Privacy Policy

POOL RENTAL NEAR ME

PRIVACY POLICY

Effective Date: May 6, 2026 Last Reviewed: May 6, 2026 Policy Version: PRNM-2026.1 (supersedes all prior versions, including PRNM-2025.02)

Plain-Language Summary (for layered notice; the full policy below is the controlling text)

We collect information you give us, information your device sends us when you use the Platform, and limited information from trusted third parties — so we can run bookings, pay Hosts, keep the Platform safe, comply with the law, and (only if you opt in) send you marketing. We do not sell your personal information for money. Some of our advertising partners may treat certain non-essential cookies as a "share" for cross-context behavioral advertising in some U.S. states; you can opt out at any time. Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. You can access, correct, delete, or port your data and opt out of marketing or "sale/share." Email privacy@poolrentalnearme.com with questions or to exercise any right.

1. WHO WE ARE

This Privacy Policy ("Policy") explains how Pool Rental Near Me LLC (a wholly-owned subsidiary of 10,000 Solutions LLC), doing business as "Pool Rental Near Me" ("PRNM," "Company," "we," "us," "our"), collects, uses, shares, protects, and retains personal information when you use:

  • Our website at poolrentalnearme.com and any subdomains;
  • Our mobile applications (current and future);
  • Our Learning Academy and educational modules;
  • Our communication channels (email, SMS, in-app chat, phone, and social-media interactions); and
  • Our APIs, integrations, and related services.

These are collectively the "Services." By using the Services you accept this Policy. If you do not agree, do not use the Services.

2. SCOPE AND ROLES

  • U.S. Privacy Laws — "Business" / "Controller": PRNM is a "business" under the California Consumer Privacy Act as amended ("CCPA/CPRA") and a "controller" under the Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, Texas Data Privacy and Security Act, Oregon Consumer Privacy Act, Montana Consumer Data Privacy Act, Iowa Consumer Data Protection Act, Delaware Personal Data Privacy Act, New Jersey Data Privacy Act, Maryland Online Data Privacy Act, Minnesota Consumer Data Privacy Act, Tennessee Information Protection Act, Indiana Consumer Data Protection Act, Kentucky Consumer Data Protection Act, Rhode Island Data Transparency and Privacy Protection Act, New Hampshire Privacy Act, Nebraska Data Privacy Act, Utah Consumer Privacy Act, and Florida Digital Bill of Rights, where applicable.
  • EU/UK Context: PRNM is the "controller" of personal data processed under the GDPR/UK GDPR for users in the European Economic Area, the United Kingdom, and Switzerland to the extent the Services are offered to those users.
  • Processor Role: In limited cases (enterprise integrations, white-label partners), PRNM may act as a processor on behalf of another controller; that relationship is governed by a separate data-processing agreement.
  • Hosts and Renters: Information you choose to publish in a Listing or review (photos, descriptions, ratings) is visible to other Users and the public.

3. PERSONAL INFORMATION WE COLLECT — STATUTORY CATEGORIES

In the past twelve months, we have collected the following categories of personal information (using the categories required by Cal. Civ. Code § 1798.140):

| Statutory Category | Examples | |---|---| | A. Identifiers | Name, username, email, phone number, mailing address, IP address, device identifier, account ID | | B. Customer Records (Cal. Civ. Code § 1798.80(e)) | Billing address, payment-method token, transaction history, signature on waivers | | C. Protected Classifications under Cal./Federal Law | Age (to verify 18+), language preference (optional). We do not collect race, religion, citizenship, disability, or marital status. | | D. Commercial Information | Booking history, Host earnings, premium feature purchases, cancellation history | | E. Internet/Network Activity | Browser type, pages viewed, referring URL, session timestamps, click and scroll events, error logs | | F. Geolocation | Approximate location from IP; precise geolocation only with explicit permission | | G. Sensory Data | Photos and video uploaded to Listings; voice recordings only if you contact phone support and consent | | H. Professional / Employment | Limited Host business-license or property-management info (only for Hosts) | | I. Education | Learning Academy enrollment, module progress, course feedback | | J. Inferences | Booking propensity, category interests, Host-quality scores, fraud-risk signals | | K. Sensitive Personal Information (CPRA) | Account credentials (hashed); precise geolocation (with consent); government-ID verification fragments (when required for fraud or compliance); payment-account references (tokenized). We do not use SPI to infer characteristics; SPI is used only as needed to deliver the Service, prevent fraud, and comply with the law — within the exemptions in 11 C.C.R. § 7027(m). |

We do not knowingly collect:

  • Biometric data (fingerprints, facial-recognition templates);
  • Genetic data;
  • Mental- or physical-health condition data;
  • Sex-life or sexual-orientation data;
  • Citizenship or immigration status;
  • Union membership; or
  • Religious or philosophical beliefs.

