PRIVACY POLICY AND DATA PROTECTION
Last updated: April 30, 2026
Version: 2.4
LEGAL INFORMATION
This Privacy Policy describes how Priority Help Car (Priority Help Car) collects, uses, stores, and protects your personal data on both our mobile application and our website (https://priorityhelpcar.com), in compliance with the following regulations:
European Regulations:
- Regulation (EU) 2016/679 - General Data Protection Regulation (GDPR)
- Organic Law 3/2018 - Personal Data Protection and guarantee of digital rights (LOPDGDD) - Spain
- Law 34/2002 - Information Society Services and Electronic Commerce (LSSI-CE)
- Directive 2002/58/EC - Privacy and electronic communications (ePrivacy)
American Regulations:
- California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) - United States
- Virginia Consumer Data Protection Act (VCDPA) - United States
- Colorado Privacy Act (CPA) - United States
Latin American Regulations:
- Federal Law on Protection of Personal Data Held by Private Parties - Mexico
- Lei Geral de Proteção de Dados (LGPD) - Brazil
- Law 1581 of 2012 - Personal Data Protection - Colombia
- Law 25.326 - Personal Data Protection - Argentina
- Law 19.628 - Protection of Private Life - Chile
Applicability: This policy applies to all Priority Help Car users (App and Web) regardless of their geographic location. We apply the highest protection standard (GDPR) as a baseline, with additional specific provisions according to your jurisdiction.
1. DATA CONTROLLER
1.1 Controller Identity
Identity: Anamaria Ispas (Priority Help Car)
Address and Tax Information: Available in our Terms and Conditions
Website: https://priorityhelpcar.com
Communication Channels:
Legal Notice: In accordance with Law 34/2002 (LSSI) and GDPR, the complete tax and registration identification data of the controller are detailed in the Terms and Conditions of Contract, permanently accessible from the footer.
1.2 International Applicability
This Privacy Policy applies globally to all Priority Help Car users, with the following particularities:
Users in the European Union and European Economic Area:
- Main legal framework: GDPR (General Data Protection Regulation)
- Supervisory authority: Agencia Española de Protección de Datos (AEPD) - Spain
- Rights: Access, Rectification, Erasure, Restriction, Portability, Objection
- Legal basis: Consent, Contract performance, Legitimate interest, Legal obligation
Users in the United States:
- Legal framework: CCPA (California), VCDPA (Virginia), CPA (Colorado), state laws
- Rights: Right to know, Right to delete, Right to opt-out of sale/sharing
- Important note: Priority Help Car does NOT sell or share personal data for third-party advertising purposes
- Contact: info@priorityhelpcar.com to exercise CCPA rights
Users in Mexico:
- Legal framework: Federal Law on Protection of Personal Data
- Authority: INAI (National Institute for Transparency, Access to Information and Personal Data Protection)
- ARCO Rights: Access, Rectification, Cancellation, Opposition
- Privacy Notice: This document constitutes the required Privacy Notice
Users in Brazil:
- Legal framework: Lei Geral de Proteção de Dados (LGPD)
- Authority: ANPD (National Data Protection Authority)
- Rights: Confirmation, Access, Correction, Anonymization, Portability, Deletion
- Legal basis: Contract performance, Consent, Legitimate interest
Users in Argentina:
- Legal framework: Law 25.326 on Personal Data Protection
- Authority: AAIP (Agency for Access to Public Information)
- Rights: Access, Rectification, Update, Erasure
- Note: Argentina has an adequacy decision from the European Commission
Users in Colombia:
- Legal framework: Law 1581 of 2012 and Decree 1377 of 2013
- Authority: SIC (Superintendence of Industry and Commerce)
- Rights: Know, Update, Rectify, Delete
- Authorization: This document constitutes the processing authorization
Users in Chile:
- Legal framework: Law 19.628 on Protection of Private Life
- Authority: Council for Transparency
- Rights: Information, Modification, Deletion, Blocking
Users in other countries:
- We apply the GDPR standard (most protective)
- You may exercise all rights described in this policy
- Supervisory authority: according to applicable local legislation
Available languages: This policy is available in Spanish and English. In case of conflict between versions, the Spanish version shall prevail.
