Get Started

Privacy Police

Effective Date: June 1, 2020

The materials on this website or mobile application are provided by CARL, Inc., (hereinafter, “CARL,” “we” or “us”). The CARL website at (including all content under the “” domain name) is owned by CARL, Inc., and is referred to herein as the “Website.” This notice (“Privacy Policy”) is included with and supplements our Website Terms of Service. The services that we may provide to you via the Website or CARL mobile application (“App”), as well as the Website and App themselves, are referred to herein and in the Terms of Service as the “Services.” This Privacy Policy explains our online information collection and use practices, and the choices you can make about the way we use such information. It is important that you take the time to read and understand this Privacy Policy so that you can appreciate how we use your personal information.


  1. Important Notices

    1. EU Privacy Rights. For users that are citizens of the European Union ("EU"), this Privacy Policy is subject to the provisions of the General Data Protection Regulation ("GDPR") and other applicable privacy laws. In such case, we are a data “Controller” and you are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.” We will take commercially reasonable steps to maintain compliance with GDPR requirements.  Your Personal Data may identify you as a person, and thus is often referred to as Personally Identifiable Information ("PII").
    2. California Privacy Rights. The California Consumer Privacy Act (“CCPA”) of 2018 enhances privacy rights and consumer protection for residents of California. Under the CCPA, California residents have the rights to: 1) know what Personal Data are being collected about them; 2) know whether their Personal Data are sold or disclosed, and to whom; 3) say 'no' to the sale of their Personal Data; 4) access their Personal Data; and 5) not be discriminated against for exercising their privacy rights under the CCPA. California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their PII to third parties. To make such a request, please contact us at Please include enough detail for us to locate your file; at a minimum, your name, email and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.

  2. Who Collects Your Information?
    We do. We collect information from you via the Services, and we are responsible for protection of that information.

  3. What Information Do We Collect?
    1. Requested Information. On various pages on the Services, we may request specific PII about you in order to register you for an account to use our Services, add you to our email list, facilitate your payments for Services, or fulfill your requests for information. You may choose not to provide your PII, but then you might not be able to take advantage of some of the features of our Services. We only collect basic Personal Data about you that does not include any special types of information (e.g., health-related). The types of Personal Data we collect and save include:
      • Contact and account registration information such as name, email address, physical address, phone number, business name, business URL, employer, job title;
      • Financial information such as bank account information, credit card number, name, CVV code, date of expiration;
      • Information that you provide in using our Services, such as information about your investment goals and similar content you may process through the Services;
      • Information you provide such as feedback, comments or other messages;
      • Technical information collected in our logs (e.g., your IP address, page URLs and timestamp, etc.); and
      • Device information such as the mobile phone provider associated with the device you are using to access the Services, your device’s unique identifier, the type of device and its operating system, the pages or features accessed most frequently, calls and messages placed through the Services, how pages or features of the Services are used, search terms entered, and similar analytics about use of the Services.
    2. Anonymous and Aggregate Information. We may use data capture, syndication, analysis and similar tools to extract, compile, synthesize and analyze non-PII data collected via your access and use of the Service (“Anonymous Data”). We may further aggregate and combine your de- identified Anonymous Data (such as age, gender, race, religion, marital status, net worth, household income, the type of browser you are using, device type, the operating system you are using, and the domain name of your Internet service provider) with the Anonymous Data of others (“Aggregated Data”). To the extent that we collect any Anonymous Data or Aggregated Data, we shall own such Anonymous Data or Aggregated Data and may use it for any lawful business purpose without a duty to account for such use to you, provided that Anonymous Data is used only in an aggregated form, without specifically identifying the source of the Anonymous Data. Without assuming any obligations or liabilities of yours, we agree to use commercially reasonable efforts to comply with applicable laws and regulations respecting the dissemination and use such Anonymous Data or Aggregated Data.
    3. Location Information. We may collect, maintain, process and use your location data, including the real-time geographic location of your mobile device (“Location Data”) as necessary to provide the Services’ full functionality. By using or activating any location-based services on a mobile device, you agree and consent to our collection, maintenance, publishing, processing and use of your Location Data in order to provide you with the Services. We do not collect Location Data in a form that personally identifies you. You may withdraw your consent to our use of your Location Data at any time by turning off the location-based services on the mobile device you are using, or by not using any location-based features. Turning off or not using location-based features may impact the functionality of the Services as delivered to you. Location Data provided by the Services is used for basic navigational purposes only, and is not intended to be relied upon in situations where precise location information is needed or where erroneous, inaccurate or incomplete Location Data may lead to death, personal injury, property or environmental damage. Any use of real-time route guidance via the Services is at your sole risk. You understand that Location Data provided by the Services may not be accurate. We do not guarantee the availability, accuracy, completeness, reliability or timeliness of Location Data displayed by the Services.

