Privacy Policy

Last updated: July 2, 2026

Softserve Software LLC d/b/a Car Storage Software
Introduction

Softserve Software LLC, a Florida limited liability company doing business as Car Storage Software (carstoragesoftware.com)(“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our car storage facility management software and related services (collectively, the “Service”).

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

Storage facilities and other business customers that upload information about their own customers, employees, or vendors should also review the Customer Data Processing Terms in our Terms of Service.

Information We Collect

Personal Information

  • Name, email address, and contact information
  • Business information and facility details
  • Payment and billing information
  • Account credentials and authentication data

Vehicle and Facility Data

  • Vehicle photos and documentation
  • License plate information
  • Vehicle condition assessments and damage reports
  • Storage facility operations data
  • Customer vehicle records and history

Usage Information

  • Service usage patterns and analytics
  • Device information and browser data
  • IP addresses and location data
  • Error logs and performance metrics

Call Recording (Optional)

If a storage facility enables optional call recording and/or transcription in the Service, we may process and store call recordings and related transcript data to provide those features.

Storage facilities are responsible for providing any required disclosures and obtaining any required consent from call participants, including under two-party or all-party consent laws that may apply in California, Canada, and other jurisdictions. We recommend leaving call recording disabled until appropriate notice and consent are in place. We do not condone unlawful recording and are not responsible for customers' failure to comply with local laws.

How We Use Your Information
  • Provide, maintain, and improve our car storage management services
  • Process vehicle documentation and generate reports
  • Analyze photos using AI to extract vehicle information (such as make, model, license plate, and condition details) on behalf of the storage facility using the Service
  • Send notifications and updates about your account and services
  • Process payments and manage billing
  • Provide customer support and respond to inquiries
  • Ensure security and prevent fraud
  • Comply with legal obligations and enforce our terms
Roles and Responsibilities

How we handle information depends on who you are and how you use the Service:

  • Storage facilities and business customers: If you subscribe to the Service and upload information about your customers, vehicles, employees, or vendors, you are generally the data controller (or equivalent) for that information. We act as your service provider and data processor and handle that information on your instructions, as described in our Terms of Service.
  • End customers and vendors: If you use a customer portal, checkout page, or other facility-branded portion of the Service, the storage facility is generally responsible for its relationship with you and its privacy notices. We process your information to provide the Service to you and to the facility.
  • Our own account data: For information we collect directly about facility administrators, billing contacts, and other users of our platform (such as account credentials and subscription details), we act as the data controller.
How We Protect Your Information

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication requirements
  • Secure data centers and infrastructure
  • Employee training on data protection
Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

  • With your explicit consent
  • To service providers and subprocessors who assist in operating our Service on our behalf and under contractual obligations consistent with this policy
  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety
  • In connection with a business transfer or merger

Any third-party service providers are contractually bound to protect your information, process it only for specified purposes, and not sell or share it for their own independent commercial purposes.

Confidentiality Commitment: We treat all customer data, business information, and operational details as confidential. We do not use, sell, or share your operational data, client information, or other sensitive business data for any competitive purpose. We use aggregated or anonymized data solely for improving the Service (e.g., analytics, performance insights).

Service Providers and Subprocessors

We use trusted third-party providers to help deliver the Service. These providers process personal information on our behalf and are permitted to use it only to perform services for us, subject to confidentiality and security obligations. Key categories include:

  • Cloud hosting and infrastructure (application hosting, databases, object storage, and caching)
  • Payment processing (card and bank payments through our PCI-compliant payment processor)
  • Communications (transactional email, SMS, and telephony for notifications and optional call features)
  • AI and automation (photo analysis, document processing, and related features you enable)
  • Vehicle and identity data providers (license plate, VIN, and related lookup services where configured)
  • Monitoring and analytics (error reporting, performance monitoring, and aggregated usage analytics)

Representative providers may include cloud hosting platforms, managed database and storage services, Stripe, SendGrid, Twilio, OpenAI, and similar vendors supporting the features you use. Our current subprocessors, the data they process, and the transfer safeguards in place are published on our Subprocessor List, which we update before adding or replacing providers.

For business customers, our Data Processing Agreement governs how we process personal data on your behalf.

International Data Transfers

We are based in the United States. Personal information is primarily processed and stored in the United States, and may also be processed in other countries where we or our subprocessors maintain facilities or personnel.

If you use the Service from Canada or another jurisdiction outside the United States, you acknowledge that personal information may be transferred to, stored in, and processed in the United States and other countries that may have different data protection laws than your jurisdiction.