2. DATA WE COLLECT
2.1 Registration Data (All Users)
When you create a Priority Help Car account (App or Web), we collect:
- Full name
- Email address
- Phone number
- Password (encrypted)
- Registration date
- Active subscription plan and associated dates
- Acceptance of Terms and Conditions (date)
2.2 Client-Specific Data
If you register as a client, we additionally collect:
Vehicle Data:
Usage Data:
- Service request history
- GPS location (latitude and longitude) at the time of requesting assistance (via App)
- Descriptions of reported problems
- Numerical ratings of providers (rating from 1-5 stars)
2.3 Provider-Specific Data
If you register as a provider, we additionally collect:
- Business name
- GPS location (latitude and longitude) at the time of registration or service
Service Vehicle Data:
- Vehicle make
- Vehicle model
- Vehicle license plate
- Load capacity
- Vehicle category (type of tow truck/service)
- Specific vehicle attributes
Activity Data:
- History of attended requests
- Ratings received from clients
2.4 Technical and Device Data
- Device information (model, operating system, app/browser version)
- Device identifiers provided by the operating system or the distribution platform, used for app functionality, account security and fraud prevention
- IP address and approximate location derived from it (in web and app for security)
- Push notification token (App)
2.5 Usage and Analytics Data
- Information about mobile application and website usage (screens visited, features used, technical errors, session times)
- Content of conversations held through user support channels
2.6 Payment Data
Payment management varies depending on the platform used:
A) In the Mobile Application (App)
Payments and subscriptions are processed exclusively through Google Play Store (Android) and Apple App Store (iOS). Priority Help Car does not have direct access to your complete banking data in this environment.
B) On the Website
For payments processed through our website (if applicable), we use secure payment gateways certified under the PCI-DSS (Payment Card Industry Data Security Standard) standard. Priority Help Car does not store complete credit/debit card data on its own servers.
2.7 Permissions and Technologies
Access to device functions varies depending on the platform:
A) Mobile Application
We request the following permissions subject to your consent in the operating system:
- Location (GPS): To connect clients and nearby providers
- Camera: To take profile or vehicle/breakdown photos
- Gallery/Photos: To upload existing images
- Phone calls: To facilitate direct contact between users during a service
- Push notifications: For request status notifications
- Biometric authentication: For secure access (optional)
B) Website
We use the following technologies:
- Cookies and Local Storage: To maintain your active session and remember preferences
- Web Forms: Collection of voluntarily entered data (contact, registration, business login)
- Server Logs: Recording of IPs for security and attack prevention
2.8 Cookies and Similar Technologies
We use technical (necessary), analytical, and advertising cookies (with consent) on both the App and the Web. See full policy at https://priorityhelpcar.com/legal/cookies
2.9 Service Requests via the Platform
When you submit a service request through our website or mobile application, we collect the data you voluntarily provide, which may include:
- Contact details (name, email address, phone number)
- Information related to the requested service, including photographs
- Location data necessary for service provision
- Preferences and additional remarks
- Acceptance of this Privacy Policy (mandatory)
- Consent to receive commercial communications (optional)
The email address provided may be verified to confirm ownership and prevent misuse. On the website, verification is carried out via a one-time code; in the mobile application, via the registered user account.
Purposes of processing:
- Managing and responding to the user's request
- Facilitating contact with providers or professionals who may deliver the requested service
- Ensuring system security and preventing fraud or abuse
Legal basis:
- Performance of pre-contractual measures at the request of the data subject (Art. 6.1.b GDPR)
- Consent of the data subject for commercial communications, where applicable (Art. 6.1.a GDPR)
Providers or professionals who receive your data for service delivery shall act as independent data controllers, and their own privacy policies shall apply.