We do not store full payment card numbers; our PCI-compliant payment processor handles tokenization.

4. SOURCES OF PERSONAL INFORMATION

We obtain personal information from:

  • You directly: Registration, Listing creation, Bookings, support communications, surveys, reviews, and Learning Academy enrollment.
  • Automatic collection: Cookies, pixels, SDKs, analytics scripts, and server logs when you use the Services.
  • Third parties: Payment processors (Stripe and similar), analytics providers (Google Analytics 4 and similar, with IP-anonymization where applicable), identity-verification and anti-fraud vendors, marketing and advertising networks (subject to your opt-out rights), referral and affiliate partners, and social-media platforms if you connect an account.
  • Public sources: Public records or public web information (e.g., to validate a Host's stated property address).
  • Other Users: Reviews, ratings, and dispute information about you submitted by another User.

5. PURPOSES OF PROCESSING

We process personal information for the following purposes:

  1. Provide and operate the Services — accounts, Listings, Bookings, Host payouts, messaging, customer support.
  2. Personalize the experience — search results, recommendations, dashboards.
  3. Process payments and payouts — including 1099-K and other tax-form generation.
  4. Communicate with you — transactional notices, service changes, security alerts, and (only if you opt in) marketing.
  5. Operate the Learning Academy — course delivery, progress tracking, certificates.
  6. Security and fraud prevention — detect, investigate, and prevent fraud, abuse, and security incidents.
  7. Analytics and product development — usage trends, feature testing, performance metrics.
  8. Compliance, legal process, and dispute resolution — including responses to subpoenas, court orders, and lawful requests.
  9. Corporate transactions — due diligence and integration in connection with mergers, acquisitions, financings, and reorganizations.
  10. Automated tools and profiling — non-determinative scoring with human oversight available (see Section 14).

We will not use your personal information for materially different purposes without giving you notice and, where required, obtaining your consent.

6. LAWFUL BASES (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on:

  • Contract (Art. 6(1)(b)): To deliver the Services you request.
  • Legitimate interests (Art. 6(1)(f)): To improve the Platform, ensure security, prevent fraud, and analyze usage — balanced against your rights.
  • Consent (Art. 6(1)(a)): For marketing emails/SMS where required, non-essential cookies, and precise geolocation.
  • Legal obligation (Art. 6(1)(c)): For tax, audit, AML, and lawful-request compliance.
  • Vital interests (Art. 6(1)(d)): To address urgent safety or medical incidents.

You may withdraw consent at any time where consent is the lawful basis; withdrawal does not affect the lawfulness of prior processing.

7. SMS / MOBILE INFORMATION — REQUIRED 10DLC AND CARRIER DISCLOSURES

This Section governs PRNM's collection and use of mobile-phone numbers and SMS opt-in data and is also incorporated into Section 16 of our Terms of Service.

Program Name. Pool Rental Near Me Alerts.

Information Collected. When you opt in to receive SMS messages, we collect: your mobile phone number, your express written consent, the date and time of the consent, the URL or location at which consent was given, and any text-messaging activity (deliveries, replies, opt-outs).

Use. We use this information solely to send the SMS message types disclosed in Section 16 of the Terms of Service (booking confirmations, modifications, reminders, host-renter notifications, account and security alerts, and — if separately opted in — marketing) and to comply with our legal obligations.

No Sharing of Mobile Information — Required Disclosure. Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All categories of data sharing described in this Privacy Policy exclude text-messaging originator opt-in data and consent; this information will not be shared with any third parties under any circumstances. SMS opt-in data is shared only with our messaging-service providers (such as Twilio) acting as our service providers/processors and bound by contractual confidentiality and use restrictions, and only to the extent necessary to deliver the messages you have requested.

Frequency, Costs, HELP, STOP. See Terms of Service Section 16 for full disclosures. Reply HELP for help and STOP (or any other recognized opt-out keyword) to cancel. Carrier message and data rates may apply. Carriers are not liable for delayed or undelivered messages.

Revocation. Consistent with 47 C.F.R. § 64.1200(a)(10)–(11), you may revoke consent by any reasonable means, and we will honor revocation within ten (10) business days.

Retention. SMS opt-in/opt-out logs are retained as required by the TCPA and the FCC's recordkeeping rules (currently four (4) years from the date of the most recent consent or revocation event).

8. COOKIES AND TRACKING TECHNOLOGIES

We use the following types of cookies and similar technologies. Detail and your controls are in our Cookie Policy at poolrentalnearme.com/cookies.