For Canadian personal information subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) or substantially similar provincial laws, we process such information as a service provider on instructions from the storage facility that uploaded it. Storage facilities are responsible for providing any notice and obtaining any consent required before transferring personal information across borders. We use contractual and organizational safeguards designed to protect personal information in our custody.

For personal data protected by the GDPR, UK GDPR, or Swiss FADP, we rely on valid transfer mechanisms: the European Commission's Standard Contractual Clauses (2021/914) incorporated into our Data Processing Agreement (with the UK Addendum and Swiss adaptations where applicable), and, for subprocessors certified under it, the EU–U.S. Data Privacy Framework.

Data Handling and Confidentiality

Confidential Information Protection: We treat all customer data, business information, trade secrets, pricing, and operational details as confidential information. We maintain strict confidentiality standards and do not disclose such information except as necessary to provide our services or as required by law.

Data Use Restrictions:We do not use your confidential business information for competitive purposes. We do not operate any car storage facilities or related services and have no interest in competing with our customers' business operations.

Data Processing: We process your data solely for the purpose of providing our car storage management services. Any aggregated or anonymized data used for service improvement does not contain personally identifiable information or confidential business details.

Security Measures: We implement industry-standard security measures to protect confidential information, including encryption, access controls, and regular security assessments.

Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Opt-out: Unsubscribe from marketing communications
  • Restriction: Request restriction of processing in certain circumstances

You can exercise the most common rights yourself: account holders can update their profile, download a machine-readable copy of their personal data (“Download my data”), and permanently delete their account from their settings page. For anything else, contact us using the information provided below. If your request relates to information held by a storage facility about its customers, we may direct you to that facility where we act as their service provider.

California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, access, delete, and correct personal information, and the right to limit use of sensitive personal information in certain circumstances.

We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under California law.

When we process personal information on behalf of a storage facility or other business customer, we act as a service provider to that customer. In that role, we process personal information only to provide the Service and as described in our Terms of Service and this Privacy Policy.

To submit a California privacy request, contact us at the email address below. We will verify your request as required by law. You may also designate an authorized agent to submit a request on your behalf where permitted by law.

European Privacy Rights (GDPR / UK GDPR)

If you are in the European Economic Area, United Kingdom, or Switzerland, we process your personal data under the following legal bases:

  • Performance of a contract (Art. 6(1)(b)) — providing the Service to you or your facility, including accounts, billing, and support
  • Legitimate interests (Art. 6(1)(f)) — securing the Service, preventing fraud and abuse, and improving our products
  • Legal obligation (Art. 6(1)(c)) — tax, accounting, and other regulatory requirements
  • Consent (Art. 6(1)(a)) — marketing communications and optional features, which you can withdraw at any time

In addition to the rights listed above, you have the right to object to processing based on legitimate interests, the right to withdraw consent at any time (without affecting prior processing), and the right to lodge a complaint with your local supervisory authority (a list is available at edpb.europa.eu, or the ICO at ico.org.uk for the UK). We do not use your personal data for automated decision-making that produces legal or similarly significant effects, and we do not sell personal data.

Where a storage facility in the EEA/UK uses the Service, the facility is the data controller for its customer data and we process it as their processor under our Data Processing Agreement, which incorporates the Standard Contractual Clauses for international transfers.

We respond to verified requests within one month, as required by Articles 12–22 GDPR.

Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Vehicle documentation and facility data may be retained for longer periods as required by applicable laws and regulations.

Full details of how long each category of data is retained, and how data is securely disposed of when it is no longer needed, are described in our Data Retention and Disposal Policy.

Cookies and Tracking Technologies

We keep cookie use to a minimum. We do not use third-party advertising, marketing, or cross-site tracking cookies, and we do not load third-party analytics scripts. Because of this, we do not show a cookie consent banner — every cookie we set is first-party and used to make the Service work.

Cookies we set:

  • Authentication cookies (essential): Keep you signed in and protect your session
  • Security cookies (essential): CSRF protection and admin two-factor verification
  • Preference cookies (functional): Remember settings such as your landing page variant and display preferences

You can clear or block cookies through your browser preferences; essential cookies are required to sign in. If we ever introduce non-essential tracking, we will ask for consent first where required.

Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page by updating the “Last updated” date. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Softserve Software LLC

d/b/a Car Storage Software (carstoragesoftware.com)

Email: matt@carstoragesoftware.com

Address: 3343 Port Royale Dr S, Fort Lauderdale, FL 33308