  4. Why Is My Information Being Collected?

    We need to collect your Personal Data so that we can provide the Services, respond to your requests for information and demonstrations, add you to our emailing lists, and process your requests for access to our Services. We also collect Aggregate Data to help us better design the Services. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer and troubleshoot the Services, calculate usage levels, and provide support to you.

  5. How Do We Use the Information We Collect?

    1. We use the Personal Data you provide for the purposes for which you have submitted it including:
      • Responding To Your Inquiries and Fulfilling Your Requests. We may use your PII to respond to your inquiries and to fulfill your requests for information.
      • Creating and Maintaining Your User Account. We use your PII to create and maintain an account for you to allow you to purchase and use the Services we make available.
      • Communicating With You About Our Services. We may use your PII to send you marketing information about new Services and other items that may be of interest to you. We may also contact you on behalf of our third party business partners about a particular offering of theirs that may be of interest to you.
      • Improving Our Services. We may use your information to make our platform more stable and user-friendly, to analyze Services issues, and to develop new marketing programs relating to the Services.
      • Sending Administrative Emails. We may use your PII to send you email messages to: (a) confirm your account and your other PII, (b) process transactions that you make using our Services, (c) provide you with information regarding the Services, or (d) inform you of changes to this Privacy Policy, our Terms of Service, or our other policies.
    2. We may use Anonymous Data and Aggregate Data to improve the design and content of our Services, enable us to personalize your Internet experience, analyze how our Services are used, analyze industry trends, as well as offer new products.

  6. Do We Share Your Personal Data?

    1. In general, we will not share your Personal Data except: (a) for the purposes for which you provided it; (b) with your consent; (c) as may be required by law (e.g., in response to a court order or subpoena, or in response to a law enforcement agency request); (d) as we think necessary to protect our organization or others from injury (e.g., when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another); or (e) on a confidential basis with persons, partners or organizations with whom we contract to carry out internal site operations or as necessary to render the Services (“Service Providers”).
    2. Dwolla; In order to use the payment functionality of our application, you must open a "Dwolla Platform" account provided by Dwolla, Inc. and you must accept the Dwolla Terms of Service and Privacy Policy. Any funds held in the Dwolla account are held by Dwolla's financial institution partners as set out in the Dwolla Terms of Service. You authorize us to collect and share with Dwolla your personal information including full name, date of birth, social security number, physical address, email address and financial information, and you are responsible for the accuracy and completeness of that data. You understand that you will access and manage your Dwolla account through our application, and Dwolla account notifications will be sent by us, not Dwolla. We will provide customer support for your Dwolla account activity, and can be reached at
    3. We do not sell your Personal Data.
    4. We may share Anonymous Data or Aggregate Data with others, including affiliated and non- affiliated organizations such as advertisers.
    5. Finally, we may transfer your Personal Data to our successor-in-interest in the event of an acquisition, sale, merger or bankruptcy.

  7. Are There Other Ways My Personal Data Could Be Shared?

    You may elect to share certain Personal Data with individuals (e.g., other members) or with the public via your use of the Services or the Services. In this case, you will control such sharing via settings that we provide. For example, the Services may make it possible for you to publicly share information via social media such as Facebook or Twitter. Be aware that when you choose to share information with friends, professionals, public officials, or with the public at large, you may be disclosing sensitive information, or information from which sensitive information can be inferred. Always use caution when sharing information through the Services. You understand and agree that we are not responsible for any consequences of your sharing of information through and beyond the Services.

  8. How Can You Access and Control Your Information?

    1. After registering for an account within the Services, you may log-in to the account and edit your Personal Data in your profile. You may have your name placed on our do-not-share list to specifically prohibit us from sharing your Personal Data with our business partners for marketing purposes. For instructions on how you can further access your Personal Data that we have collected, or how to correct errors in such information, please send an e-mail to We will also promptly stop using your information and remove it from our servers and database at any time upon your request. To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections or removing your information.
    2. If you are an EU citizen and believe that we have misused your Personal Data, you have the right to contact the European Data Protection Supervisor (“EDPS”) to ask the EDPS for advice on how to exercise your rights or to ask the EDPS to investigate a complaint. For more information, see EDPS Complaints.

  9. How Do We Store and Protect Your Information?

    1. After receiving your Personal Data, we will store it on our systems for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect. Unfortunately, no data transmission or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our Service Providers' systems.
    2. If you are using the Services from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our web servers and internal systems located within the USA. By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer and storage of information in and to the USA, where you may not have the same rights and protections as you do under your local law.
    3. We store Personal Data for as long as reasonably required for its purpose or for any additional period required by law (if any). We and our Service Providers will delete your account information and Personal Data when you or when we delete your account. We may store information longer for legitimate business reasons (for example, Personal Data may remain in backups for a reasonable period of time), or as legally required. Otherwise, we store your Personal Data until you request us to remove it from our servers. We store our logs and other technical records indefinitely.