  • Strictly Necessary: Authentication, security, load balancing. Cannot be disabled if you wish to use the Services.
  • Functional: Remember preferences and saved filters.
  • Performance / Analytics: Measure traffic, feature use, and errors (Google Analytics 4 and similar). IP-anonymization applied where required.
  • Advertising / Retargeting: Interest-based advertising (Google Ads, Meta Pixel, and similar). Some of these technologies may constitute a "sale" or "share" under U.S. state privacy laws; you can opt out as described in Section 13.
  • Embedded Media: Map tiles, video embeds, social-share scripts.

Universal Opt-Out Mechanisms (UOOMs). PRNM honors Global Privacy Control (GPC) signals as an opt-out of "sale" and "share" (and equivalent rights) for users in: California, Colorado, Connecticut, Delaware, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, and Texas — and any other state that requires recognition. When we detect a GPC signal we display an "Opt-Out Request Honored" indicator as required by California's amended CPPA regulations.

9. HOW WE SHARE PERSONAL INFORMATION

9.1 Categories of Recipients

  • Service providers / processors: Hosting, payment processing, email/SMS delivery, analytics, identity verification, image moderation, customer support, fraud and security tools, tax-form generation. Each is bound by a written agreement restricting their use of your data to the services they provide to us.
  • Other Users: Hosts and Renters see information necessary to complete the Booking (e.g., name, profile photo, message content). Public Listing content (photos, approximate location, reviews) is visible to all Platform visitors.
  • Advertising partners (subject to your opt-out): Google, Meta, and similar networks for measurement and interest-based advertising. Excluded entirely from advertising sharing: SMS opt-in data, mobile phone numbers used for SMS, and government-ID verification data.
  • Payment and payout partners: For settlement, fraud checks, and tax reporting.
  • Legal / regulatory: When required by law, subpoena, court order, or in response to a lawful government request, and when we believe disclosure is necessary to protect our rights, the safety of any person, or the security of the Platform.
  • Corporate transactions: A successor or acquirer in a merger, acquisition, financing, reorganization, or asset sale, with notice to you where required by law.
  • With your consent: Any other disclosures you specifically authorize.

9.2 We Do Not Sell Personal Information for Money

PRNM does not sell personal information in exchange for monetary consideration.

9.3 "Share" for Cross-Context Behavioral Advertising

Use of certain advertising cookies and pixels may constitute a "share" under the CPRA and similar state laws. You can opt out at any time using the "Do Not Sell or Share My Personal Information" link in the website footer or by sending a GPC signal.

9.4 No Sale or Sharing of Minors' Data

We do not knowingly sell or share the personal information of consumers under age 16 without affirmative authorization (opt-in). The Platform is not directed to consumers under 18.

10. INTERNATIONAL DATA TRANSFERS

PRNM is based in the United States, and personal information is processed in the United States and other jurisdictions where our service providers operate. For transfers from the EEA, UK, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (2021/914), the UK International Data Transfer Addendum, and supplementary technical and organizational measures (encryption in transit and at rest, access controls, transfer-impact assessments) consistent with Schrems II. To request a copy of our SCCs (subject to redaction), email privacy@poolrentalnearme.com.

11. DATA SECURITY

We employ administrative, technical, and physical safeguards reasonably designed to protect personal information, including:

  • TLS 1.2+ encryption in transit; AES-256 (or equivalent) encryption at rest for sensitive data;
  • Role-based access controls and least-privilege principles;
  • Hashed and salted password storage;
  • Network segmentation, secrets management, and credential rotation;
  • Vulnerability management, patching, logging, and intrusion monitoring;
  • Vendor risk-management reviews;
  • An incident response and breach-notification plan tested at least annually; and
  • Employee security and privacy training.

California Cybersecurity Audits and Risk Assessments. Once PRNM meets the applicable revenue thresholds (the CPPA's phased schedule beginning April 1, 2030 for businesses with under $50M in gross revenue), we will conduct annual cybersecurity audits and document privacy risk assessments under the California Privacy Protection Agency's regulations finalized September 23, 2025.

No method of transmission or storage is 100% secure. You are responsible for keeping your password confidential and using strong, unique credentials.

12. DATA RETENTION

We retain personal information only as long as necessary for the purposes for which it was collected and to comply with legal obligations. Indicative retention periods (each "or longer if required by law"):

| Data Category | Indicative Retention | |---|---| | Active Account profile | Duration of Account + up to 24 months after closure | | Booking and transaction records | 7 years (federal and state tax) | | Host payout / 1099-K records | 7–10 years | | Identity verification fragments | Minimized after verification; verification metadata 24 months | | Support tickets | 3–5 years | | Marketing preferences and opt-out logs | Indefinitely (compliance evidence) | | SMS consent and opt-out logs | 4 years (TCPA recordkeeping) | | Security and fraud logs | 3–7 years | | Analytics (pseudonymized/aggregated) | 14–36 months | | De-identified data | Indefinitely (not reasonably re-identifiable) | | Reviews and Listing content | Until removal request (subject to public-record exception in Terms) | | Legal-hold materials | Duration of the matter + applicable limitations period |

Upon a verified deletion request, we will delete, de-identify, or anonymize personal information unless retention is required by law, necessary for fraud prevention, dispute resolution, or to enforce our agreements.