3. LEGAL BASIS FOR PROCESSING
We process your data based on the following legal bases of GDPR Art. 6.1:
3.1 Consent (Art. 6.1.a)
For:
- GPS location: Requires permission activation
- Marketing and commercial communications: Specific checkbox
- Analytical and advertising cookies: Consent banner
- Push notifications: Operating system permission
You may withdraw your consent at any time without affecting the lawfulness of prior processing.
3.2 Contract Performance (Art. 6.1.b)
For:
- Providing the marketplace service
- Managing your user account
- Connecting clients with providers
- Processing subscriptions (App and Web)
- Customer service
It is necessary to provide the service. Without this data we cannot operate the platform.
3.3 Legitimate Interest (Art. 6.1.f)
For:
- Service improvement and development of new features
- Fraud and abuse prevention
- Platform security
- Anonymized statistical analysis
- Defense in case of claims
3.4 Legal Obligation Compliance (Art. 6.1.c)
For:
- Compliance with tax obligations (invoices, accounting)
- Data retention for 6 years (Spanish legislation)
- Requirements from competent authorities
- Compliance with consumer regulations
4. PROCESSING PURPOSES
4.1 Main Purposes
A) Provide the Marketplace Service
- Create and manage your user account
- Allow publication/search of service requests
- Connect clients with nearby providers
- Facilitate communication between users
- Send notifications about requests
B) Subscription and Payment Management
- Process subscriptions to paid plans (via Stores or Web)
- Manage automatic renewals
- Apply limits according to contracted plan
- Issue and send invoices
C) Customer Service
- Respond to inquiries and support requests
- Manage technical incidents
- Mediate in disputes (without obligation)
- Improve user experience
D) Request Management Through Additional Channels
- Receive and manage service requests through messaging channels
- Facilitate the connection between clients and providers through said channels
4.2 Secondary Purposes
E) Service Improvement
- Analysis of application and web usage
- Identification of errors and problems
- Development of new features
- Performance optimization
F) Security and Fraud Prevention
- Detect fraudulent uses
- Prevent platform abuse
- Protect users from illicit activities
- Maintain service integrity
G) Service-Related Communications
We may send communications related to processes initiated by the user (such as incomplete registration reminders or request notifications), based on pre-contractual measures (Art. 6.1.b GDPR) or legitimate interest (Art. 6.1.f GDPR).
H) Marketing (Only with explicit consent)
- Sending newsletters
- Offers and promotions
- Information about new features
- Satisfaction surveys
⚠️ Notice: You may unsubscribe at any time.
I) Legal Compliance
- Retention of tax records (6 years)
- Response to judicial requirements
- Compliance with applicable regulations
5. DATA RECIPIENTS
5.1 Sharing Data with Other Users
Clients to Providers
When a client makes a request, responding providers will receive:
- Client's name
- Contact phone number
- Current GPS location
- Vehicle data (make, model, license plate)
- Problem description
This is NECESSARY for the provider to locate and assist the client.
Service Requests
When you submit a service request, providers or professionals who may deliver the service will receive the data necessary to contact you and manage the request. Such providers shall act as independent data controllers.
Providers to Clients
When a provider responds, the client will receive:
- Provider's business name
- Contact phone number
- Approximate location
- Rating and reviews
- Information about services offered
5.2 Service Providers (Data Processors)
We share data with third parties that help us operate the platform:
Infrastructure and Data
- Google Cloud Platform / Firebase: Database, authentication, and hosting (Servers preferably in EU)
- Google Maps Platform: Geolocation and mapping services
Analytics and Notifications
- Firebase Analytics / Google Analytics 4: Usage analysis on App and Web
- Firebase Cloud Messaging (FCM): Sending notifications
- Crashlytics: Error reporting
Communications and Request Management
- Messaging service providers for request management and user support
Advertising (Free plans only)
- Google AdMob: Advertising in the App
Payments
- Google Play Billing / Apple StoreKit: In-app payments
- Web Payment Gateways: If used, PCI-DSS certified providers
5.3 Authorities and Legal Compliance
We may share data with:
- Tax Agency: Compliance with tax obligations
- Law Enforcement: If required by court order
- Consumer Authorities: Dispute resolution
- Courts and Tribunals: Judicial proceedings
We only share the minimum necessary and when legally obligated.
