Privacy Policy

This Privacy Policy describes how Eon technologies inc. ("Eon," "we," "us," or "our") collects, uses, shares, retains, and protects information about you when you use our websites at eonrides.com and teslarents.com, our mobile applications, and any related services (together, the "Services"). This policy applies whether you reach us through the Eon brand or the Teslarents brand. Eon technologies inc. is the controller of your information for both.
‍

By using the Services you agree to this Privacy Policy and our Terms of Use. If you do not agree, do not use the Services.

This policy is written for US residents. We do not currently offer the Services to users in the European Economic Area, the United Kingdom, or Switzerland.

1. Information we collect

1.1 Information you give us

When you register, book a rental, or interact with the Services, we may collect:

• Identifiers: name, email, phone number, mailing address, ZIP, date of birth, profile photo, account credentials.
• Driver and vehicle information: driver's license number and issuing state, license plate number, vehicle identification number (VIN), auto insurance information.
• Financial information: credit score, billing address. We do not store payment card numbers; those are handled by our PCI-DSS compliant payment processors.
• Background screening inputs: information needed to run the screening described in Section 5 below.
• Content you submit: messages to customer support, reviews, comments, messages exchanged with other users.
• Any other information you choose to provide.

1.2 Information collected automatically

When you use the Services we collect:

• Usage data: pages and screens viewed, features used, time and duration of activity, referring and exit URLs.
• Device data: IP address, browser type and version, operating system, mobile device identifiers (such as IDFA on iOS or AAID on Android), language settings, and crash logs.
• Approximate location derived from IP address.
• Precise geolocation, only when you have enabled location permissions in the app.
• In-vehicle telemetry from rented vehicles: location, speed, acceleration, braking, harsh-event flags, vehicle health and diagnostic data, and trip start/end times.

1.3 Information from third parties

• Background screening providers: criminal history, credit information, sex offender registry results, and related public-records information used to determine your eligibility to rent. See Section 5.
• Social and identity providers: if you sign in with Apple, Google, or Facebook, we receive the information that provider sends us (typically name, email, and a unique user identifier), subject to that provider's privacy practices.
• Vehicle telematics providers and OEMs: telemetry described in Section 1.2 above, where the vehicle is equipped with a connected platform.

1.4 Sensitive personal information

Some of what we collect is "sensitive personal information" under California and similar state laws, including: driver's license number, precise geolocation, financial information (credit score), criminal-history information, and the biometric template generated from your profile photo (see Section 6). We use sensitive personal information only for the purposes described in this policy and only for the purposes permitted without your opt-in under applicable law (verifying eligibility, preventing fraud, providing the Services you request, and complying with legal obligations). You have the right to limit our use of sensitive personal information as described in Section 10.

‍

‍

‍2. How we use your information

‍

We use the information we collect to:
‍

• Provide, operate, and improve the Services, including matching drivers and vehicles and managing rentals.
• Verify your identity and eligibility to rent.
• Run background screening.
• Process payments, payouts, charges, fines, tolls, and reimbursements.
• Communicate with you about your account, bookings, support requests, and updates to the Services.
• Send marketing communications about our products and services, where permitted, and from which you can opt out.
• Detect, investigate, and prevent fraud, theft, vehicle damage, unauthorized use, and other harmful activity.
• Improve the safety of the Services for renters, hosts, and the public.
• Conduct analytics and research to understand and improve the Services.
• Comply with laws, respond to legal process, and enforce our Terms of Use.

‍

‍

3. How we share your information

‍

We share information with:

• Service providers and processors that perform services for us (hosting, customer support, identity verification, fraud detection, communications, analytics, payments). They are contractually limited to using your information to perform services for us.
• Vehicle owners or hosts (where you rent a vehicle from a host on the platform): identity and contact information needed to complete the rental, and trip-related telemetry needed for the host's lawful operation of the vehicle.
• Background screening providers: information needed to obtain reports.
• Insurance carriers and adjusters: information needed to bind coverage, evaluate claims, and pursue subrogation, including trip telemetry related to a claim or incident.
• Vehicle OEMs and connected-vehicle data providers: in some cases connected-vehicle data flows between the vehicle's manufacturer platform and us; the OEM's privacy practices apply to its own collection and use.
• Data analytics providers and connected-vehicle data aggregators: aggregated or de-identified trip data may be shared for safety research, road condition analysis, and related purposes; we do not share personal information with data brokers for marketing.
• Public authorities and law enforcement: when required by law, valid legal process, or where we believe disclosure is necessary to protect safety, property, or our legal rights.
• Acquirers and successors: in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our business.
• With your direction: to anyone you ask us to share with.

We do not sell your personal information for money. Under California law, certain sharing of personal information for cross-context behavioral advertising can be treated as "sharing." We do not share personal information for cross-context behavioral advertising.

‍

‍

4. Cookies and tracking technologies
‍

We use cookies and similar tracking technologies on our websites and mobile applications to operate the Services, remember your preferences, support security, analyze usage, and improve the Services.

We do not provide an in-product setting to reject or disable cookies. You can manage or delete cookies through your browser settings; on mobile, you can reset your advertising identifier through your device settings. Disabling cookies through your browser may break parts of the Services.

‍

‍

5. Background screening
‍

We obtain background information about you from third-party screening providers to determine your eligibility to rent. This may include criminal history, credit information, sex offender registry results, and related public-records information. We use this information only to evaluate eligibility, prevent fraud, and operate the Services. We do not sell it.

