PRIVACY POLICY

RVDesk

A product of Inertia Solutions, LLC

Effective Date: April 21, 2026

This Privacy Policy ("Policy") describes how Inertia Solutions, LLC, a Washington limited liability company ("Company," "we," "us," or "our"), collects, uses, discloses, and protects information in connection with the RVDesk platform, including all related websites, applications, and services (collectively, the "Platform"). The Platform is a software-as-a-service product designed for mobile recreational vehicle ("RV") repair technicians and their customers.

By accessing or using the Platform, you acknowledge that you have read, understood, and agree to the practices described in this Policy. If you do not agree with this Policy, you must discontinue use of the Platform immediately.

For purposes of this Policy, the following terms have the meanings set forth below:

• "Customer" means an individual who submits a service request through the Platform or otherwise receives services from a Subscriber.
• "Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.
• "Platform" means the RVDesk website, web application, customer portal, intake forms, and all related features and services operated by the Company.
• "Subscriber" means a mobile RV repair technician or business that subscribes to the Platform to manage service requests, estimates, scheduling, and customer relationships.
• "Third-Party Application" means an external software service that integrates with the Platform, including but not limited to QuickBooks Online, Google Maps Platform, Twilio, and Resend.
• "Usage Data" means information collected automatically through the Platform, including but not limited to browser type, device identifiers, pages viewed, clickstream data, session duration, and referring URLs.

When a Subscriber creates an account, connects third-party services, or uses the Platform, we may collect:

• Full legal name and business name
• Email address and telephone number
• Business address and service area
• Brand assets, including business logo and color preferences
• QuickBooks Online account credentials (OAuth tokens only; we never collect or store QuickBooks passwords)

When a Customer submits a service request or creates an account through the Platform, we may collect:

• Full name, email address, and telephone number
• Service address and billing address
• Vehicle information, including make, model, year, length, number of slides, vehicle identification number ("VIN"), and vehicle type
• Description of repair symptoms and service needs
• Photographs of the vehicle or affected components uploaded through the intake form
• Electronic signature image and associated geolocation coordinates captured at the time of estimate signing
• Communication preferences (email, SMS, or both)

When you access the Platform, we automatically collect certain information, including:

• IP address, browser type and version, operating system, and device identifiers
• Pages viewed, features used, session duration, and clickstream data
• Referring and exit URLs
• Date and time stamps of Platform access

When a Subscriber connects their QuickBooks Online account or when we process information through integrated services, we may receive:

• Customer records, item catalogs, estimate records, and invoice records from QuickBooks Online
• Geocoding results and distance calculations from Google Maps Platform
• SMS delivery status and metadata from Twilio
• Email delivery status and metadata from Resend

We access Third-Party Application data solely to provide Platform functionality. We do not use data obtained from Third-Party Applications for purposes unrelated to the Platform, and we do not sell data obtained from Third-Party Applications to any party.

We collect geolocation data in the following limited circumstances:

• Service address geocoding: We convert the service address provided by a Customer into geographic coordinates to calculate distance from the Subscriber’s base location. This calculation is performed using the Google Maps Platform.
• Signature capture: When a Customer signs an estimate, the Platform may request browser-based geolocation permission. If granted, latitude and longitude coordinates are recorded alongside the signature to establish the location at which the estimate was executed. Geolocation at signature is optional; Customers may decline the browser prompt without affecting their ability to sign.

We use the information we collect for the following purposes:

• To create and manage Subscriber and Customer accounts
• To process service requests, generate estimates, and facilitate scheduling
• To synchronize data with QuickBooks Online, including creating and updating customer records, estimates, invoices, and file attachments
• To calculate service distances and lead scores
• To generate and store signed estimate documents in PDF format
• To send transactional emails and SMS messages, including magic-link authentication, estimate notifications, appointment confirmations, and status updates

We use anonymized and aggregated data collected through the Platform to analyze usage patterns, improve Platform features, optimize performance, and develop new functionality. Anonymized data is data from which all personally identifying information has been permanently removed such that the data cannot be re-associated with any individual.

We do not use data obtained from Third-Party Applications (including QuickBooks Online, Google Maps Platform, Twilio, or Resend) for Platform improvement, analytics, machine learning, or any purpose other than providing the specific Platform functionality for which such data was obtained.

• To detect, prevent, and respond to fraud, abuse, security incidents, and technical issues
• To verify the integrity of electronic signatures and estimate documents
• To enforce our Terms and Conditions

• To comply with applicable laws, regulations, legal processes, or enforceable governmental requests
• To protect the rights, property, or safety of the Company, our users, or the public

We do not sell Personal Information. We share information only in the following circumstances:

The Platform facilitates a service relationship between Subscribers and Customers. Information submitted by a Customer through the intake form—including name, contact information, vehicle details, service descriptions, and photographs—is shared with the Subscriber to whom the service request is directed. Similarly, estimates and scheduling information created by a Subscriber are shared with the applicable Customer through the customer portal.

We share information with third-party service providers that perform functions on our behalf, solely to the extent necessary for them to perform those functions. These providers include:

• QuickBooks Online (Intuit Inc.): Customer records, estimate data, invoice data, and signed estimate PDFs are transmitted to QuickBooks Online at the Subscriber’s direction for accounting and invoicing purposes.
• Google Maps Platform (Google LLC): Service addresses are transmitted to Google for geocoding and distance calculation.
• Twilio Inc.: Customer phone numbers and message content are transmitted to Twilio for SMS delivery.
• Resend: Customer and Subscriber email addresses are transmitted to Resend for email delivery, including magic-link authentication.
• Vercel Inc.: Photographs and signed PDF documents are stored using Vercel Blob storage. The Platform is hosted on Vercel’s infrastructure.
• Neon Inc.: All structured Platform data is stored in a PostgreSQL database hosted by Neon.