5.4 We Do NOT Sell Your Data
⚠️ Priority Help Car NEVER sells, rents, or commercializes your personal data to third parties.
6. INTERNATIONAL TRANSFERS
Your data is hosted on Google Cloud/Firebase servers.
Server location: Preferably in the European Union. Some operations may involve transfers to the United States.
Protection guarantees:
- Standard Contractual Clauses (SCC) approved by the European Commission
- Google Cloud complies with ISO 27001, ISO 27018, and SOC 2/3 certifications
- EU-U.S. Adequacy Decision (when applicable)
Providers with international transfers:
- Google LLC (Firebase, Google Maps, AdMob) - United States
- Apple Inc. (App Store, iOS services) - United States
You can obtain more information about guarantees at: https://cloud.google.com/security/compliance
7. DATA RETENTION PERIOD
7.1 Active Account
While your account is active:
- We retain all data necessary for the service
- You may request deletion at any time
7.2 After Account Closure
| Data Type | Period | Reason |
| ------------------- | ------- | ---------------------------- |
| Billing data | 6 years | Legal tax obligation (Spain) |
| Transaction history | 6 years | Legal tax obligation |
| Basic personal data | 30 days | Possibility of reactivation |
| Access logs | 2 years | Security and legal defense |
| Web requests (no account) | 24 months | Service management, fraud prevention and correlation with registered user requests |
8. YOUR RIGHTS (GDPR)
You have the following rights regarding your personal data:
8.1 Right of Access
You may request a copy of all personal data we have about you.
8.2 Right of Rectification
You may request correction of inaccurate or incomplete data.
8.3 Right to Erasure ("Right to be Forgotten")
You may request deletion of your data when no longer necessary or withdraw your consent.
8.4 Right to Restriction of Processing
You may request that we temporarily stop processing your data while its accuracy is verified or a claim is resolved.
8.5 Right to Data Portability
You may receive your data in structured format to transfer it to another service.
8.6 Right to Object
You may object to processing of your data based on legitimate interest or for direct marketing.
8.7 How to Exercise Your Rights
Contact: info@priorityhelpcar.com or through https://priorityhelpcar.com/contacto
Response period: 30 days from request
Free: Exercising these rights is free
8.8 Right to Lodge a Complaint
If you believe we have not properly addressed your rights, you may file a complaint with:
Agencia Española de Protección de Datos (AEPD)
Web: https://www.aepd.es
Address: C/ Jorge Juan, 6 - 28001 Madrid
9. DATA SECURITY
We implement technical and organizational measures to protect your data:
- Encryption: Data in transit (TLS/SSL) and at rest
- Web Security: Strict use of HTTPS protocol on priorityhelpcar.com
- Access Control: Access limited to authorized personnel
- Backups: Periodic backups
Breach notification: In case of a security breach, we will notify AEPD within 72 hours and you if there is high risk.
10. MINORS
Priority Help Car is NOT intended for persons under 18 years of age. We do not knowingly collect data from minors. If we detect a minor, we will delete their account immediately.
11. COOKIES
We use technical (necessary), analytical, and advertising cookies (with consent). See full policy at https://priorityhelpcar.com/legal/cookies
12. MODIFICATIONS TO THIS POLICY
12.1 Right to Modify
We may update this Privacy Policy at any time to:
- Reflect changes in the service (App or Web)
- Comply with new legal obligations
- Improve clarity and transparency
12.2 Notification of Changes
For substantial changes:
- Email notification
- Notice in the application and/or website
- Request for new consent if applicable
For minor changes:
- Update of "Last updated" date
- Publication in the application and web
12.3 Version History
We maintain a record of previous versions available upon request.
