Privacy Policy
Last updated: May 16, 2026
Spotly is built on trust. Here's exactly how we handle your data.
1. Information We Collect
When you create an account, we collect your name, email, and phone number (optional). When you book a spot, we collect your license plate, vehicle information, and payment details (processed and stored by Stripe — Spotly never sees your full card number). When you list a spot, we collect your address, photos, business or tax info required by Stripe Connect, and bank account info (held by Stripe). When you use the app, we collect device information, location data (only when you grant permission), app usage analytics, and any photos or notes you submit with reports.
2. How We Use Your Data
We use your data to: (a) operate the platform — match drivers with hosts, process payments, send notifications related to your bookings; (b) prevent fraud and abuse; (c) comply with legal obligations including tax reporting; (d) improve the app through analytics; (e) communicate important account or service updates. We do NOT sell your personal information to advertisers or data brokers.
3. Address Privacy
Listing addresses are intentionally hidden from drivers until 1 hour before their confirmed booking starts. This protects hosts from unwanted traffic. Drivers see only an approximate location, a general description, and the host's first name on the map. The full address is revealed via in-app notification and the Bookings tab at the appropriate time.
4. Payment and Financial Data
All payment processing is handled by Stripe, which is PCI-DSS Level 1 certified. Spotly does not store credit card numbers, CVVs, or bank account information on our servers. We retain transaction records (amount, date, payment intent ID) for accounting, refund handling, and tax compliance. Stripe's Privacy Policy applies to all data they process: stripe.com/privacy.
5. Location Data
We request access to your device location only to show you nearby parking spots. Location is used only while you have the app open and is not tracked in the background. You can revoke location permission at any time in iOS Settings → Spotly. The app continues to work without location, but will not filter spots by proximity.
6. Third-Party Services
We share limited data with: (a) Stripe — payment processing, host payouts, identity verification; (b) Supabase — secure storage of your account and booking data on US-based servers; (c) Apple — for App Store delivery and push notifications; (d) Map providers (Apple Maps, OpenStreetMap) — to display the map and route to spots. We do not share your data with advertisers.
7. Data Retention
Account and booking data is retained for as long as your account is active, plus 7 years for tax and legal compliance. You may request deletion at any time (see Your Rights below), and we will delete or anonymize your data within 30 days, except where retention is required by law (e.g., financial records, ongoing disputes).
8. Security
We use industry-standard security including HTTPS for all data in transit, encrypted storage at rest, and row-level security on our database so users can only access their own data. No system is perfectly secure; we cannot guarantee absolute protection but commit to notifying affected users promptly if a breach is detected.
9. Your Rights
You have the right to: (a) access the data we hold about you, (b) correct inaccurate data, (c) request deletion of your account and associated data, (d) export your data in a machine-readable format, (e) opt out of marketing communications, (f) restrict or object to certain processing. To exercise any of these rights, email spotlyhq@gmail.com. We will respond within 30 days.
10. Children
Spotly is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe a minor has provided information, contact spotlyhq@gmail.com and we will delete the account.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notice or email at least 30 days before they take effect. Continued use of the app after the effective date constitutes acceptance.
12. Contact
For privacy questions, data requests, or to report concerns, email spotlyhq@gmail.com. For general support, email spotlyhq@gmail.com. We will respond within 30 days.