Privacy Policy

1. Information We Collect

Information you provide

• Account information: name, email address, date of birth, phone number
• Profile information: bio, avatar photo, addresses
• Listing information: equipment descriptions, photos, pricing, location
• Payment information: processed and stored by Stripe — we do not store card numbers
• Identity verification: processed by Stripe Identity — we store only verification status
• Communications: messages between users, dispute descriptions, support requests

Information collected automatically

• Usage data: pages visited, actions taken, timestamps
• Device information: browser type, operating system, screen size
• Cookies: session cookies for authentication and CSRF protection (no third-party tracking cookies)

2. How We Use Your Information

• Provide, operate, and improve the Service
• Process bookings and payments
• Verify user identity and prevent fraud
• Facilitate communication between owners and renters
• Resolve disputes between users
• Send transactional notifications (booking confirmations, status updates)
• Comply with legal obligations

3. Information Sharing

We do not sell your personal information. We share information only in these circumstances:

• With other users: Your public profile, listing details, and booking-related information are visible to transaction counterparts
• Payment processing: Stripe receives payment and identity information necessary to process transactions
• Legal requirements: When required by law, subpoena, or legal process
• Safety: To protect the rights, property, or safety of Nerbor, our users, or the public

4. Data Storage and Security

Your data is stored on secured servers. We use encryption in transit (HTTPS/TLS) and follow industry-standard security practices. Passwords are hashed using bcrypt and are never stored in plain text. While we take reasonable measures to protect your data, no system is 100% secure.

5. Data Retention

We retain your account data for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days, except where retention is required by law (e.g., financial transaction records).

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate information in your profile
• Delete your account and associated personal data
• Export your data in a portable format

To exercise these rights, contact us through our contact page.

7. Cookies

We use only essential cookies required for the Service to function:

• Session cookies: Maintain your login session
• CSRF tokens: Protect against cross-site request forgery

We do not use third-party analytics cookies, advertising cookies, or tracking pixels.

8. Children's Privacy

The Service is not intended for anyone under 18 years of age. We do not knowingly collect personal information from minors.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or platform notification. Continued use after changes constitutes acceptance.

10. Contact

Questions about this policy? Reach us at our contact page.