PRIVACY POLICY

Chemy Limousine Service
Effective Date: February 6, 2026
Last Updated: February 6, 2026

1. INTRODUCTION

Chemy Limousine Service (“we,” “us,” “our,” or “Company”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://chemy.limo, use our online booking platform, or engage our luxury transportation services.

BY USING OUR SERVICES, PROVIDING YOUR INFORMATION, OR PROVIDING YOUR ELECTRONIC SIGNATURE DURING THE BOOKING PROCESS, YOU CONSENT TO THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY.

If you do not agree with the terms of this Privacy Policy, please do not access our website or use our services.

This Privacy Policy is incorporated into and subject to our Terms and Conditions. Please review both documents carefully.

2. INFORMATION WE COLLECT

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third-party sources.

2.1 Personal Information You Provide

When you book a reservation, create an account, or contact us, we may collect:

Contact Information:

• Full name (first and last name)
• Phone number (mobile and/or landline)
• Email address
• Mailing address or residential address
• Emergency contact information (if provided)

Booking Information:

• Pickup location and complete address
• Destination address
• Date and time of requested service
• Number of passengers
• Type of vehicle requested (Sedan, SUV, Limousine, Party Bus, etc.)
• Special requests or requirements (accessibility needs, child seats, decorations, etc.)
• Flight information (airline, flight number, arrival time) for airport pickups
• Corporate affiliation or company name (for corporate account bookings)
• Event details (weddings, proms, corporate events, etc.)

Payment Information:

• Credit card or debit card number, expiration date, CVV (processed and stored securely by Stripe)
• Billing address
• Payment method preferences
• Transaction history and receipts
• Refund or chargeback information

Account Information (if you create an account):

• Username and password (encrypted)
• Booking history and past reservations
• Saved pickup and drop-off addresses
• Favorite locations or preferences
• Communication preferences (email, SMS, phone)
• Profile preferences and settings

Communication Records:

• Email correspondence with our customer service team
• Text messages (SMS) sent and received
• Phone call records (date, time, duration)
• Chat transcripts from website or mobile app
• Customer service interactions and support tickets
• Feedback, reviews, and testimonials
• Complaint or dispute communications

Electronic Signature:

• Your electronic signature provided during booking process
• Timestamp and IP address associated with signature
• Consent records for Terms and Conditions acceptance

Special Categories of Information (when voluntarily provided):

• Accessibility needs or disability accommodations
• Medical information relevant to service (e.g., service animal requirements)
• Dietary preferences for events with catering

2.2 Information Collected Automatically

When you access our website, use our booking platform, or utilize our services, we automatically collect:

Device Information:

• Internet Protocol (IP) address
• Browser type and version (Chrome, Safari, Firefox, Edge, etc.)
• Operating system (Windows, macOS, iOS, Android, etc.)
• Device type (smartphone, tablet, desktop computer)
• Device identifiers (mobile device ID, advertising ID)
• Screen resolution and display settings
• Language preferences

Usage Information:

• Pages visited on our website and navigation paths
• Time spent on each page
• Links clicked and buttons pressed
• Referring website or source (how you found us)
• Date and time of visit
• Booking funnel progression (steps completed, abandoned bookings)
• Search queries entered on our website
• Downloads or file accesses
• Error messages or technical issues encountered

Location Information:

• IP-based location: Approximate geographic location based on your IP address
• GPS coordinates: Precise location if using mobile device with location services enabled (with your permission)
• Pickup and drop-off locations: Addresses provided for transportation service
• Real-time location during service: GPS tracking of vehicle during active transportation (for safety, route optimization, and service quality)
• Geolocation data: Used for fraud prevention and service area verification

Cookies and Tracking Technologies:

• Session cookies (temporary, deleted when browser closes)
• Persistent cookies (remain on device for set period)
• Web beacons and pixel tags
• Local storage and session storage
• Analytics and tracking scripts
• See Section 8 for detailed information about cookies

Fraud Prevention Data:

• Device fingerprinting information
• Browser configuration and settings
• Connection information (Wi-Fi, cellular, VPN)
• Behavioral analytics (mouse movements, typing patterns)
• Transaction metadata

2.3 Information from Third-Party Sources

We may receive information about you from:

Payment Processors (Stripe):

• Payment verification and authorization data
• Fraud detection information
• Chargeback and dispute records
• Payment method updates (e.g., new card expiration date)
• Transaction history

SMS and Communication Platforms (Twilio):

• Message delivery status
• Phone number verification
• Opt-in and opt-out records
• Communication preferences

Social Media Platforms:

• If you interact with us on Facebook, Instagram, Twitter/X, LinkedIn, or other platforms
• Publicly available profile information (name, profile picture, public posts)
• Information you choose to share when connecting social accounts
• Social media engagement data (likes, comments, shares)

Corporate Clients and Business Partners:

• Employee names and contact information for corporate account bookings
• Company billing and payment information
• Authorized user lists for corporate accounts
• Travel policies and approval workflows

Flight Tracking Services:

• Real-time flight status and delays
• Arrival times and gate information
• Aircraft location and estimated landing time

Background Check Services (for chauffeur verification only):

• This information is used internally for employment screening
• Not linked to customer profiles
• Not shared or sold to third parties

Data Brokers and Marketing Partners (with your consent):

• Demographic information
• Interest and preference data
• Marketing engagement history

Public Records:

• Business registration information for corporate accounts
• Publicly available contact information

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following lawful purposes:

3.1 Service Delivery and Performance of Contract

To provide transportation services you requested:

• Processing and fulfilling reservations
• Dispatching appropriate vehicle and chauffeur
• Coordinating pickup and drop-off logistics
• Communicating booking confirmations and service updates
• Sending chauffeur arrival notifications and ETA updates
• Flight tracking and automatic pickup time adjustments for airport services
• Real-time GPS navigation and route optimization
• Managing vehicle assignments and driver schedules

Payment processing and billing:

• Charging payment methods on file
• Processing refunds and credits
• Issuing invoices and receipts
• Managing corporate account billing
• Collecting unpaid fees or charges (wait time, overtime, damage fees)
• Fraud prevention and chargeback management

Account management:

• Creating and maintaining your user account
• Storing booking history and preferences
• Managing saved addresses and favorite locations
• Updating payment methods and billing information

3.2 Customer Support and Service Quality

Providing customer service:

• Responding to inquiries, questions, and support requests
• Resolving complaints or service issues
• Following up after service completion
• Processing cancellations, modifications, or rescheduling
• Handling special requests and accommodations
• Managing lost and found items

Quality assurance and improvement:

• Maintaining communication records for training purposes
• Monitoring customer satisfaction
• Evaluating chauffeur performance
• Identifying service gaps and areas for improvement
• Analyzing customer feedback and reviews

3.3 Service Improvement and Business Analytics

Analyzing and improving our services:

• Studying usage patterns and customer behavior
• Identifying popular routes and high-demand periods
• Analyzing booking abandonment and conversion rates
• Testing new features and website designs
• Optimizing pricing strategies
• Developing new service offerings