‍

‍

6. Biometric information (face verification)
‍

To prevent fraud and confirm that the person renting a vehicle is the person whose ID was uploaded, we use facial-recognition technology to compare your profile photo or a live selfie to the photo on your government-issued ID. This process generates a biometric identifier or biometric template within the meaning of state biometric laws such as the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act (CUBI), and the
Washington biometric statute.
‍

• We collect this biometric information solely to verify your identity and detect fraud.
• We obtain your written consent before collection, presented separately during onboarding.
• We do not sell or lease your biometric information.
• We share biometric information only with the identity-verification service provider that performs the match on our behalf.
• We retain biometric identifiers and biometric information only for as long as needed to fulfill the verification purpose, and in any event no longer than three years after your last interaction with us, after which we permanently destroy it.

You can request deletion of your biometric information at any time by contacting us at the address in Section 12.

‍

7. Connected-vehicle telemetry
‍

Vehicles rented through the Services may be connected vehicles that transmit telemetry data, including location, speed, acceleration, braking, and vehicle status. We collect this data during the rental period and may use and share it for:
‍

• Operating the rental and verifying return condition.
• Locating a vehicle that is overdue, reported stolen, or being operated outside the rental territory.
• Investigating accidents, damage, traffic violations, and tolls.
• Providing data to insurance carriers in connection with claims.
• Sharing aggregated or de-identified telemetry with vehicle manufacturers, fleet operators, safety researchers, and connected-vehicle data aggregators.

You can decline a connected vehicle by selecting a non-connected vehicle at booking, where available. Once a rental begins on a connected vehicle, telemetry collection during the rental cannot be turned off; it is a condition of using the vehicle.

‍

‍

8. Data retention
‍

We retain personal information for as long as we operate the Services and for as long as we determine to be necessary for our business and legal purposes. Specific retention obligations under state biometric laws apply to biometric information, as described in Section 6.

‍

‍

9. How we protect your information
‍

We maintain a written information security program with administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit and at rest for sensitive data, role-based access controls, multi-factor authentication for administrative access, regular security assessments and penetration testing, vendor security reviews, and a documented secure software development lifecycle. No security program is perfect; we cannot guarantee absolute security.
‍

‍

10. Your privacy rights

‍

10.1 California residents (CCPA / CPRA)

If you are a California resident, you have the right to:

• Know what personal information we have collected about you and how we have used and disclosed it.
• Access a copy of your personal information.
• Correct inaccurate personal information.
• Delete personal information we collected from you, subject to legal exceptions.
• Opt out of the sale or sharing of personal information. We do not sell personal information and we do not share it for cross-context behavioral advertising.
• Limit the use and disclosure of sensitive personal information to purposes permitted under California law without your opt-in.
• Non-discrimination for exercising any of these rights.

How to exercise these rights. You can submit a request in two ways:

• Email: support@eonrides.com

We will verify your identity using information already in our records before fulfilling access, correction, or deletion requests. You may use an authorized agent to submit a request; the agent must provide proof of your written authorization and we may require you to verify your identity directly. We honor Global Privacy Control (GPC) signals on our websites as a valid opt-out of sale and sharing, to the extent any such activity applies.

Categories of information collected, disclosed, and used in the past 12 months. Identifiers, government identifiers (driver's license, license plate), commercial information (rentals, payments), internet and electronic network activity, geolocation (including precise location), audio/electronic/visual information (profile photos, support call recordings if recorded), professional or employment information (if provided), inferences drawn from the above, and the sensitive personal information categories listed in Section 1.4. We collected each category for the purposes in Section 2 and disclosed each category to the recipients in Section 3.

Shine the Light. California residents may request, once per calendar year, information about the personal information (if any) that we shared with third parties for those parties' direct marketing purposes during the prior calendar year. Send your request to support@eonrides.com.

10.2 Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Delaware, Iowa, New Hampshire, New Jersey, Tennessee, Indiana, Minnesota, Maryland, Kentucky, Rhode Island, and other states with comprehensive privacy laws

If you live in a state with a comprehensive consumer privacy law in effect, you have rights to access, correct, delete, port, and opt out of certain processing of your personal data, including opt out of sale, opt out of targeted advertising, and opt out of certain profiling. To exercise these rights, contact us at the address in Section 10.1. We do not sell personal data and we do not engage in targeted advertising. If we deny your request, you may appeal by replying to our response email; we will respond to the appeal within the time required by your state's law.

10.3 Nevada residents

‍

Nevada law (NRS 603A.340) gives Nevada consumers the right to direct a business not to sell certain personal information. We do not sell personal information, but you may still submit a request to us at support@eonrides.com.

‍

‍

11. SMS messaging (TCPA)
‍

By providing your mobile number, you agree to receive text messages from Eon at that number, including transactional messages about your account, bookings, and Services. Separately, where you have given express written consent, you may also receive marketing messages from Eon.

• Message frequency varies based on your account activity.
• Message and data rates may apply.
• Carriers are not liable for delayed or undelivered messages.
• Reply STOP to opt out of further messages. Reply HELP for help.
• Full terms: [link to SMS Terms]
• Privacy: this Privacy Policy.

Opting out of marketing messages does not opt you out of transactional account messages necessary to provide the Services.

‍

‍

12. Children's privacy

‍

The Services are not directed to children. We do not knowingly collect personal information from anyone under 18, and we do not knowingly collect personal information from children under 13 in violation of the Children's Online Privacy Protection Act (COPPA). If you believe we have collected information from a child under 13, contact us at support@eonrides.com and we will delete it.

‍

‍

13. Contact us

‍

For questions, requests, or to exercise your rights, email us at support@eonrides.com.

‍

‍

14. Changes to this policy

‍

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Changes are effective when posted. We encourage you to review this policy periodically.