We may disclose information if we believe in good faith that such disclosure is necessary to:

• Comply with a law, regulation, legal process, or enforceable governmental request
• Enforce our Terms and Conditions, including investigation of potential violations
• Detect, prevent, or otherwise address fraud, security, or technical issues
• Protect against harm to the rights, property, or safety of the Company, our users, or the public as required or permitted by law

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, Personal Information may be transferred as part of that transaction. We will provide notice before Personal Information is transferred and becomes subject to a different privacy policy.

We retain Personal Information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. Specific retention practices include:

• Account data: Retained for the duration of the account relationship and for a period of three (3) years following account termination.
• Service request and estimate data: Retained for a period of seven (7) years following creation to support warranty inquiries, tax records, and legal compliance.
• Signed estimate PDFs: Retained for a period of seven (7) years following execution.
• Geolocation data: Retained as part of the estimate record for the same period as signed estimate PDFs.
• Usage Data: Retained in anonymized and aggregated form indefinitely. Identifiable Usage Data is retained for no longer than twenty-four (24) months.
• Magic-link authentication tokens: Expire fifteen (15) minutes after issuance and are single-use. Token hashes are retained for security auditing purposes for ninety (90) days.
• QuickBooks Online OAuth tokens: Retained in encrypted form for the duration of the Subscriber’s active connection. Tokens are deleted upon disconnection.

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect Personal Information from unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption of data in transit using Transport Layer Security (TLS)
• Encryption of QuickBooks Online OAuth tokens at rest using AES-256-GCM encryption
• Hashing of authentication tokens using SHA-256 prior to storage
• Role-based access controls that restrict internal data access to authorized personnel
• Session management using signed JSON Web Tokens (JWTs) with defined expiration periods
• Webhook signature verification using HMAC-SHA256 to authenticate incoming data from Third-Party Applications

No method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially reasonable means to protect Personal Information, we cannot guarantee its absolute security.

The Platform is not directed to individuals under the age of eighteen (18). We do not knowingly collect Personal Information from individuals under eighteen (18) years of age. The electronic signature functionality of the Platform is restricted to individuals who are at least eighteen (18) years of age. If we become aware that we have collected Personal Information from an individual under eighteen (18), we will take steps to delete such information promptly. If you believe that we have inadvertently collected information from an individual under eighteen (18), please contact us using the information provided in Section 13 of this Policy.

You may access and update your Personal Information by logging into your account on the Platform. Subscribers may update their business information, brand settings, and QuickBooks Online connection through the Platform settings. Customers may update their contact information and vehicle details through the customer portal.

You may request deletion of your account by contacting us at the email address provided in Section 13. Upon receiving a verified deletion request, we will delete or de-identify your Personal Information within thirty (30) days, except to the extent that retention is necessary for:

• Completion of a pending transaction or service request
• Compliance with a legal obligation
• Detection of security incidents or protection against fraudulent or illegal activity
• Exercise or defense of legal claims

Signed estimate PDFs and associated records that have been transmitted to QuickBooks Online are under the control of the applicable Subscriber and must be deleted through the Subscriber’s QuickBooks Online account. We cannot delete records from a Subscriber’s QuickBooks Online account on a Customer’s behalf.

You may opt out of promotional communications at any time by following the unsubscribe instructions included in such communications. You may not opt out of transactional communications (such as magic-link authentication emails, estimate notifications, and appointment confirmations) while maintaining an active account, as these communications are necessary for Platform functionality.

For SMS communications, please refer to our SMS Terms and Conditions available at https://inertiasolutions.io/sms-terms-and-conditions for information regarding opting out of text messages.

Subscribers may disconnect their QuickBooks Online account from the Platform at any time through the Platform settings. Upon disconnection, we will delete stored OAuth tokens. Data that was previously transmitted to QuickBooks Online remains in the Subscriber’s QuickBooks Online account and is governed by Intuit’s privacy practices.

The Platform uses cookies and similar technologies for the following purposes:

• Session cookies: To maintain your authenticated session after magic-link verification. These cookies contain a signed JWT and expire after thirty (30) days.
• Local storage: To preserve intake form progress between steps so that navigating between steps does not result in data loss. This data is stored locally on your device and is cleared upon form submission.

We do not use third-party advertising cookies. We do not engage in cross-site tracking. We do not sell or share cookie data with third parties for advertising purposes.

The Platform integrates with Third-Party Applications as described in Section 2.4. Each Third-Party Application is governed by its own privacy policy. We encourage you to review the privacy policies of any Third-Party Application with which you interact. We are not responsible for the privacy practices of Third-Party Applications. The relevant privacy policies include:

• Intuit (QuickBooks Online): https://www.intuit.com/privacy/statement/
• Google (Maps Platform): https://policies.google.com/privacy
• Twilio: https://www.twilio.com/legal/privacy
• Vercel: https://vercel.com/legal/privacy-policy

The Platform is operated from the United States. If you access the Platform from outside the United States, you understand and agree that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Platform, you consent to such transfers.

We may update this Policy from time to time. If we make material changes, we will provide notice through the Platform or by other means prior to the change becoming effective. Your continued use of the Platform following the posting of changes constitutes your acceptance of such changes. We encourage you to review this Policy periodically. The "Effective Date" at the top of this Policy indicates when it was last revised.

If you have questions, concerns, or requests regarding this Policy or our data practices, please contact us at:

Inertia Solutions, LLC

Email: privacy@inertiasolutions.io

Website: https://inertiasolutions.io

This Policy is governed by and construed in accordance with the laws of the State of Washington, without regard to its conflict-of-laws principles.