13. YOUR PRIVACY RIGHTS

13.1 Rights Available Where the Law Provides Them

Depending on where you live, you may have the right to:

  • Know / Access — confirm whether we process your personal information and obtain a copy.
  • Correct — fix inaccurate or incomplete information.
  • Delete — request deletion (subject to legal exceptions).
  • Portability — receive your data in a structured, commonly used, machine-readable format.
  • Opt out of "Sale" / "Share" — including cross-context behavioral advertising.
  • Limit Use of Sensitive Personal Information — restrict the use of SPI beyond the limited purposes permitted by 11 C.C.R. § 7027.
  • Opt out of certain Profiling and Automated Decision-Making Technology (ADMT) — see Section 14.
  • Appeal — appeal a denied request (CO, CT, VA, IN, KY, RI, MD, NJ, MN, MT, NH, OR, TN, TX, DE, NE, NH).
  • Withdraw consent — where consent is the lawful basis.
  • Non-discrimination — we will not discriminate against you for exercising your rights.

13.2 How to Exercise Your Rights

  • Email (recommended): privacy@poolrentalnearme.com
  • Toll-free phone (CCPA right): (909) 272-8096
  • Webform: poolrentalnearme.com/privacy-request
  • GPC signal: Send a Global Privacy Control signal from your browser; we honor it automatically.
  • Cookie banner / "Do Not Sell or Share": Footer link on every page.

13.3 Verification

We will verify your identity using a confirmation link to your registered email plus, where the request is sensitive (e.g., access to identifiers), recent Booking metadata. We will not require government-issued ID unless reasonably necessary for the request.

13.4 Authorized Agents

You may designate an authorized agent to make a request on your behalf, supported by a signed permission, an attached power of attorney, or proof of probate.

13.5 Response Timing

  • CCPA / state laws: Acknowledge within 10 business days; substantively respond within 45 days (extensions up to 45 additional days where reasonably necessary).
  • GDPR / UK GDPR: Respond within 1 month (extensions up to 2 additional months for complex requests).

13.6 Appeals

If we deny your request, we will explain the reason and your right to appeal. To appeal, reply to our denial email or send a new request to privacy-appeal@poolrentalnearme.com. We will respond within 60 days. If we deny the appeal, you may contact your state attorney general or supervisory authority.

13.7 EU/UK Lodging Complaint

EEA, UK, and Swiss residents have the right to lodge a complaint with their supervisory authority (e.g., the UK ICO at ico.org.uk).

14. AUTOMATED DECISION-MAKING AND PROFILING

PRNM uses limited automated tools — including fraud-risk scoring, Host-quality signals, and algorithmic search ranking — to operate the Platform. These tools generally do not make decisions producing legal or similarly significant effects without human review. Where a fully automated decision could materially affect you (e.g., automatic Account suspension for fraud), you have the right to:

  • Be informed that ADMT is in use, the categories of data inputs, and the logic involved at a general level;
  • Request human review of the decision; and
  • Opt out of ADMT for "significant decisions" once California's ADMT consumer rights become operative (compliance January 1, 2027 under the CCPA regulations finalized September 23, 2025) and similarly under Colorado, Texas, and other state laws.

Submit ADMT requests to privacy@poolrentalnearme.com.

We do not sell or share personal information for purposes of training third-party generative-AI models.

15. CHILDREN'S PRIVACY

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13 in violation of COPPA (15 U.S.C. §§ 6501–6506; 16 C.F.R. Part 312). Users between 13 and 17 may not create Accounts. Hosts must comply with all applicable laws regarding minors visiting their pools, including supervision, waivers, and parental consent.

If you believe we have inadvertently collected information from a child under 13, contact privacy@poolrentalnearme.com and we will delete it promptly.

16. NOTICE OF FINANCIAL INCENTIVE

We do not currently offer any financial incentive in exchange for the collection, sale, or sharing of personal information. If we do in the future, we will publish a Notice of Financial Incentive consistent with 11 C.C.R. § 7016.

17. CALIFORNIA "SHINE THE LIGHT" (Cal. Civ. Code § 1798.83)

We do not share personal information with third parties for those parties' own direct marketing purposes in a manner that would trigger separate disclosure under § 1798.83. If that changes, we will update this Policy and provide the disclosures required.