  10. How Do We Use Cookies And Other Network Technologies?

    1. Cookies. To enhance your online experience with us, our web pages may presently or in the future use "cookies." Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in a cookie. You can set your browser to notify you when you receive a cookie, providing you with as much control as you wish as to the decision to accept/reject the cookie, and deletion of the cookie upon leaving our Services. Please note, however, that if your browser does not accept cookies, you may not be able to take advantage of all of the features of our Services. If your would like more information about cookies and how to control and delete cookies in various browsers, such as Internet Explorer, Firefox, Safari and Chrome, please visit
    2. GIFs. We or our service providers may also use "pixel tags," "web beacons," "clear GIFs," “embedded links” and other commonly-used information-gathering tools in connection with some Services pages and HTML-formatted email messages. We use these tools for such purposes as compiling aggregate statistics about Services usage and response rates. A pixel tag is an electronic image (often a single pixel), that is ordinarily not visible to website visitors, and may be associated with cookies on visitors’ hard drives. Pixel tags allow us and our Service Providers to count users who have visited certain pages of the Services, to deliver customized services, and to help determine the effectiveness of our Services. When used in HTML-formatted email messages, pixel tags can inform the sender of the email whether and when the email has been opened.
    3. Clickstreams. As you use the Internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data”, can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the Uniform Resource Locator (“URL”) or IP address of the website from which you linked to the Services. We may use clickstream data as a form of non-PII to determine how much time visitors spend on each page of our Services, how visitors navigate through the Services, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our Services.
    4. Do Not Track. Many modern web browsers give you the option to send a “Do Not Track” signal to the websites you visit, indicating that you do not wish to be tracked. At this time, the Services do not specifically respond to “Do Not Track” signals.
    5. Advertising. Note that we may use cookies and other technologies for purposes of on-line advertising. This means that when you use the Services, we or third party ad servers, ad network providers or advertisers (collectively “Ad Providers”) may use cookies that they collect or that we provide to them. Such Ad Providers may collect information about your use of the Services (including mobile applications) or your online activities over time and across different websites and devices. Collected information may include the content you viewed, the date and time that you viewed this content, and the website that referred you to the Services. This information may be associated with your unique browser, device identifier or IP address. Ad Providers may provide you with advertisements that you may see on the Services or on affiliated websites. To improve the relevancy and help measure the effectiveness of such advertisements, the Ad Providers may use cookies, web beacons, clear GIFs or similar technologies. These practices help tailor advertisements that are relevant and of use to you. You may control or opt-out of such advertising by changing the cookie settings in your browser as described above.
    6. User Behavior Tracking. We may track the webpages and links our users visit within our Services, in order to determine what Services are most popular. We may use such tracking data to deliver customized content and advertising to users whose behavior indicates they are interested in a particular subject area. We may also collect user data to enable “heat mapping” capabilities that track the areas of a webpage where users most frequently move the mouse or click. These tracking activities make it possible to monitor and analyze web traffic and evaluate user behavior to customize our Services.

  11. Collection of Information by Others

    We may provide links to certain third party websites that you may click-on from our Services. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.

  12. Children and Young People’s Information

    We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, CCPA, USA Children's Online Privacy Protection Act (“COPPA”) and associated Federal Trade Commission (“FTC”) rules for collecting Personal Data from minors. Please see the FTC's website ( for more information. Our Services will not knowingly accept Personal Data from anyone under 13 years old in violation of applicable laws, without consent of a parent or guardian. In the event that we discover that a person under the age of 13 has provided PII to us without parental consent, we will make efforts to delete the person’s information in accordance with the COPPA. If you have concerns about this Services or its Services, wish to find out if your child has accessed our Services, or wish to remove your child's Personal Data from our servers, please contact us at

  13. Changes to this Policy

    Because our business needs may change over time, we reserve the right to modify this Privacy Policy. If at any time in the future we plan to use your PII in a way that differs from this Privacy Policy, we will revise this Privacy Policy as appropriate. In the event of a change to our Privacy Policy, we will email the updated policy to the email address that you provided to us. Your continued use of the Services following our notice of changes to this Privacy Policy means you accept such changes.

  14. Our Contact Information

    If you have any questions or concerns about this Privacy Policy, please contact us via email at 17 John Street, Sixth Floor New York, NY 10038.

Copyright © CARL, Inc. All rights reserved. The Services is protected by United States and international copyright, trademark, and other applicable laws. This includes the content, appearance, and design of the Services, as well as the trademarks, product names, graphics, logos, service names, slogans, colors, and designs.

Was this information useful?
(0ratings, Ø 0.0)