Privacy Policy

1. Introduction

Welcome to FLYTS ("we," "our," or "us"), a peer-to-peer car rental mobile application connecting car owners with renters. We are committed to protecting your privacy and ensuring the security of your personal information.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information. By using FLYTS, you agree to the collection and use of your information as described herein.

2. Information We Collect

2.1 Information You Provide

• Account info: Name, email, phone, password (encrypted), profile picture, gender, bio, preferred car type
• Identity verification: ID type & number, ID photos, driver's license number & expiry, driver's license photos, verification status
• Location info: Country, city, current location (if location services enabled), search preferences
• Vehicle info (Car owners only): Make, model, year, registration, photos, location, pricing, specifications
• Booking & trip info: Booking dates, start/end photos, odometer readings, fuel level, vehicle condition, ratings & reviews
• Payment info: Payment method, transaction history, wallet balance, bank account/mobile money info (for withdrawals)
• Communication: In-app messages, support requests, feedback

2.2 Information Collected Automatically

• Device info: Type, OS version, unique identifiers, mobile network info, app version
• Usage info: Features accessed, time spent, search queries, booking history, notifications
• Location data: Precise location (if allowed), approximate via IP, location history
• Technical info: IP, browser type, access times, crash logs, performance data

2.3 Information from Third Parties

• Google Sign-In profile info
• Payment confirmation from Paystack
• Location & map info from Google Maps/Places

3. How We Use Your Information

• Account management & booking processing
• Facilitate communication between car owners & renters
• Payment processing & wallet management
• Identity verification & fraud prevention
• Display available vehicles & provide support
• Analytics & service improvement
• Legal compliance under Kenyan law

4. How We Share Your Information

• With other users: Profile, ratings, vehicle info visible as needed for bookings
• With service providers: Firebase, Paystack, Google Maps, cloud storage, analytics providers
• Legal requirements: Courts, law enforcement, government requests
• Business transfers: In case of mergers or acquisitions
• With consent: For purposes you explicitly approve

5. Data Security

• Encryption (HTTPS & at rest)
• Secure authentication via Firebase
• Limited access based on need-to-know
• Regular security audits
• Payment processing via PCI-DSS-compliant processors

6. User Rights (Kenya)

Under Kenya Data Protection Act, 2019, you have rights to:

• Access your data
• Correct or delete personal info
• Object to processing
• Restrict processing
• Request data portability
• Withdraw consent anytime

Other rights: Control location sharing, notification preferences, and profile visibility.

7. Data Retention

• Account info: While account is active
• Booking/payment records: 7 years (tax & legal purposes)
• ID documents: Until deletion or as required by law
• Location info: 90 days unless needed for active bookings

8. International Data Transfers

Data may be transferred outside Kenya; we ensure appropriate safeguards via contractual clauses or adequacy decisions.

9. Children

• Not for users under 18.
• If children's data is collected accidentally, we will delete it on notice.

10. Third-Party Services

Firebase, Paystack, Google Maps/Places — please review their privacy policies.

11. Cookies & Tracking

• Used to remember preferences, analyze usage, personalize experiences, and improve security.
• Can be controlled via device settings.

12. Changes to Privacy Policy

• Updates will be notified via in-app notice or email.
• Continued use after changes constitutes acceptance.

13. Contact

Email: flyts@cartlyf.com
Phone: +256 704361827
Address: Kitale, Kenya
DPO Email: dpoflyts@cartlyf.com