Route and dispatch optimization:

• Analyzing traffic patterns and travel times
• Improving chauffeur routing and navigation
• Reducing wait times and increasing efficiency
• Fleet management and vehicle utilization

Training and development:

• Training chauffeurs based on customer feedback
• Creating training materials and best practices
• Improving customer service protocols

3.4 Marketing and Communications (with your consent where required)

Promotional communications:

• Sending special offers, discounts, and promotions
• Newsletter updates about new services or company news
• Seasonal greetings and special occasion messages
• Birthday or anniversary offers (if you’ve provided this information)
• Loyalty program communications and rewards
• Referral program invitations

Marketing analytics:

• Measuring effectiveness of marketing campaigns
• Understanding customer acquisition and retention
• Analyzing email open rates and click-through rates
• Optimizing advertising spend and targeting

Remarketing and retargeting:

• Showing relevant ads on other websites and platforms
• Reminding you about abandoned bookings
• Promoting services based on your interests

You can opt out of marketing communications at any time (see Section 11 for instructions).

Note: You will continue to receive transactional communications (booking confirmations, service updates, receipts) even if you opt out of marketing, as these are necessary for service delivery.

3.5 Legal Compliance and Safety

Complying with legal obligations:

• Meeting tax reporting and record-keeping requirements (IRS, state tax authorities)
• Responding to legal process (subpoenas, court orders, warrants)
• Complying with Illinois Department of Transportation regulations
• Adhering to federal and state transportation laws
• Meeting accessibility and ADA compliance requirements
• Complying with data protection laws (CCPA, GDPR, Illinois BIPA)

Fraud prevention and security:

• Detecting and preventing fraudulent transactions and bookings
• Identifying suspicious activity or unauthorized access
• Protecting against payment fraud and chargebacks
• Preventing identity theft and account takeover
• Monitoring for bot activity and automated abuse
• IP address tracking for fraud detection (see Section 2.2)

Safety and risk management:

• Ensuring passenger and chauffeur safety during service
• Monitoring vehicle locations for emergency response
• Investigating accidents, incidents, or complaints
• Managing insurance claims and documentation
• Conducting internal investigations
• Enforcing our Terms and Conditions

Protecting rights and interests:

• Defending against legal claims or disputes
• Enforcing contracts and agreements
• Protecting intellectual property rights
• Collecting unpaid debts

3.6 Business Operations and Corporate Functions

Internal business purposes:

• Accounting and financial record-keeping
• Budgeting and financial planning
• Human resources and payroll (for chauffeur data)
• Corporate account management
• Business intelligence and reporting
• Auditing and compliance
• Insurance and risk management

Business transactions:

• Mergers, acquisitions, or sale of business assets
• Due diligence for potential investors or partners
• Corporate restructuring

3.7 Artificial Intelligence and Automated Processing

AI-powered services and communications:

• Operating chatbots and virtual assistants for customer support
• Providing automated booking assistance
• Generating AI-powered responses to inquiries
• Natural language processing for understanding customer requests
• Sentiment analysis for customer satisfaction monitoring
• Predictive analytics for demand forecasting
• Route optimization algorithms
• Dynamic pricing models (if applicable)
• Fraud detection machine learning models

Training and improving AI systems:

• Using your communications to train AI models
• Improving natural language understanding
• Enhancing chatbot responses
• Developing better customer service tools

See Section 6.3 for detailed information about AI data usage and your rights.

3.8 Research and Development

• Developing new services and features
• Testing new technologies
• Conducting market research
• Analyzing industry trends
• Improving safety protocols

Your information may be anonymized or aggregated for research purposes.

4. HOW WE SHARE YOUR INFORMATION

We do NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

We only share your information in the following circumstances:

4.1 Service Providers and Business Partners

We share information with trusted third-party service providers who assist us in operating our business. These providers are contractually obligated to use your information only for specified purposes and maintain confidentiality and security.

Payment Processing:

• Stripe: Our payment processor that securely handles credit card transactions
  • Processes payments and stores payment card information
  • Conducts fraud detection and prevention
  • PCI-DSS Level 1 compliant
  • Subject to Stripe’s Privacy Policy: https://stripe.com/privacy

SMS and Communication Services:

• Twilio: SMS messaging platform for booking confirmations and updates
  • Sends transactional and promotional text messages
  • Manages opt-in and opt-out preferences
  • TCPA compliant
  • Subject to Twilio’s Privacy Policy: https://www.twilio.com/legal/privacy

Email Service Providers:

• Platforms for sending transactional emails (confirmations, receipts, updates)
• Marketing email platforms (newsletters, promotions)
• Email deliverability and tracking services

Website and Technology Partners:

• Website hosting and maintenance providers
• Cloud storage services (AWS, Google Cloud, Microsoft Azure, or similar)
• Content delivery networks (CDN)
• Website analytics tools (Google Analytics, etc.)
• Customer relationship management (CRM) systems
• Booking platform software providers

GPS and Mapping Services:

• Google Maps or similar mapping platforms
• Real-time traffic data providers
• Route optimization services
• Vehicle tracking systems

Flight Tracking Services:

• Real-time flight status and delay information
• Airport and airline data providers

Artificial Intelligence Service Providers:

• AI chatbot and virtual assistant platforms
• Natural language processing services
• Machine learning infrastructure providers
• Data analytics and business intelligence tools

Business Services:

• Accounting and bookkeeping services
• Legal and compliance advisors
• Insurance providers
• Background check services (for chauffeur screening only)

Advertising and Marketing Partners (with your consent):

• Google Ads, Facebook Ads, and other advertising platforms
• Remarketing and retargeting service providers
• Marketing analytics tools
• Social media management platforms

4.2 Corporate Clients and Business Accounts

For corporate account bookings:

• We share booking details, invoices, and receipts with the company paying for service
• Corporate administrators may access employee transportation records for expense management
• Corporate travel managers may review booking history and spending
• This is necessary for billing, expense reporting, and policy compliance

4.3 Assigned Chauffeurs

We share limited information with your assigned chauffeur necessary for service delivery:

• Passenger name and phone number
• Pickup location and destination address
• Number of passengers and estimated luggage
• Special requests (accessibility needs, child seats, decorations, etc.)
• Flight information for airport pickups
• Service notes or instructions

Chauffeurs are contractually prohibited from:

• Using customer information for personal purposes
• Sharing information with unauthorized parties
• Contacting customers after service completion (unless service-related)
• Retaining customer information after service is complete

4.4 Legal Requirements and Protection of Rights

We may disclose your information when required by law or to protect our legal rights:

Legal Process:

• Subpoenas, court orders, or warrants
• Government or regulatory investigations
• Legal proceedings or litigation
• Law enforcement requests

Safety and Security:

• Preventing fraud, identity theft, or financial crimes
• Investigating security incidents or data breaches
• Protecting against harm to persons or property
• Emergency situations requiring disclosure to first responders

Rights Protection:

• Enforcing our Terms and Conditions
• Defending against legal claims or disputes
• Protecting intellectual property rights
• Collecting unpaid fees or debts

Business Transactions:

• In connection with mergers, acquisitions, or sale of business assets
• Due diligence for potential buyers or investors
• Bankruptcy proceedings
• Your information will continue to be protected under privacy obligations

4.5 With Your Consent

We may share your information with third parties when you provide explicit consent:

• Referring a friend or family member to our services
• Posting testimonials or reviews on our website or social media (with your permission)
• Participating in partner promotions, sweepstakes, or contests
• Connecting your account with third-party services (e.g., corporate travel tools)
• Sharing your experience on social media

4.6 Aggregated or Anonymized Data

We may share aggregated or anonymized information that does not identify you personally:

• Industry reports and statistics
• Traffic and usage trends
• Market research and analysis
• Benchmarking data

This data cannot be used to identify you individually.

5. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

5.1 Retention Periods by Data Type

Active Customer Accounts:

• Information retained as long as account is active and in use
• Plus 7 years after last transaction (for tax, legal, and regulatory compliance)

Booking Records and Transaction History:

• Transaction details retained for 7 years (IRS and Illinois tax requirements)
• Customer service communications retained for 3 years
• Payment records retained for 7 years
• Refund and chargeback records retained for 7 years

Payment Card Information:

• Credit card details stored securely by Stripe (PCI-DSS compliant)
• Not stored on our servers – only tokenized references
• Transaction authorization records retained for 7 years

Electronic Signatures:

• Signature records and consent logs retained for 7 years
• IP address and timestamp data retained for 7 years

Marketing Communications and Preferences:

• Contact information retained until you opt out or request deletion
• Removed from active marketing lists within 10 business days of opt-out request
• Suppression list (to prevent re-adding) maintained indefinitely

Website Usage Data and Analytics:

• Google Analytics data retained for 26 months (or as configured)
• Cookie data retained according to your browser and cookie settings (see Section 8)
• Log files retained for 90 days to 1 year

GPS and Location Data:

• Real-time location data during active service retained for 90 days
• Pickup and drop-off locations retained for 7 years (linked to booking records)

Communication Records:

• Email correspondence retained for 3 years
• SMS message logs retained for 3 years (as required by TCPA compliance)
• Phone call records (date, time, duration) retained for 2 years
• Chat transcripts retained for 2 years

Fraud Prevention Data:

• IP addresses and device fingerprints retained for 7 years
• Fraud investigation records retained for 7 years
• Chargeback and dispute records retained for 7 years

Artificial Intelligence Training Data:

• Communications used to train AI models may be retained indefinitely in anonymized form
• Personal identifiers removed or pseudonymized
• Cannot be linked back to you individually

Legal and Compliance Records:

• Records related to legal disputes retained for 7 years after resolution
• Regulatory compliance records retained as required by law
• Audit records retained for 7 years

5.2 Data Deletion and Anonymization

After retention periods expire:

• Personal information is securely deleted or anonymized
• Data is removed from active databases and systems
• Backup systems purged according to regular backup rotation cycles (typically 90 days)
• Physical records destroyed through secure shredding
• Electronic media sanitized using industry-standard methods

Anonymization process:

• Personal identifiers removed (name, email, phone, address)
• Data aggregated or generalized to prevent re-identification
• Cannot be reversed or linked back to individuals

5.3 Early Deletion Requests

You may request deletion of your information before retention periods expire (see Section 11 for instructions).

However, we may be unable to delete information when:

• Required by law to retain (tax records, legal holds)
• Needed to resolve disputes or enforce agreements
• Necessary for fraud prevention or security purposes
• Subject to ongoing legal proceedings
• Required for exercising or defending legal claims

In such cases, we will inform you of the reason for retention and delete the data as soon as legally permissible.

6. DATA SECURITY

We implement comprehensive administrative, technical, and physical safeguards to protect your personal information from unauthorized access, use, alteration, disclosure, or destruction.

6.1 Technical Security Measures

Encryption:

• SSL/TLS encryption (256-bit) for all data transmissions on our website
• Secure HTTPS protocol for booking platform
• Encrypted storage of sensitive information at rest
• End-to-end encryption for payment processing via Stripe
• Database encryption for stored personal data

Network Security:

• Firewalls to prevent unauthorized network access
• Intrusion detection and prevention systems (IDS/IPS)
• Regular vulnerability scanning and penetration testing
• DDoS (Distributed Denial of Service) protection
• Secure API connections with authentication and authorization

Access Controls:

• Multi-factor authentication (MFA) for employee and admin access
• Role-based access control (RBAC) – employees only access data needed for their job
• Unique user credentials for all system access
• Automatic session timeout after inactivity
• Audit logs tracking all data access and modifications

System Security:

• Regular security updates and patches for all systems
• Anti-malware and antivirus protection
• Secure software development practices
• Code reviews and security testing
• Secure backup systems with encryption

Payment Security:

• PCI-DSS Level 1 compliance through Stripe payment processor
• Tokenization of credit card information (real numbers replaced with tokens)
• No storage of full credit card numbers on our systems
• Secure payment page hosted by Stripe (not on our servers)
• 3D Secure authentication for eligible transactions

6.2 Administrative Security Measures

Employee Training and Policies:

• Comprehensive privacy and security training for all employees
• Confidentiality agreements with all employees and contractors
• Background checks for employees with data access
• Regular refresher training on data protection
• Clear data handling policies and procedures

Access Management:

• Strict limitations on who can access personal information
• Principle of least privilege (minimum necessary access)
• Regular review and revocation of unnecessary access rights
• Separate production and development environments

Incident Response:

• Documented incident response plan
• Designated privacy and security officers
• Procedures for breach detection, containment, and notification
• Regular security drills and testing

Vendor Management:

• Due diligence on third-party service providers
• Contractual data protection obligations for all vendors
• Regular audits of vendor security practices
• Business Associate Agreements (BAAs) where applicable

6.3 Physical Security Measures

Facility Security:

• Secure office facilities with restricted access
• Access control systems (key cards, biometric scanners)
• Security cameras and monitoring
• Visitor logs and escort requirements

Document Security:

• Locked filing cabinets for physical records containing personal information
• Secure document storage rooms
• Secure disposal of documents (cross-cut shredding or professional destruction service)

Device Security:

• Full-disk encryption for all laptops and mobile devices
• Device password/PIN protection
• Remote wipe capability for lost or stolen devices
• Secure disposal of old hardware

6.4 Limitations and Disclaimers

While we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure.

