutions, LLC] ("FRS," "we," "us," "our") collects, uses, discloses, and protects personal information when you use our website and services available at [https://www.frsdealersolutions.com] (the "Site") and related tools (collectively, the "Services"). This Policy applies to information we process as a business under U.S. privacy laws. If you use the Services on behalf of an organization (e.g., a dealership), your employer's or company's privacy practices may also apply.

2) Notice at Collection (California)

The table below summarizes the categories of personal information we collect, sources, purposes, retention, whether we sell or share it for cross-context behavioral advertising (CCBA), and typical disclosures to service providers. We do not sell personal information and we do not share personal information for CCBA.

Minors. Our Services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child provided information, contact us and we will delete it.

3) Personal information we collect

We may collect the following, depending on how you use the Services:

• Account & profile: name, email, phone, password hashes, organization/dealership details.
• Identity verification data (when required for RON/anti-fraud): images/scans of IDs; limited biometric measurements for face-matching if you consent; results (pass/fail, risk flags).
• Scheduling & communications: session times, attendees, reminders; audio/video metadata if you use a third-party communications provider; support messages.
• Transactional: service selections, order identifiers, invoice totals; last 4 digits of card or masked bank data (we do not store full payment instrument numbers—processors do).
• Device/usage: IP address, user-agent, pages or APIs accessed, timestamps, approximate location from IP.
• Content you upload: documents necessary to complete titling/notarization workflows.

4) Sources

• Directly from you or your organization when you create an account, schedule sessions, upload documents, or contact support.
• Automatically from your devices via cookies, SDKs, and similar technologies.
• From service providers and verification/notary partners (e.g., identity verification outcomes; notary session status) where needed to deliver the Services.

5) How we use personal information

• Provide and secure the Services; create and maintain accounts; process transactions; schedule & conduct sessions.
• Identity verification & fraud prevention to protect users and comply with legal/contractual obligations.
• Customer support and service communications (emails/SMS/push).
• Analytics and service improvement (aggregated/de-identified where possible).
• Legal compliance (e.g., records retention, responding to lawful requests, preventing abuse).
• We do not use personal information to make decisions that have legal or similarly significant effects solely by automated means.

6) Cookies and similar technologies

We use essential cookies for authentication and security, and may use analytics cookies/SDKs to understand usage. You can control cookies through your browser settings. We do not use cookies for cross-context behavioral advertising.

• Do Not Track & Global Privacy Control (GPC): If we engage in any activity deemed a "sale" or "sharing" under applicable law in the future, we will honor GPC signals as an opt-out for that activity.

7) Disclosure of personal information

We disclose personal information to:

• Service providers / processors who host data, process payments, provide analytics and security, send emails/SMS, or support identity verification and remote online notarization.
• Business partners when you or your organization direct us to share information for a joint workflow.
• Legal and compliance recipients (courts, law enforcement, regulators) when required by law or to protect rights, safety, and the integrity of the Services.
• Corporate transactions (merger, acquisition, financing) where permitted by law and subject to appropriate safeguards.

We do not sell personal information, and we do not share it for cross-context behavioral advertising.

8) Retention

We retain personal information only as long as reasonably necessary for the purposes described above or as required by law/contract. Typical timeframes:

• Account & profile: account life + 3 years
• Transaction & billing: 7 years
• Identity verification records: 2 years (or as required by applicable notary/identity laws or contracts)
• Logs & security data: 12 months
• We may de-identify or aggregate data for analytics and retain non-personal data without time limit.

9) Security

We implement reasonable administrative, technical, and physical safeguards suitable to the nature of the data we process (e.g., encryption in transit, access controls, least-privilege, monitoring). No system is 100% secure.

10) Your privacy rights

Depending on where you live, you may have the rights listed below. We will not discriminate against you for exercising these rights.

• Access / Know. Request the categories and specific pieces of personal information we have collected about you.
• Delete. Ask us to delete personal information, subject to legal exceptions.
• Correct. Ask us to correct inaccurate personal information.
• Portability. Obtain a copy of certain information in a portable format.
• Opt-out of sale/share. We do not sell or share personal information for CCBA. If this changes, we will provide a clear opt-out and honor GPC.
• Limit use of Sensitive PI (CA). We use Sensitive PI only for permitted purposes (e.g., identity verification, security). If we ever use it beyond permitted purposes, you may instruct us to limit its use.
• Appeal (CO/CT/VA). If we deny your request, you may appeal by replying to our decision notice within 30 days.

How to exercise your rights: Email [privacy@frsdealersolutions.com] or submit a request via www.frsdealersolutions.com/privacyrequest. We will verify your identity (and authority if using an authorized agent) before fulfilling requests.

11) International users (EEA/UK)

Our Services are primarily intended for U.S. users. If we process personal data of EEA/UK residents:

• Controller. [FRS Dealer Solutions, LLC, 2785 Pacific Coast HWY STE E 717, Torrance, CA 90505] acts as controller for Site usage; for enterprise accounts, we may act as processor under a Data Processing Addendum (DPA).
• Legal bases. Contract performance; legitimate interests (service improvement, security); legal obligations; consent (where required, e.g., optional face verification).
• Transfers. We rely on Standard Contractual Clauses and supplementary measures for transfers to the U.S.
• EEA/UK rights. Right to access, rectify, erase, restrict, object, portability, and lodge a complaint with a supervisory authority.

12) Third-party links and services

The Services may link to third-party websites or integrate third-party features (e.g., identity verification, remote notarization, mapping, payments). This Policy does not apply to those third parties' practices. Review their policies before using their services.

13) Changes to this Policy

We may update this Policy from time to time. If changes are material, we will provide notice (e.g., by posting on the Site or emailing the address associated with your account). Your continued use of the Services after the effective date means you accept the updated Policy.

14) Contact us

Questions or requests about privacy? Contact [privacy@frsdealersolutions.com] or mail [FRS Dealer Solutions, LLC, Attn: Privacy, 2785 Pacific Coast HWY STE E 717, Torrance, CA 90505].