13. CONTACT
For general questions, exercise of rights, or legal matters, use the following channels:
Email: info@priorityhelpcar.com
Web form: https://priorityhelpcar.com/contacto
Postal Address: Anamaria Ispas, Calle Arroyo de la Elipa 9, Madrid, Spain
⚠️ Note: Priority Help Car does NOT sell or share personal data for advertising purposes.
14. CONSENT
By using Priority Help Car services (whether through the Mobile Application or the Website), you accept the processing of your data according to this policy. Some consents are optional (marketing, cookies) and you may withdraw them at any time through: https://priorityhelpcar.com/contacto
15. ADDITIONAL INFORMATION
15.1 Related Documents
15.2 Applicable Regulations
This policy complies with the following international regulations:
European Regulations:
- Regulation (EU) 2016/679 - General Data Protection Regulation (GDPR)
- Organic Law 3/2018 - Personal Data Protection and guarantee of digital rights (LOPDGDD) - Spain
- Law 34/2002 - Information Society Services and Electronic Commerce (LSSI-CE)
- Directive 2002/58/EC - Privacy and electronic communications (ePrivacy)
- Directive (EU) 2019/790 - Copyright in the Digital Single Market
United States Regulations:
- California Consumer Privacy Act (CCPA) - California
- California Privacy Rights Act (CPRA) - California
- Virginia Consumer Data Protection Act (VCDPA) - Virginia
- Colorado Privacy Act (CPA) - Colorado
- Connecticut Data Privacy Act (CTDPA) - Connecticut
- Utah Consumer Privacy Act (UCPA) - Utah
- Children's Online Privacy Protection Act (COPPA) - Federal
Mexico Regulations:
- Federal Law on Protection of Personal Data Held by Private Parties
- Regulation of the Federal Law on Protection of Personal Data
- Privacy Notice Guidelines
Brazil Regulations:
- Lei Geral de Proteção de Dados (LGPD) - Law 13.709/2018
- Decree 10.046/2019 - ANPD Regulation
Argentina Regulations:
- Law 25.326 - Personal Data Protection
- Decree 1558/2001 - Regulation
- Provision 10/2008 - Data security
Colombia Regulations:
- Law 1581 of 2012 - Personal Data Protection
- Decree 1377 of 2013 - Partial regulation
- Decree 1074 of 2015 - Commerce Sector
Chile Regulations:
- Law 19.628 - Protection of Private Life
- Law 21.096 - Modifications and updates
Peru Regulations:
- Law 29733 - Personal Data Protection
- Supreme Decree 003-2013-JUS - Regulation
International Organizations:
- ISO/IEC 27001:2013 - Information security management
- ISO/IEC 27701:2019 - Privacy information management system
- Convention 108+ - Council of Europe (Modernized convention for data protection)
Last updated: April 30, 2026
Version: 2.4
FINAL DECLARATION
This Privacy Policy has been drafted in compliance with:
- European data protection regulations (GDPR)
- United States regulations (CCPA and state laws)
- Latin American regulations (LGPD, LFPDPPP, Law 1581, Law 25.326, etc.)
- International security standards (ISO 27001, ISO 27701)
We apply the highest protection standard (GDPR) to ALL users worldwide, with additional specific provisions according to your jurisdiction.
Available languages:
- Spanish (official version)
- English (official translation)
In case of conflict between versions, the Spanish version shall prevail.
Questions about this policy?
General Email: info@priorityhelpcar.com
Web: https://priorityhelpcar.com/contacto
Data Protection Authorities:
⚠️ THIS IS A LEGALLY BINDING DOCUMENT. READ IT CAREFULLY.