We cannot guarantee absolute security and are not responsible for:

• Unauthorized access due to factors beyond our reasonable control (e.g., zero-day exploits, sophisticated cyberattacks)
• Security breaches at third-party service providers (though we vet providers carefully)
• Information you voluntarily share in public forums or social media
• Phishing attacks or social engineering targeting you directly
• Compromise of your account credentials due to weak passwords or credential sharing

Your Responsibilities:

• Use strong, unique passwords for your account
• Do not share your login credentials
• Log out after using shared or public computers
• Report suspicious activity immediately
• Keep your devices and software up to date
• Be cautious of phishing emails claiming to be from us

6.5 Data Breach Response

In the unlikely event of a data breach affecting your personal information:

1. Rapid Response:

   • Immediate investigation to contain and remediate the breach
   • Forensic analysis to determine scope and impact
   • Implementation of additional security measures

2. Notification:

   • We will notify affected individuals as required by law (typically within 72 hours)
   • Notification will include:
     • Nature and extent of the breach
     • Types of information compromised
     • Steps we are taking to address the breach
     • Recommendations for protecting yourself
     • Contact information for questions

3. Regulatory Reporting:

   • Notification to relevant authorities (Attorney General, FTC, etc.) as required
   • Cooperation with law enforcement investigations

4. Support:

   • Dedicated support team to answer questions
   • Credit monitoring services if financial information compromised (where applicable)
   • Assistance with protective measures

5. Post-Incident Review:

   • Root cause analysis
   • Implementation of lessons learned
   • Enhanced security measures to prevent recurrence

Report suspected breaches or security issues to: Contact@chemy.limo

7. ARTIFICIAL INTELLIGENCE (AI) AND AUTOMATED PROCESSING

7.1 Our Use of Artificial Intelligence

Chemy Limousine Service utilizes artificial intelligence (AI) and automated systems to enhance our services and customer experience. This section explains how AI processes your data.

AI-Powered Features and Services:

Customer Service and Communication:

• AI Chatbots: Automated chat support on our website and mobile platforms
• Virtual Assistants: AI-powered booking assistance and inquiry responses
• Natural Language Processing (NLP): Understanding and responding to customer messages
• Email Automation: Automated confirmation emails, reminders, and follow-ups
• SMS Automation: Automated text message notifications and updates

Business Operations:

• Sentiment Analysis: Analyzing customer feedback and reviews to gauge satisfaction
• Predictive Analytics: Forecasting demand, optimizing pricing, and fleet management
• Route Optimization: AI algorithms determining most efficient routes
• Fraud Detection: Machine learning models identifying suspicious transactions
• Dynamic Pricing: Automated pricing adjustments based on demand (if applicable)

Service Improvement:

• Customer Behavior Analysis: Understanding booking patterns and preferences
• Recommendation Engines: Suggesting services or features based on your history
• Personalization: Tailoring communications and offers to your interests
• Quality Assurance: Analyzing service quality and identifying improvement areas

7.2 Data Used for AI Training and Processing

When you interact with our AI systems, we may use the following data:

• Your questions, comments, and messages (text and voice)
• Booking history and service usage patterns
• Preferences and settings
• Feedback and reviews
• Communication transcripts
• Website and app usage data
• Behavioral data (clicks, navigation, time spent)

How AI Uses Your Data:

1. Real-Time Processing: To provide immediate responses and assistance
2. Model Training: To improve AI accuracy and capabilities over time
3. Pattern Recognition: To identify trends and optimize services
4. Personalization: To tailor experiences to your preferences
5. Quality Control: To monitor and improve AI performance

Data Protection in AI Systems:

• Personal data is encrypted during AI processing
• AI models are trained using privacy-preserving techniques
• Where possible, data is anonymized or pseudonymized for training
• AI vendors are contractually required to protect your data
• We do not share identifiable data with AI vendors except as necessary for service delivery

7.3 Transparency and Human Oversight

You Will Know When Interacting with AI:

• AI chatbots and virtual assistants will identify themselves as automated systems (when technologically feasible)
• Automated messages will be clearly marked as such (where required by law)
• You have the right to request human assistance at any time

How to Request Human Interaction:

• Type “I want to speak to a human” or “Connect me with a person” in chat
• Call our phone number: +1 (630) 528-2059
• Email us: Contact@chemy.limo
• Use the “Speak to Agent” button if available

Human Oversight of AI:

• All AI systems are monitored by human staff
• Complex or sensitive matters are escalated to human agents
• Critical decisions (cancellations, refunds, disputes) are made by humans
• Regular audits of AI accuracy and fairness

7.4 Limitations and Accuracy

AI systems are not perfect. You should be aware that:

• AI may provide incorrect or incomplete information
• AI may misunderstand complex or ambiguous requests
• AI responses are based on patterns in training data and may not apply to unique situations
• Critical information should be verified by human staff

We are not liable for:

• Errors, omissions, or inaccuracies in AI-generated responses
• Misunderstandings or miscommunications by AI systems
• Decisions made based solely on AI recommendations (always verify important information)

7.5 Your Rights Regarding AI Processing

You have the right to:

1. Know when AI is processing your data (we will disclose AI use where legally required)

2. Opt out of certain AI processing:

   • Marketing personalization
   • Automated decision-making
   • Behavioral profiling
   • Note: Some AI processing is necessary for service delivery (fraud detection, route optimization) and cannot be opted out

3. Request human review of AI-generated decisions

4. Object to automated decision-making that produces legal effects or significantly affects you

5. Correct inaccurate information that AI systems may have learned or processed

To exercise these rights, contact: Contact@chemy.limo

7.6 Third-Party AI Service Providers

We may use third-party AI platforms and tools, including but not limited to:

• OpenAI (ChatGPT or similar)
• Google Cloud AI services
• Amazon Web Services (AWS) AI/ML tools
• Microsoft Azure AI services
• Specialized chatbot platforms

These providers are subject to:

• Data Processing Agreements (DPAs)
• Strict confidentiality obligations
• GDPR and CCPA compliance requirements
• Our vendor security and privacy standards

We do not allow AI vendors to:

• Use your data to train their general AI models (where opt-out is available)
• Share your data with other customers or third parties
• Retain your data longer than necessary

7.7 Future AI Developments

As AI technology evolves, we may:

• Introduce new AI-powered features and services
• Expand AI use in our operations
• Update AI systems with improved capabilities

We will update this Privacy Policy to reflect material changes in AI usage and notify you as required by law.

Compliance with AI Regulations:

We are committed to complying with emerging AI regulations including:

• Illinois Artificial Intelligence Video Interview Act (if applicable)
• Federal Trade Commission (FTC) AI guidance
• European Union AI Act (for EU customers)
• State-specific AI disclosure and consent requirements

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 What Are Cookies?

Cookies are small text files placed on your device (computer, smartphone, tablet) when you visit our website. They help us recognize your browser, remember your preferences, and improve your experience.

Types of Technologies Used:

• Cookies: Small text files stored on your device
• Web Beacons (Pixels): Tiny invisible images embedded in web pages or emails
• Local Storage: Data stored in your browser (HTML5 local storage, session storage)
• Scripts and Tags: JavaScript code that collects information and enables functionality
• Device Fingerprinting: Collecting device characteristics for identification

8.2 Types of Cookies We Use

1. Essential Cookies (Strictly Necessary) – Cannot Be Disabled

These cookies are required for our website and booking platform to function properly:

• Session Management: Maintaining your booking session as you navigate
• Shopping Cart: Remembering items in your booking cart
• Authentication: Keeping you logged in to your account
• Security: Preventing fraud and protecting against attacks (CSRF tokens)
• Load Balancing: Distributing traffic across our servers

If you disable essential cookies, our website will not function properly, and you will not be able to complete bookings.