18. NEVADA, FLORIDA, AND OTHER STATE-SPECIFIC NOTICES

  • Nevada (NRS Ch. 603A): Nevada residents may opt out of any future sale of "covered information" by emailing privacy@poolrentalnearme.com. We do not currently sell covered information.
  • Florida (Florida Digital Bill of Rights): Florida residents who qualify under FDBR's narrow scope may exercise rights as described in Section 13.
  • Washington (My Health My Data Act): PRNM does not knowingly collect "consumer health data." If we begin to do so, we will publish a Consumer Health Data Privacy Policy as required.
  • Texas, Connecticut, Colorado, Virginia, Utah, Oregon, Montana, Iowa, Delaware, New Jersey, New Hampshire, Nebraska, Maryland, Minnesota, Tennessee, Kentucky, Indiana, Rhode Island: Rights are exercised as described in Section 13. The right to appeal is available where the law provides.

19. EU/UK USERS — ADDITIONAL DISCLOSURES

  • Controller: Pool Rental Near Me LLC (address in Section 22).
  • EU/UK Representative: Not currently appointed; if and when required (e.g., regular monitoring of EEA/UK users at scale), we will appoint and disclose one in this Section.
  • Data Protection Officer: Not currently mandatory; if and when required, we will appoint and disclose contact details here.

20. USER-GENERATED CONTENT

Information you choose to publish — Listings, photos, reviews, public Q&A — is publicly visible. Do not include sensitive personal information in public fields (e.g., full Social Security numbers, government IDs, medical information). We may moderate or remove Content that violates our policies or applicable law.

21. THIRD-PARTY LINKS AND SERVICES

The Services may contain links to or embed third-party websites, payment processors, or social-media platforms. Those third parties have their own privacy practices and policies, which we do not control. Review their policies before sharing information.

22. SECURITY INCIDENTS AND BREACH NOTIFICATION

If a security incident materially affects your personal information, we will notify you and applicable regulators as required by law (e.g., Cal. Civ. Code § 1798.82, GDPR Art. 33–34, state breach-notification statutes in all 50 states and DC). Notice may include the nature of the incident, the categories of information affected, the steps we have taken, and recommended protective measures.

23. ACCESSIBILITY OF THIS POLICY

This Policy is available in plain-language summary form at the top of this page and in alternative accessible formats on request. Email privacy@poolrentalnearme.com for an alternative format. Our Platform aims to conform substantially with WCAG 2.2 Level AA.

24. CHANGES TO THIS POLICY

We may update this Policy. For material changes, we will provide notice at least thirty (30) days in advance by email and on-Platform banner before the changes take effect. The "Effective Date" and "Policy Version" at the top reflect the latest revision. Continued use of the Services after the Effective Date constitutes acceptance.

25. CONTACT INFORMATION

Pool Rental Near Me LLC A subsidiary of 10,000 Solutions LLC Attn: Privacy Office [HQ address — Los Angeles, CA]

  • Privacy / Rights Requests: privacy@poolrentalnearme.com
  • Privacy Appeals: privacy-appeal@poolrentalnearme.com
  • Data Subject / SAR (EU/UK): privacy@poolrentalnearme.com
  • General Support: support@poolrentalnearme.com
  • Legal Notices: legal@poolrentalnearme.com
  • Phone: (909) 272-8096

26. RELATIONSHIP TO TERMS OF SERVICE

This Policy is incorporated into and supplements the Pool Rental Near Me Terms of Service at poolrentalnearme.com/terms. Privacy-related disputes are subject to the dispute-resolution provisions of the Terms (including the binding individual arbitration provision and the EFAA carve-out), except as prohibited by law. Nothing in this Policy waives any non-waivable right under applicable law.

End of Privacy Policy

PRIVACY POLICY

PoolRentalNearMe.com / 10,000 Solutions LLC

Effective Date: 08/24/2025

Last Reviewed: 09/01/2024

Policy Version: PRNM-2025.02 (supersedes prior versions, including 855527-EX)

