Effective Date: May 27, 2026 · Last Updated: May 27, 2026
Available at: https://api.kartvo.com/privacy (publicly hosted, always current)
ZeroPilot Labs Inc. ("we", "us", or "Company"), an Ontario corporation, operates the Kartvo mobile application (the "App"), available in Canada and the United States. Kartvo® is a trademark of ZeroPilot Labs Inc. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. By using the App, you agree to the practices described in this Policy.
Account Information: Your name and email address are collected when you create or update your account to enable authentication and communication. They are stored in app storage on your device.
Location Information: When you grant location permission, we use your GPS coordinates on-device to find nearby stores and send trip-planning suggestions. Only your approximate area (Forward Sortation Area in Canada — the first three digits of your postal code; the first three digits of your ZIP code in the United States) is transmitted to our servers for region-specific deals. Your precise GPS coordinates stay on your device and are not transmitted to our servers.
Shopping Behavior: We record shopping signals — items you add or remove from your list, items you skip, searches you perform, stores you mark as favourites, and items you check off while shopping. Most of this stays on your device. A subset (your current list, recent searches, long-term interest signals) is synced to our servers so that features like the daily personalized deal push can run overnight while your phone is offline.
Long-Term Interest Signals: Kartvo locally derives "interest signals" (e.g. new baby, pet owner, health-focused) from your shopping patterns. These are stored in your device's secure keystore (iOS Keychain / Android Keystore), synced to our servers for personalization continuity, and automatically expire after a pre-set horizon (typically 60–180 days per signal). Expired signals are removed both on-device and on the server.
Push Notification Token: If you enable push notifications, we collect your device's push notification token (a string issued by Expo / Apple / Google that lets us send you deal alerts). It is stored in your device's secure keystore and on our servers, and tied only to an anonymous device identifier. You can disable push at any time in Settings.
Anonymous Device Identifier: On first launch we generate a random UUID ("device ID") that we use as the key for any server-held data. It contains no personal information and is not linked to your Apple ID, Google account, IDFA, or any third-party identifier.
Diagnostic Telemetry: We collect anonymous diagnostic events (which carousels you scrolled, which searches returned no results, which stores you geofenced into) to improve the App's relevance and reliability. These events are keyed only to your anonymous device identifier and contain no contact information.
We use the information we collect to:
Local Storage (on your device):
Server-Side Data: Our servers hold only:
Server files holding per-user data are stored with owner-only file permissions (0600) on owner-only directories (0700).
We use the following third-party services:
We do not use advertising SDKs, analytics SDKs, behavioral-targeting platforms, or third-party tracking services. We do not sell or share your personal information with data brokers.
Kartvo does not:
Local Data: Shopping behavior and preferences stored on your device persist until you delete your account, clear the app's data, or uninstall the App.
Long-Term Interest Signals: Each signal carries a built-in expiry horizon (typically 60–180 days). When a signal expires it is removed from your device and from our servers on the next sync, regardless of whether you delete your account.
Server-Side Data: Server-side data associated with your device identifier (current list, recent searches, active interest signals, push token, diagnostic events) is permanently deleted when you delete your account via the in-app flow. Diagnostic NDJSON event files older than 90 days are also rolled off on a continuous basis.
We provide the same access, correction, and deletion rights to all users worldwide, regardless of the legal framework that applies in your jurisdiction.
You can exercise these rights directly from within the App:
If you prefer to contact us, you can also email [email protected] and we will action your request within 30 days (or 45 days for U.S. state-law requests, as applicable).
Under the Personal Information Protection and Electronic Documents Act and provincial equivalents (Quebec Law 25, Alberta PIPA, BC PIPA), you have the right to:
Under the General Data Protection Regulation, you have the right to:
The legal basis for our processing is your consent (you enable each data flow yourself: location, push, interest signals) and our legitimate interests in maintaining the App.
Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, California residents have the following rights:
Categories of personal information collected (per CCPA §1798.140):
| Category | Collected? | Purpose |
|---|---|---|
| Identifiers (name, email, device ID, IP-derived region) | Yes | Account, personalization |
| Geolocation data (precise / coarse) | Yes (coarse only on server; precise stays on device) | Nearby store deals |
| Commercial information (shopping list items, deals viewed) | Yes | Personalization |
| Internet activity (searches in-app, carousel scrolling) | Yes (anonymous) | Improve relevance |
| Inferences (interest signals) | Yes | Personalization |
| Biometric, sensory, professional, education, financial | No | — |
"Do Not Sell or Share My Personal Information": Kartvo does not sell, share, rent, or otherwise transfer your personal information to third parties for monetary or other valuable consideration. We do not engage in cross-context behavioral advertising. There is therefore nothing to opt out of, but you may still send a request via the in-app Delete Account flow or email [email protected] with the subject line "Do Not Sell or Share" and we will confirm receipt.
Authorized Agents: You may designate an authorized agent to exercise these rights on your behalf. We will verify the agent's authority by requesting written authorization signed by you and may ask you to verify your identity directly.
Response time: We will confirm receipt of your request within 10 business days and respond substantively within 45 days (with one 45-day extension allowed for complex requests).
Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Florida (FDBR), Oregon (OCPA), Montana (MCDPA), Tennessee (TIPA), Iowa (ICDPA), Indiana (ICDPA), Delaware (DPDPA), and New Hampshire (NHPA) have substantially similar rights to those listed for California residents above (access, correct, delete, portability, opt-out of sale/sharing/targeted advertising). Use the in-app flow or email [email protected]; we apply the same controls to all U.S. state-law requests.
Appeals (Virginia, Colorado, Connecticut, Texas): If we decline a request, you may appeal within 45 days by emailing [email protected] with the subject line "Privacy Appeal." We will respond within 60 days.
Kartvo is not directed at or intended for children under 13 years of age.
United States (COPPA): We comply with the Children's Online Privacy Protection Act and do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete such information immediately and terminate the account.
Canada (PIPEDA / Quebec Law 25): Same — we do not knowingly collect information from children under 13, and we additionally apply heightened review for users aged 13–17.
European Union: Under GDPR Article 8, the minimum age of digital consent in the EU varies by member state (13–16). We do not knowingly collect data from users below the applicable threshold.
If you believe we have inadvertently collected information from a child, please contact [email protected] for immediate deletion.
We safeguard your data with the following measures:
0600 / 0700)No method of transmission or storage is 100% secure, but we use commercially reasonable measures to protect your information.
Our servers are located in Canada. If you use the App from the United States, your data is transferred to Canada (a jurisdiction recognized by the European Commission as providing adequate data protection under GDPR Article 45). If you use the App from outside Canada or the United States, you consent to the transfer of your information to Canada.
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be surfaced via an in-app notice and the "Last Updated" date at the top of this Policy will be revised. Your continued use of the App after any such modifications constitutes your acceptance of the updated Privacy Policy.
If you have questions about this Privacy Policy or our privacy practices, please contact us at:
Email: [email protected]
Mailing address: ZeroPilot Labs Inc., Ontario, Canada
For California, Virginia, Colorado, Connecticut, Texas, and other U.S. state-law requests, use the subject line indicated in §8.