2. Performance and Analytics Cookies (Optional)

These cookies help us understand how visitors use our website so we can improve it:

• Google Analytics: Tracking page views, user journeys, and traffic sources
• Heatmaps and Session Recording: Understanding how users interact with pages
• Speed and Performance Monitoring: Identifying slow pages and technical issues
• Error Tracking: Detecting and diagnosing website errors
• A/B Testing: Comparing different versions of pages to optimize design

Information Collected:

• Pages visited and time spent
• Buttons clicked and forms filled
• Bounce rates and exit pages
• Referral sources and search terms
• Device and browser information

You can disable these cookies (see Section 8.5) without affecting core website functionality.

3. Functionality Cookies (Optional)

These cookies remember your preferences and enhance your experience:

• Language Preferences: Remembering your preferred language
• Location Preferences: Remembering your home city or service area
• Form Auto-Fill: Remembering information you’ve previously entered
• Accessibility Settings: Remembering font size, contrast, or other accessibility preferences
• Saved Searches: Remembering recent searches or favorite locations
• User Interface Preferences: Remembering layout or view preferences

You can disable these cookies, but some features may not work as expected.

4. Marketing and Advertising Cookies (Optional)

These cookies track your browsing across websites to show you relevant advertisements:

• Remarketing/Retargeting: Showing you ads on other websites after visiting ours
• Conversion Tracking: Measuring effectiveness of advertising campaigns
• Interest-Based Advertising: Displaying ads based on your interests
• Social Media Pixels: Facebook Pixel, LinkedIn Insight Tag, Twitter Pixel
• Google Ads and Display Network: Tracking ad performance and displaying ads

Third-Party Advertising Platforms:

• Google Ads and Google Marketing Platform
• Facebook Ads
• Instagram Ads
• LinkedIn Ads
• Twitter/X Ads
• Other advertising networks

You can disable these cookies or opt out of personalized advertising (see Section 8.5).

8.3 Third-Party Cookies

Our website may contain third-party cookies from:

• Payment Processors: Stripe (for secure payment processing)
• Social Media Platforms: Facebook, Instagram, LinkedIn, Twitter/X (for social sharing and plugins)
• Analytics Providers: Google Analytics, Hotjar, or similar
• Advertising Networks: Google Ads, Facebook Ads, and others
• Content Delivery Networks (CDNs): For serving images, scripts, and media

We do not control these third-party cookies. They are subject to the privacy policies of the respective third parties.

8.4 Cookie Consent and Management

First Visit to Our Website:

• You will see a cookie consent banner or popup
• You can accept all cookies, reject optional cookies, or customize your preferences
• Essential cookies are automatically enabled (cannot be disabled)

Your Choices:

• Accept All: Allows all cookies including marketing and analytics
• Reject Optional: Only essential cookies are enabled
• Customize: Choose which categories of cookies to enable
• Cookie Preferences Center: Access settings to change preferences at any time

8.5 How to Manage and Delete Cookies

Browser Settings:

You can control and delete cookies through your web browser settings. Instructions vary by browser:

Google Chrome:

1. Settings → Privacy and Security → Cookies and other site data
2. Choose “Block third-party cookies” or “Block all cookies”
3. Clear browsing data to delete existing cookies

Safari (macOS/iOS):

1. Preferences → Privacy → Manage Website Data
2. Enable “Block all cookies” or “Prevent cross-site tracking”
3. Remove stored cookies

Firefox:

1. Settings → Privacy & Security → Cookies and Site Data
2. Choose “Block cookies” options
3. Clear Data to remove existing cookies

Microsoft Edge:

1. Settings → Cookies and site permissions
2. Manage and delete cookies
3. Choose blocking options

For detailed instructions: Visit your browser’s help section or support website.

Industry Opt-Out Tools:

• Google Analytics Opt-Out: https://tools.google.com/dlpage/gaoptout
• Network Advertising Initiative (NAI): http://www.networkadvertising.org/choices/
• Digital Advertising Alliance (DAA): http://www.aboutads.info/choices/
• European Interactive Digital Advertising Alliance (EDAA): http://www.youronlinechoices.eu/

Mobile Device Settings:

• iOS: Settings → Privacy → Tracking → Disable “Allow Apps to Request to Track”
• Android: Settings → Google → Ads → Opt out of Ads Personalization

Consequences of Disabling Cookies:

• Essential cookies: Website will not function; you cannot complete bookings
• Performance cookies: We cannot improve website based on usage data
• Functionality cookies: Website will not remember your preferences
• Marketing cookies: You’ll still see ads, but they won’t be personalized

8.6 Do Not Track (DNT) Signals

Our website does not currently respond to “Do Not Track” (DNT) browser signals.

There is no industry-wide standard for how to respond to DNT signals, and we follow this Privacy Policy regardless of DNT settings.

However, you can still control cookies and tracking through the methods described in Section 8.5.

8.7 Cookie Duration and Expiration

• Session Cookies: Deleted when you close your browser
• Persistent Cookies: Remain on your device for a set period (typically 30 days to 2 years)
• Analytics Cookies: Typically expire after 2 years (e.g., Google Analytics)
• Marketing Cookies: Typically expire after 30-90 days

You can delete all cookies at any time through your browser settings.

9. THIRD-PARTY WEBSITES AND LINKS

9.1 External Links

Our website may contain links to third-party websites, including:

• Social media platforms (Facebook, Instagram, Twitter/X, LinkedIn)
• Partner businesses and affiliates
• Industry associations and organizations
• Review sites (Google Reviews, Yelp, TripAdvisor, Trustpilot)
• Payment processors (Stripe website for terms and policies)
• Government websites (Illinois DOT, etc.)
• Mapping services (Google Maps)

We are not responsible for:

• Privacy practices of third-party websites
• Content, accuracy, or safety of external sites
• Data collection by third parties
• Terms and conditions of external sites

We encourage you to:

• Read the privacy policies of any third-party websites you visit
• Understand what data they collect and how they use it
• Exercise caution when providing personal information to external sites

This Privacy Policy applies ONLY to information collected by Chemy Limousine Service through our website (https://chemy.limo) and services, not to any third-party websites.

9.2 Social Media Integration

Our website may include social media features such as:

• Facebook “Like” and “Share” buttons
• Instagram photo feeds
• Twitter/X tweet embedding
• LinkedIn sharing
• Social media login options (if available)

These features may collect:

• Your IP address
• Pages you visit on our website
• Information about your social media account (if you interact with features)

Social media features are governed by the privacy policies of:

• Facebook/Meta: https://www.facebook.com/privacy
• Instagram: https://help.instagram.com/privacy
• Twitter/X: https://twitter.com/privacy
• LinkedIn: https://www.linkedin.com/legal/privacy-policy

9.3 Embedded Content

Our website may display embedded content from third-party sources:

• YouTube or Vimeo videos
• Google Maps
• Social media posts
• Reviews and testimonials from external platforms

Embedded content may:

• Set cookies on your device
• Track your interactions with the embedded content
• Collect analytics data

This content is subject to the third party’s privacy policy.

