Data & Compliance Statement

ClearCar Score — clearcarscore.com

Operated by: ClearCar Score LLC

Effective Date: April 29, 2026

Last Updated: April 29, 2026

This page describes how ClearCar Score handles data compliance obligations under applicable U.S. laws and industry standards. It is intended to provide transparency to users, regulators, and business partners about our data practices.

1. CCPA — California Consumer Privacy Act

ClearCar Score complies with the California Consumer Privacy Act (CCPA) for California residents.

What this means for California users:

Right to Know: California residents may request a full disclosure of what personal information we have collected about them, how it was collected, why it was used, and with whom it was shared.

Right to Delete: California residents may request deletion of their personal information from our systems. We will honor deletion requests within 45 days, subject to exceptions required by law (such as retaining transaction records for tax compliance).

Right to Non-Discrimination: Exercising your CCPA rights will never result in denial of service, different pricing, or reduced quality of service.

No Sale of Personal Information: ClearCar Score does not sell personal information. We do not sell your email, vehicle data, or any other information you provide to data brokers, advertisers, or any third party for commercial purposes. California residents have the right to opt out of the sale of personal information — but there is nothing to opt out of, because we do not sell data.

To submit a CCPA request:

Email [email protected] with the subject line "CCPA Request." Include your name and the email address used to purchase your report. We will verify your identity before processing the request and respond within 45 days.

2. GDPR — General Data Protection Regulation

ClearCar Score is a U.S.-based service operated by ClearCar Score LLC, a company organized under the laws of the State of Georgia. Our service is not targeted at users in the European Union or European Economic Area. We do not engage in marketing directed at EU residents, do not maintain an establishment in the EU, and do not process EU resident data as part of an intentional offering to the EU market.

As a result, we do not believe GDPR applies to our current operations.

That said, if an EU resident chooses to use our service independently, we handle their data with the same care described in our Privacy Policy. If you are an EU resident and have concerns about your data rights under GDPR, please contact us at [email protected]. We will make reasonable efforts to accommodate requests consistent with GDPR principles (access, rectification, erasure, portability, restriction of processing) on a best-effort basis.

We will reassess GDPR applicability if and when we actively market to EU users or establish any EU presence.

3. PCI DSS — Payment Card Industry Data Security Standard

ClearCar Score does not handle, process, store, or transmit payment card data.

All payment card processing is performed exclusively by Stripe, Inc. When you enter your card details on our checkout, that information is submitted directly to Stripe's servers via an encrypted connection. Our servers never see your card number, expiration date, or CVV at any point in the transaction.

Stripe, Inc. is a PCI DSS Level 1 certified service provider — the highest level of PCI compliance. This means Stripe undergoes annual third-party audits and maintains the industry's most rigorous cardholder data security standards on our behalf.

Because we do not touch card data at any stage, ClearCar Score LLC operates at the lowest possible PCI scope (SAQ A) — we rely entirely on Stripe's certified infrastructure.

Summary: No cardholder data is ever stored by ClearCar Score. Users can verify Stripe's PCI compliance status at https://stripe.com/docs/security.

4. Data Sources Used for Vehicle Scoring

ClearCar Score generates reports using the following categories of data. All sources are publicly available, commercially licensed, or AI-synthesized from public datasets.

Vehicle History Data: Publicly available records associated with a vehicle's VIN, which may include title history, reported accidents, odometer readings at inspection, recall information, and reported ownership changes sourced from national databases and state records.

Market Price Data: Aggregated market pricing data reflecting current used vehicle retail and private-party pricing trends for comparable vehicles by make, model, year, trim, mileage, and geography.

AI Analysis: Vehicle data is processed by Anthropic's AI API to generate a synthesized condition assessment and overall ClearCar Score. The AI model is trained on general automotive knowledge and does not have access to real-time inspection data or proprietary dealer records.

Important limitations:

Our data reflects what is reported and recorded in available databases. Unreported accidents, private repairs, or other events not captured in records will not appear in our reports.
Market pricing data reflects conditions at the time the report is generated and may change rapidly.
No report constitutes a guarantee, warranty, or professional appraisal.

5. Personal Financial Data — Not Stored

ClearCar Score collects no personal financial data from users beyond what is necessary to complete a payment transaction through Stripe. Specifically:

We do not store credit card numbers, expiration dates, or CVV codes.
We do not store bank account numbers or routing numbers.
We retain only: (1) your email address for report delivery, (2) a Stripe-generated transaction ID for payment reconciliation, and (3) the dollar amount of your purchase for accounting purposes.

Your financial privacy is protected by our use of Stripe as the sole payment processor. We receive only a payment confirmation token from Stripe — not your underlying financial data.

6. Data Deletion Requests

You may request deletion of your personal data at any time. Deletion will remove your email address, any stored vehicle data associated with your order, and any report copies held in our systems, subject to legally required retention periods for financial transaction records.

To request deletion:

Email: [email protected]

Subject line: "Data Deletion Request"

Include: The email address used for your report purchase.

We will confirm receipt within 5 business days and complete the deletion within 30 days (or 45 days for California residents under CCPA).

7. Security Practices

ClearCar Score implements industry-standard technical and organizational measures to protect data:

All traffic to and from clearcarscore.com is encrypted using HTTPS/TLS.
Our application infrastructure is hosted on Railway with access controls and environment-level secrets management.
CDN and DDoS protection is provided by Cloudflare.
We do not log or store full payment card information at any point.
Access to production data is restricted to authorized personnel only.

8. Contact for Compliance Matters

For any compliance-related inquiries — including CCPA requests, data deletion requests, or questions about our data handling practices — contact:

ClearCar Score LLC

Operated by: Jay Braswell

Email: [email protected]

Website: https://clearcarscore.com

Response time: Within 5 business days for general inquiries, within 30–45 days for formal data rights requests.