WHO WE ARE This Privacy Policy explains how 10,000 Solutions LLC (doing business as “Pool Rental Near Me,” “PRNM,” “Company,” “we,” “us,” “our”) collects, uses, shares, protects, and retains personal information related to: The website PoolRentalNearMe.com and any subdomains Mobile applications (current and future) The Learning Academy or educational modules Communication channels (email, SMS, chat, phone, social media) APIs, integrations, and related services Collectively referred to as the “Services.” By using the Services you accept this Privacy Policy. If you do not agree, do not use the Services. SCOPE AND ROLES Data Controller (GDPR context): 10,000 Solutions LLC for core Service operations. Data Processor: In limited cases when acting on behalf of certain enterprise or integration partners (if applicable). Hosts and Guests: Host-selected listing data (e.g., pool photos) may appear publicly once approved. Recruiters / Acquisition Partners / Affiliates: Treated as business users with additional compliance expectations. DEFINITIONS (PLAIN LANGUAGE) Personal Information / Personal Data: Information that identifies or can reasonably be linked to an individual. Sell (CCPA/CPRA): Transferring personal information for monetary or other valuable consideration. Share (CPRA): Disclosure of personal information for cross-context behavioral advertising. Sensitive Personal Information (SPI): Government IDs, precise geolocation, financial account numbers, certain verification documents. Global Privacy Control (GPC): A browser or device signal we treat as an opt-out where required. CATEGORIES OF PERSONAL INFORMATION WE COLLECT We may collect some or all of the following categories (examples included). Where a purpose is stated it is illustrative rather than exhaustive. Identifiers: Name, username, display name, email address, phone number, IP address. Used for account creation, login, communication, security. Contact and Profile Details: Address (billing or approximate location), profile photo, biography. Used for listings, trust, and support. Account Credentials: Password (hashed), authentication tokens, session data. Used for secure access. Payment and Payout Data: Billing address, transaction history, partial card or payment token (stored by processor), payout details. Used for bookings, host payouts, accounting, tax compliance. Demographic Information: Age (to validate eligibility), optional gender or language preferences if provided. Used for eligibility and platform localization. Commercial / Transactional Information: Booking history, host earnings, items purchased (e.g., premium features). Used for analytics, service delivery, payouts. Internet / Network Activity: Log data, browser type, device type, referral URLs, pages viewed, session timestamps. Used for performance, security, analytics. Device and Technical Data: Operating system, app version, unique device identifiers. Used for troubleshooting, feature optimization. Location Data: Approximate location (IP-based). Optional precise geolocation if you grant permission. Used for search relevance, fraud prevention. User-Generated Content: Listing descriptions, pool images, capacity info, pricing, reviews, ratings, messages (where stored), course feedback. Used to power the marketplace and educational offerings. Communication Records: Support tickets, emails, chat transcripts, phone logs (where legally permissible). Used for customer service and quality assurance. Education / Learning Data: Course enrollments, module completion status. Used to deliver Learning Academy functionality. Inferences and Preference Segments: Booking propensity, category interests, host performance indicators. Used for personalization and product improvement. Identity Verification Data (if implemented): Government ID confirmation details or verification tokens. Used for fraud prevention and trust. Sensitive Personal Information (limited and only if necessary): Identity verification fragments, payment token reference, precise geolocation (only with explicit permission). Used strictly for security, compliance, or core functionality. We do not knowingly collect biometric data. We do not store full payment card numbers (our payment processor handles secure tokenization).

SOURCES OF PERSONAL INFORMATION Direct Submission: Registration forms, booking forms, host listing creation, support communications, surveys, feedback forms. Automatic Collection: Cookies, pixels, SDKs, analytics scripts, server logs. Third Parties: Payment processors, analytics providers, identity verification and anti-fraud vendors, marketing or advertising networks, referral and affiliate partners, social platforms if you connect accounts. Publicly Available Information: Public records or publicly posted pool-related details used to validate accuracy or legitimacy. Referral / Recruiter Partners: Host lead data or contact information submitted under partner agreements. LAWFUL BASES FOR PROCESSING (GDPR / UK GDPR / SIMILAR FRAMEWORKS) We rely on one or more of the following lawful bases: Contract: To provide requested Services (accounts, bookings, payouts). Legitimate Interests: Improve platform, ensure security, prevent fraud, analyze usage, enhance user experience (balanced against individual rights). Consent: Marketing emails/SMS where required, non-essential cookies, precise geolocation, certain promotions. Legal Obligation: Tax reporting, responding to lawful requests, maintaining financial records. Vital Interests / Safety: Addressing urgent safety incidents or emergencies. Public Interest (rare): Only if mandated by binding legal authority. You may withdraw consent at any time where consent is the lawful basis.

HOW WE USE PERSONAL INFORMATION Provide and operate the Services (accounts, bookings, payouts, messaging). Display and facilitate host listings and guest discovery. Personalize search results, recommendations, notifications, dashboards. Process payments, issue refunds, manage host payouts, prepare tax documents. Communicate: Transactional notifications, service changes, support responses. Marketing (if permitted): Offers, promotions, platform updates. Learning Academy delivery (courses, progress tracking). Security and Fraud Prevention: Monitor suspicious activity, block abusive conduct. Analytics and Product Development: Usage trends, performance metrics, feature testing. Compliance and Dispute Resolution: Investigate disputes, enforce terms, respond to lawful requests. Corporate Transactions: Due diligence for mergers, acquisitions, reorganizations, or asset sales. AI / Automated Assistance (non-determinative): Score trust or quality signals with human oversight available. COOKIES AND SIMILAR TECHNOLOGIES We may use: Strictly Necessary Cookies: Authentication, security, core navigation. Functional Cookies: User preferences, saved filters. Performance / Analytics Tools: Traffic measurement, feature effectiveness, error tracking. Advertising / Retargeting Technologies: Interest-based ads (only where permitted and after opt-in/opt-out compliance). Social / Embedded Media Scripts: Map tiles, video embeds, social sharing. Controls you have:

Regional cookie consent banner (for EU/UK/EEA and certain US states). Browser or device settings to clear or block cookies. Opt-out of certain analytics or ads where mechanisms exist. Global Privacy Control signal honored as an opt-out of “sale” / “share” where required. DATA SHARING AND DISCLOSURE We do not sell personal information for monetary consideration. We may “share” identifiers and usage data for cross-context behavioral advertising unless you opt out. Potential disclosures: Service Providers / Processors: Hosting, payments, email/SMS delivery, analytics, identity verification, image moderation, customer support, security tools. Advertising / Marketing Partners: Only for permitted and consented ad use. Payment and Payout Partners: Transaction settlement, fraud checks, tax reporting. Legal / Regulatory: To comply with applicable law, lawful requests, and to protect rights. Corporate Transactions: Transfer to successor entity during mergers, acquisitions, reorganizations, asset sales (with notice). Other Users: Host listing content (photos, approximate location, description), reviews, usernames or display names. Aggregated or De-Identified Data: Market analysis, trends, platform performance. With Consent: Any additional disclosures you explicitly authorize. INTERNATIONAL DATA TRANSFERS

Data may be processed in the United States and other jurisdictions. Safeguards may include Standard Contractual Clauses (SCCs), UK Addendum, or equivalent legal mechanisms. Additional technical and organizational measures are applied to protect data. You can request more details (subject to redactions).

DATA SECURITY

We use organizational, technical, and administrative safeguards including:

Encryption at rest and in transit (TLS) Role-based access controls and least privilege approaches Segmented infrastructure and credential management Vulnerability management, patching, and monitoring Incident response plan and breach notification protocols Despite safeguards, no method of transmission or storage is 100% secure; user diligence (strong password, avoiding credential reuse) is encouraged.

DATA RETENTION We retain personal information only as long as necessary for stated purposes or legal obligations. Illustrative retention patterns: Account Profile Data: Retained while account is active plus a reasonable period (e.g., up to 2 years) for reactivation or dispute resolution. Transaction and Financial Records: Typically 7 years (or longer if required) for tax/audit/legal obligations. Booking and Messaging Records: Duration of account plus a limited period for support, fraud, and dispute handling. Support Tickets: Generally 3–5 years for quality assurance and reference. Marketing Preferences and Opt-Out Logs: Retained to demonstrate compliance. Host Payout and Tax Documentation: 7–10 years depending on jurisdictional requirements. Security / Fraud Logs: Retained for extended periods (e.g., 3–7 years) to detect patterns. Analytics Data (pseudonymized or aggregated): Typically 12–36 months. De-Identified Data Sets: May be retained indefinitely (not reasonably re-identifiable). Upon verified deletion request and eligibility, we will delete, de-identify, or anonymize unless retention is mandated by law or necessary for legitimate defense.

YOUR RIGHTS AND CHOICES Rights vary based on jurisdiction but may include: Access: Request confirmation and a copy of personal data. Correction (Rectification): Update inaccurate or incomplete data. Deletion (Erasure): Request deletion; exceptions apply (legal obligations, disputes). Restrict Processing: Limit certain processing where legally available. Object: Object to processing based on legitimate interests or direct marketing. Data Portability: Receive certain data in a structured, commonly used, machine-readable format. Withdraw Consent: For activities relying solely on consent (e.g., certain marketing or geolocation). Opt-Out of Marketing: Use unsubscribe links, STOP for SMS (where implemented), or settings. Opt-Out of Sale/Sharing (California and similar states): Use the “Do Not Sell or Share My Personal Information” link or a recognized GPC signal. Limit Use of Sensitive Personal Information (CPRA): Where SPI use exceeds allowable scope (we currently restrict SPI to essential operations). Appeal (Colorado / Connecticut / Virginia / etc.): Appeal denied rights requests by emailing privacy contact; unresolved issues may be escalated to the state Attorney General. EU/UK Specific: Right to lodge a complaint with a supervisory authority, and right not to be subject to a decision based solely on automated processing producing legal or similarly significant effects (we do not currently engage in such processing). How to exercise rights:

Email (recommended): privacy@poolrentalnearme.com (proposed address) Provide sufficient information for verification. We generally respond within 30–45 days (extensions may apply under applicable law). CHILDREN’S PRIVACY

Services are not directed to children under 13 (US) or the minimum digital consent age in their jurisdiction (13–16 in the EU/UK depending on country). We do not knowingly collect data from minors under these thresholds. If you believe we inadvertently collected such data, contact us for deletion. Hosts must follow all laws regarding minors attending events.