10. CHILDREN’S PRIVACY

10.1 Age Restrictions

Our services are not directed to individuals under the age of 18.

• We do not knowingly collect personal information from children under 18
• Our booking platform requires users to be at least 18 years old to create an account or make a reservation
• Our Terms and Conditions require users to be 18+ to enter into a binding contract

10.2 Parental Notice and Consent

If we become aware that we have collected personal information from a child under 18 without parental consent:

1. We will delete the information as quickly as possible
2. We will not use or share the information for any purpose
3. We will terminate any account created by the child
4. We will take steps to prevent future unauthorized access

Parents or Legal Guardians:

If you believe your child under 18 has provided personal information to us:

• Contact us immediately at: Contact@chemy.limo or +1 (630) 528-2059
• Provide details about the child and information provided
• We will investigate and take appropriate action

10.3 Minors as Passengers

While minors may use our transportation services as passengers:

• Bookings must be made by a parent, guardian, or adult over 18
• The adult booking is responsible for providing necessary information
• Minors under 18 must be accompanied by an adult or have written parental authorization (see our Terms and Conditions)

10.4 Compliance with COPPA

We comply with the Children’s Online Privacy Protection Act (COPPA) and similar state laws protecting children’s privacy.

11. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information.

11.1 Rights for All Users (Universal Rights)

Regardless of where you live, you have the following rights:

1. Right to Access:

• Request a copy of the personal information we hold about you
• Receive information about how we collect, use, and share your data
• Obtain information about retention periods

2. Right to Correction:

• Request correction of inaccurate or incomplete information
• Update your contact information, booking details, or account settings

3. Right to Deletion:

• Request deletion of your personal information
• Subject to legal retention requirements (tax records, legal obligations, etc.)
• Some information may need to be retained for fraud prevention or contract enforcement

4. Right to Opt-Out of Marketing:

• Unsubscribe from promotional emails at any time
• Opt out of marketing SMS messages
• Stop receiving marketing phone calls
• Note: You will still receive transactional communications (booking confirmations, service updates, receipts)

5. Right to Data Portability:

• Request your information in a portable, machine-readable format (CSV, JSON, or PDF)
• Transfer your data to another service provider

6. Right to Withdraw Consent:

• Where processing is based on consent, you may withdraw consent at any time
• Withdrawal does not affect lawfulness of processing before withdrawal

7. Right to Lodge a Complaint:

• File a complaint with relevant data protection authority if you believe your rights have been violated

11.2 California Residents – CCPA/CPRA Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know (CCPA Section 1798.100):

Request disclosure of:

• Categories of personal information collected about you
• Categories of sources from which information was collected
• Business or commercial purposes for collection
• Categories of third parties with whom we share information
• Specific pieces of personal information collected about you

Right to Delete (CCPA Section 1798.105):

• Request deletion of personal information collected from you
• Subject to certain exceptions (legal obligations, fraud prevention, contract performance, etc.)

Right to Correct (CPRA Section 1798.106):

• Request correction of inaccurate personal information

Right to Opt-Out of Sale/Sharing (CCPA Section 1798.120):

• We do NOT sell your personal information in the traditional sense
• We do NOT share your information for cross-context behavioral advertising
• Therefore, no opt-out is necessary for these purposes

Right to Limit Use of Sensitive Personal Information (CPRA Section 1798.121):

• We do not use sensitive personal information (as defined by CPRA) beyond what is reasonably necessary for permitted business purposes
• No opt-out action is required

Right to Non-Discrimination (CCPA Section 1798.125):

• We will NOT discriminate against you for exercising your CCPA rights
• We will not:
  • Deny services to you
  • Charge different prices or rates
  • Provide different quality of service
  • Suggest you will receive different prices or quality of service

Authorized Agent:

• You may designate an authorized agent to make CCPA requests on your behalf
• The agent must provide written authorization signed by you
• We may require you to verify your identity directly with us

CCPA Notice at Collection:

We collect the following categories of personal information (see Section 2 for details):

1. Identifiers (name, email, phone, IP address)
2. Commercial information (booking history, transactions)
3. Financial information (payment card data via Stripe)
4. Internet activity (website usage, cookies)
5. Geolocation data (pickup/drop-off locations, GPS tracking)
6. Professional information (for corporate accounts)
7. Inferences (preferences, behavior patterns)

Business purposes for collection: See Section 3 for complete list.

Categories of third parties with whom we share: See Section 4 for complete list.

Retention periods: See Section 5 for details.

11.3 European Residents – GDPR Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

We process your personal data based on the following legal grounds:

1. Contract Performance (Art. 6(1)(b) GDPR):

   • Processing necessary to fulfill transportation services you requested
   • Managing bookings, payments, and customer accounts

2. Legitimate Interests (Art. 6(1)(f) GDPR):

   • Service improvement and business analytics
   • Fraud prevention and security
   • Direct marketing (where consent not required)
   • You have the right to object to processing based on legitimate interests

3. Consent (Art. 6(1)(a) GDPR):

   • Marketing communications (you may withdraw consent at any time)
   • Non-essential cookies and tracking
   • You may withdraw consent without affecting lawfulness of prior processing

4. Legal Obligations (Art. 6(1)(c) GDPR):

   • Compliance with tax, accounting, and legal requirements
   • Responding to legal requests

5. Vital Interests (Art. 6(1)(d) GDPR):

   • Protecting safety and wellbeing in emergency situations

GDPR Rights (Chapter III GDPR):

1. Right of Access (Art. 15): Obtain confirmation of processing and copy of your data

2. Right to Rectification (Art. 16): Correct inaccurate personal data

3. Right to Erasure / “Right to be Forgotten” (Art. 17): Request deletion (subject to exceptions)

4. Right to Restriction of Processing (Art. 18): Limit how we process your data in certain circumstances

5. Right to Data Portability (Art. 20): Receive data in structured, machine-readable format

6. Right to Object (Art. 21):

   • Object to processing based on legitimate interests
   • Object to direct marketing (we will cease immediately)
   • Object to automated decision-making

7. Right Not to be Subject to Automated Decision-Making (Art. 22):

   • Right to human review of automated decisions that produce legal effects or significantly affect you
   • Includes AI-powered decisions

8. Right to Lodge Complaint with Supervisory Authority (Art. 77):

   • File complaint with your national data protection authority
   • List of EU authorities: https://edpb.europa.eu/about-edpb/about-edpb/members_en

International Data Transfers:

• Your information may be transferred to and processed in the United States
• We use appropriate safeguards for international transfers:
  • Standard Contractual Clauses (SCCs) approved by European Commission
  • Data Processing Agreements with third-party processors
  • Adequacy decisions where applicable

Data Protection Officer (if required):

• Contact: Contact@chemy.limo
• Subject line: “ATTN: Data Protection Officer”

11.4 Other State Privacy Rights (US)

Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other states with comprehensive privacy laws:

You may have similar rights to California residents, including:

• Right to access personal data
• Right to correct inaccuracies
• Right to delete personal data
• Right to data portability
• Right to opt out of targeted advertising
• Right to opt out of sale of personal data
• Right to opt out of profiling

If you are a resident of a state with privacy laws, contact us to exercise your rights.

