Privacy Policy

Effective: January 1, 2026 · Version 1.0

Data We Collect

  • Account data: Name, email, phone number, profile photo
  • Payment data: Stripe processes all payments. ParkPeer stores only the last-4 digits of cards and Stripe customer IDs — never full card numbers.
  • Payout data: Bank account and routing numbers are encrypted using AES-256-GCM before storage. Only last-4 digits are stored unencrypted.
  • Location data: Listing addresses and search queries
  • Usage data: Pages visited, features used, device type

Data Retention

  • Unverified accounts inactive for 30+ days are automatically deleted
  • Transaction records are retained for 7 years for financial compliance, then anonymized
  • You may request deletion of your account at any time via [email protected]

Security

Passwords are hashed using PBKDF2-SHA256 (310,000 iterations). Sensitive financial data is encrypted with AES-256-GCM. All data is transmitted over TLS 1.3. We apply HSTS, CSP, and OWASP security headers on all responses.

Your Rights (GDPR / CCPA)

You have the right to access, correct, delete, or export your personal data. Contact [email protected]. We do not sell personal data to third parties.

Questions? Email [email protected] · ParkPeer, Inc. · © 2026