MARKETING COMMUNICATIONS

Transactional Emails: Booking confirmations, security alerts, account notices (cannot generally be opted out). Promotional Emails / SMS / Push: You can opt out via unsubscribe link, STOP reply (SMS), device settings (push), or account settings. Learning Academy Notifications: May be managed separately once platform settings allow. USER-GENERATED CONTENT

Content you submit (listings, photos, reviews, public Q&A) may be displayed publicly. Avoid providing sensitive data in public fields. We may moderate or remove content that violates policies.

THIRD-PARTY SERVICES AND LINKS

External websites, integrated widgets, payment processors, or social media platforms have independent privacy practices. Review their policies. We are not responsible for third-party handling outside our control.

SECURITY INCIDENTS AND BREACH NOTIFICATION

If a data breach materially impacts your personal information, we will provide notifications as required by law, which may include recommended protective steps (e.g., password reset vigilance).

INTERNATIONAL USERS

By using the Services outside the United States you consent to transferring and processing your data in the United States and other jurisdictions, subject to safeguards described in this Policy.

AUTOMATED TOOLS AND PROFILING

We may apply non-sensitive scoring (e.g., host quality indicators, trust signals) to improve platform safety and performance. These do not produce decisions with legal or similarly significant effects without human involvement. You may request explanation or review.

FINANCIAL AND TAX COMPLIANCE

We process host payout information and may produce required tax forms (e.g., 1099-K or similar) and share with tax authorities where mandated.

CHANGES TO THIS POLICY

We may update this Policy periodically. Material changes may be highlighted via banner, email, or dashboard notice. Revised versions are effective on the posted Effective Date. Continued use after changes signifies acceptance.

CONTACT INFORMATION

Primary Privacy Contact:

10,000 Solutions LLC (Pool Rental Near Me)

Attn: Privacy Office

7785 Halbrook Terrace

Riverside, CA 92509 USA

General Support: hello@10000solutions.com

Privacy / Rights Requests: privacy@poolrentalnearme.com (proposed – create before publishing)

Phone (choose and standardize ONE before publishing): [Insert final chosen number]

If an EU/UK representative or Data Protection Officer becomes required, we will update this section.

CALIFORNIA AND OTHER STATE DISCLOSURES

We do not sell personal information for money. We may “share” data for cross-context behavioral advertising; you can opt out. No financial incentive programs are active (if introduced, we will provide a required notice). We do not knowingly sell or share data of individuals under 16. California Shine the Light: We do not share personal information with third parties for their own direct marketing in a manner triggering separate disclosure; if that changes, we will revise this Policy. Nevada: We do not sell covered information under Nevada law; requests may be sent to the privacy email. Colorado / Connecticut / Virginia / Utah: Your rights are detailed in Section 13; appeals are accepted via the privacy contact. DATA MINIMIZATION AND QUALITY

We collect only data reasonably necessary for stated purposes. We take steps to maintain accuracy (user-editable profile fields, correction workflows).

DE-IDENTIFICATION PRACTICES

Where feasible we de-identify or aggregate data by: removing direct identifiers, hashing or tokenizing linkage keys, and applying access controls. We will not attempt to re-identify de-identified data except internally to test anonymization effectiveness.

REQUEST VERIFICATION

We may verify identity by:

Sending a confirmation link to the registered email Requesting recent booking details or limited account metadata Requesting government ID only if strictly necessary (deleted or minimized after verification) ACCESSIBILITY

We aim to provide accessible formats (plain-language summary, large print) upon request. Contact us if you need an alternative accessible version or another language variant.

DISPUTE RESOLUTION (REFERENCE TO TERMS)

Any privacy-related disputes may also be governed by the Terms of Service dispute resolution clause. This Policy does not waive any mandatory rights.

DISCLAIMER

This Privacy Policy is for transparency and does not create additional contractual rights beyond those in the Terms of Service or applicable law.

PLAIN-LANGUAGE SUMMARY (OPTIONAL LAYERED DESCRIPTION – YOU MAY PUBLISH THIS SEPARATELY)

We collect information you give us plus data about how you use the site so we can run bookings, pay hosts, keep things secure, improve features, and (if you allow) send marketing or personalized ads. You can opt out of marketing and targeted advertising. We don’t sell your data for money. You can request to see it, fix it, or ask us to delete it. Contact privacy@poolrentalnearme.com with questions.