11.5 How to Exercise Your Privacy Rights

To make a privacy request or exercise your rights:

Contact Methods:

📧 Email: Contact@chemy.limo
📞 Phone: +1 (630) 528-2059
📝 Mail:
Chemy Limousine Service
Attn: Privacy Rights Request
Plainfield, IL, USA

What to Include in Your Request:

1. Your full name
2. Email address used for booking (if applicable)
3. Phone number used for booking (if applicable)
4. Specific request (e.g., “I request access to my personal data” or “I request deletion of my account”)
5. Verification information:
   • Recent booking reference number
   • Date of last service
   • Payment method last 4 digits
   • Other information to verify identity
6. State or country of residence (for applicable privacy laws)
7. Preferred format for data delivery (PDF, CSV, JSON – for access requests)

Verification Process:

• We must verify your identity before fulfilling requests (to protect your privacy and security)
• We may request additional information or documentation
• We will not use information provided for verification for other purposes

Response Time:

• Standard requests: Within 30 days of receipt
• Complex requests: Up to 45 days (we will notify you of extension)
• GDPR requests: Within 1 month (extendable by 2 months for complex requests)

No Fee:

• First privacy request is free of charge
• Reasonable fee may apply for:
  • Excessive or repetitive requests
  • Requests requiring disproportionate effort
  • We will inform you of any fees before processing

Denial of Request:

• If we deny your request (in whole or in part), we will explain the reason
• You have the right to appeal denials (where required by law)

11.6 Opt-Out of Marketing Communications

To stop receiving marketing and promotional communications:

For Email:

1. Click the “Unsubscribe” link at the bottom of any promotional email
2. Email Contact@chemy.limo with subject line: “Unsubscribe from Marketing”
3. Call +1 (630) 528-2059 and request removal from email list

For SMS/Text Messages:

1. Reply “STOP” to any marketing text message
2. Email Contact@chemy.limo with subject line: “Opt-Out of SMS”
3. Call +1 (630) 528-2059 and request removal from SMS list

For Phone Calls:

1. Request removal during the call
2. Email Contact@chemy.limo with subject line: “Do Not Call”
3. Call +1 (630) 528-2059 and request placement on our internal Do Not Call list

Processing Time:

• Email opt-outs: Processed within 10 business days
• SMS opt-outs: Immediate (after replying “STOP”)
• Phone opt-outs: Processed within 30 days

Important Notes:

• You will continue to receive transactional communications (booking confirmations, service updates, receipts, cancellation notifications) even after opting out of marketing
• These are necessary for service delivery and contract performance
• Opt-out applies only to marketing; we may still contact you for customer service or account-related matters

To opt out of interest-based advertising:

• See Section 8.5 for instructions on disabling marketing cookies
• Use industry opt-out tools (NAI, DAA) listed in Section 8.5

12. CALIFORNIA SHINE THE LIGHT LAW

Under California Civil Code Section 1798.83 (California’s “Shine the Light” law):

California residents who have provided personal information to us may request information about our disclosure of personal information to third parties for their direct marketing purposes.

We do NOT share personal information with third parties for their direct marketing purposes.

Therefore, no disclosure is required under this law.

If you have questions or wish to make a Shine the Light request:

Contact us at: Contact@chemy.limo
Subject line: “California Shine the Light Request”

13. INTERNATIONAL DATA TRANSFERS

13.1 Cross-Border Data Transfers

Chemy Limousine Service is based in the United States.

If you are located outside the United States (including the European Economic Area, United Kingdom, or other countries), your personal information will be transferred to, stored, and processed in the United States.

The United States may have data protection laws that differ from the laws of your country.

13.2 Safeguards for International Transfers

To protect your data during international transfers, we use appropriate safeguards:

For European Economic Area (EEA), UK, and Swiss Residents:

• Standard Contractual Clauses (SCCs): EU-approved contract terms for data transfers
• Data Processing Agreements (DPAs): Contracts with processors ensuring GDPR-level protection
• Adequacy Decisions: Where applicable (e.g., Privacy Shield replacement mechanisms)
• Supplementary Measures: Additional security and privacy protections

For Other Countries:

• Contractual protections with third-party service providers
• Compliance with applicable data protection laws
• Encryption and security measures for data in transit and at rest

13.3 Third-Party Service Providers

Our third-party service providers (Stripe, Twilio, cloud hosting, etc.) may also process your data in the United States or other countries.

We ensure these providers:

• Maintain adequate data protection standards
• Comply with applicable privacy laws (GDPR, CCPA, etc.)
• Implement appropriate security measures
• Use data only for specified purposes

13.4 Your Rights Regarding International Transfers

If you are concerned about international data transfers:

• You may exercise your rights under GDPR or other applicable laws (see Section 11)
• You may request information about safeguards in place
• You may object to processing or request restriction (subject to legal obligations)

Contact us for more information: Contact@chemy.limo

14. UPDATES TO THIS PRIVACY POLICY

14.1 Right to Modify

We may update, modify, or revise this Privacy Policy from time to time to reflect:

• Changes in our business practices or services
• Changes in applicable laws and regulations (CCPA, GDPR, etc.)
• New technologies or data processing methods
• Feedback from customers, regulators, or privacy advocates
• Addition of new third-party service providers
• Changes in AI usage or data processing

14.2 Notification of Changes

How We Will Notify You:

For Material Changes:

• Prominent notice on our website homepage (banner or popup)
• Email notification to registered users and recent customers
• SMS notification for significant changes affecting core rights (where applicable)
• Updated “Last Updated” date at the top of this Privacy Policy

For Non-Material Changes:

• Updated “Last Updated” date at top of policy
• Changes will be posted on our website at https://chemy.limo/privacy-policy

Material changes include:

• Changes to purposes of data collection
• New categories of personal information collected
• New third parties receiving personal information
• Changes to your privacy rights
• Significant changes to data retention periods
• Changes to international data transfer mechanisms
• New uses of AI or automated processing

14.3 Effective Date of Changes

• Changes become effective immediately upon posting for new users
• For existing users: Changes become effective 30 days after notification (for material changes)
• For active bookings: Privacy Policy in effect at time of booking applies to that booking

14.4 Your Acceptance and Continued Use

Continued use of our services after changes are posted constitutes your acceptance of the updated Privacy Policy.

If you do not agree with changes:

1. Discontinue use of our services
2. Contact us to request deletion of your personal information (subject to legal retention requirements)
3. Cancel any pending bookings before changes take effect

You may request a copy of previous versions of this Privacy Policy by contacting Contact@chemy.limo.

14.5 Version History

Current Version: 1.0
Effective Date: February 6, 2026
Last Updated: February 6, 2026

We maintain a version history of this Privacy Policy. Previous versions are available upon request.

15. CONTACT INFORMATION

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

15.1 Privacy Officer / Data Protection Contact

Chemy Limousine Service

📍 Address:
Privacy Officer
Chemy Limousine Service
Plainfield, IL, USA

📞 Phone: +1 (630) 528-2059
📧 Email: Contact@chemy.limo
🌐 Website: https://chemy.limo

Office Hours: Available 24/7 for service; privacy inquiries typically responded to within 2-3 business days

15.2 Types of Inquiries We Handle

• Questions about this Privacy Policy
• Privacy rights requests (access, deletion, correction, etc.)
• Opt-out requests (marketing, cookies, data sharing)
• Data breach notifications or security concerns
• Complaints about privacy practices
• Requests for information about data processing
• GDPR, CCPA, or other privacy law inquiries
• Third-party privacy policy questions

15.3 Response Time Commitments

• General inquiries: 2-3 business days
• Privacy rights requests: 30 days (up to 45 days for complex requests)
• GDPR requests: 1 month (extendable by 2 months for complex requests)
• Security incidents: Immediate response and investigation

15.4 Regulatory Authorities

If you are not satisfied with our response or wish to lodge a complaint:

United States:

• Federal Trade Commission (FTC): https://www.ftc.gov
• Illinois Attorney General – Consumer Protection Division: https://www.illinoisattorneygeneral.gov

California Residents:

• California Attorney General – Privacy Enforcement: https://oag.ca.gov/privacy

European Economic Area Residents:

• Your National Data Protection Authority: https://edpb.europa.eu/about-edpb/about-edpb/members_en
• File complaint with supervisory authority in your country

16. CONSENT AND ACKNOWLEDGMENT

BY USING OUR WEBSITE, BOOKING PLATFORM, OR SERVICES; BY PROVIDING YOUR INFORMATION; OR BY PROVIDING YOUR ELECTRONIC SIGNATURE DURING THE BOOKING PROCESS, YOU EXPLICITLY ACKNOWLEDGE AND AGREE THAT:

✅ You have read and understood this Privacy Policy in its entirety

✅ You understand how we collect, use, share, and protect your personal information

✅ You consent to:

• Collection of personal information as described in Section 2
• Use of information for purposes outlined in Section 3
• Sharing of information with third parties as described in Section 4
• Use of cookies and tracking technologies as described in Section 8
• Processing by artificial intelligence systems as described in Section 7
• International data transfers as described in Section 13
• Storage and retention of data as described in Section 5

✅ You understand your privacy rights under applicable laws (CCPA, GDPR, etc.) and know how to exercise them (Section 11)

✅ You agree to receive:

• Transactional communications (booking confirmations, service updates, receipts) via email, SMS, and phone
• These communications are necessary for service delivery and cannot be opted out
• Marketing communications (if you have consented separately)

✅ You acknowledge:

• IP address tracking for fraud prevention (Section 2.2 and Terms and Conditions Section 5.4)
• Payment card storage with Stripe for future use and additional charges (Terms and Conditions Section 5.3)
• Electronic signature has same legal effect as handwritten signature
• This Privacy Policy is incorporated into our Terms and Conditions

✅ For California residents: You acknowledge receipt of our CCPA Notice at Collection (Section 11.2)

✅ For European residents: You acknowledge our legal bases for processing and international data transfer safeguards (Section 11.3 and 13)

17. ADDITIONAL LEGAL INFORMATION

17.1 Relationship to Terms and Conditions

This Privacy Policy is incorporated into and governed by our Terms and Conditions (available at https://chemy.limo/terms).

In case of conflict between this Privacy Policy and Terms and Conditions regarding privacy matters, this Privacy Policy shall prevail.

17.2 Governing Law

This Privacy Policy is governed by the laws of the State of Illinois, without regard to conflict of law principles, and applicable federal laws of the United States.

Privacy rights under CCPA, GDPR, and other state/national laws are preserved as outlined in this policy.

17.3 Severability

If any provision of this Privacy Policy is found to be invalid, illegal, or unenforceable:

• The invalid provision shall be modified to the minimum extent necessary to make it valid
• If modification is not possible, the provision shall be severed
• All other provisions shall remain in full force and effect

17.4 Language

This Privacy Policy is written in English. Any translations provided are for convenience only. In case of conflict, the English version prevails.

17.5 Entire Agreement

This Privacy Policy, together with our Terms and Conditions, constitutes the entire agreement regarding privacy practices between you and Chemy Limousine Service.

18. COMMITMENT TO PRIVACY

Chemy Limousine Service is committed to protecting your privacy and earning your trust.

We recognize that privacy is a fundamental right, and we take our responsibility seriously to:

• Collect only the information necessary to provide excellent service
• Use your information transparently and lawfully
• Protect your information with robust security measures
• Respect your privacy rights under applicable laws
• Be responsive to your questions and concerns
• Continuously improve our privacy practices

Thank you for trusting Chemy Limousine Service with your personal information.

We value your business and are dedicated to providing exceptional luxury transportation services while safeguarding your privacy.

END OF PRIVACY POLICY

If you have any questions about this Privacy Policy or our privacy practices, please contact us at Contact@chemy.limo or +1 (630) 528-2059.

For service bookings, visit: https://chemy.limo

Document Information:

Document Title: Privacy Policy
Company: Chemy Limousine Service
Version: 1.0
Effective Date: February 6, 2026
Last Updated: February 6, 2026
Document Owner: Chemy Limousine Service Management
Review Frequency: Annually or as needed for legal compliance

Legal Compliance:

This Privacy Policy has been prepared to comply with:

• US Federal Laws: ESIGN Act, TCPA, FTC Act
• State Laws: California Consumer Privacy Act (CCPA/CPRA), Illinois Biometric Information Privacy Act (BIPA), Virginia VCDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA, and other state privacy laws
• International Laws: European Union General Data Protection Regulation (GDPR), UK GDPR, Swiss Federal Act on Data Protection
• Industry Standards: PCI-DSS (via Stripe), TCPA compliance (via Twilio)
• AI Regulations: Illinois AI Video Interview Act, FTC AI guidance, emerging AI disclosure requirements
• Sector-Specific Regulations: Illinois Department of Transportation rules, ADA

For Legal Review:

This Privacy Policy should be reviewed by qualified legal counsel licensed in Illinois and familiar with federal privacy laws, CCPA, GDPR, and industry-specific regulations. Adjustments may be needed based on:

• Changes in privacy laws or regulations
• Court decisions interpreting privacy rights
• New AI or data processing technologies
• International data transfer mechanisms
• Industry best practices
• Regulatory guidance from FTC, state attorneys general, or data protection authorities