Privacy & Cookies Policy

Effective Date: April 10, 2025

ULV (Ultimate Luxury Vehicle) (“we,” “us,” or “our”) is committed to protecting the privacy of our users (“you” or “your”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [www.driveulv.com] (the “Site”), interact with us online, use our mobile application (the “App’”), or purchase our slow-speed vehicles. For the purposes of this policy, our Site, App, and other digital touchpoints we own or manage will be referred to as “online properties.”

We collect information about you from various sources, including:

We collect personal information that you provide directly to us, such as:

• Contact Information: Name, email address, phone number, mailing address, shipping address, billing address.
• Account Information: Username and password if you create an account with us.
• Payment Information: Credit card details or other payment information when you make a purchase. These will be protected by PCI compliance.
• Other Information: Company name (if applicable), driver’s license information (if you request a test drive), and any other information you choose to provide to us through forms or correspondence.

When you visit our Site, App or interact with our online services, we may automatically collect certain information about your device and usage, such as:

• Device Information: IP address, browser type, operating system, device identifiers.
• Usage Data: Pages visited, links clicked, time spent on pages, search queries.
• Location Data: We may collect general location data based on your IP address. We do not collect precise location data from your vehicle.

We use cookies and other tracking technologies (e.g., pixels and third-party connections) to collect information about your browsing activity, preferences, and interactions with our Site. This includes:

• Google Tag Manager and Google Analytics: To analyze online traffic and user behavior.
• Google Ads (GCLID): To track the effectiveness of our advertising campaigns.
• HubSpot: For marketing automation, lead capture, and customer relationship management.
• Social Media Pixels: To track social media interactions and deliver targeted advertising.
• Hotjar: To analyze user behavior on our Site.
• WPDM: To manage access to gated content.
• ERP System: To manage your order status.
• SEMrush and Yoast SEO: To help perform better in search engines.
• Vercel and Sketchfab: To store and manage the vehicle customization preferences.

We may receive information about you from third parties, such as:

• Social Media Platforms: If you interact with our social media pages or accounts.
• Financing Partners: If you apply for financing through our partners.

• Register online or place an order for any of our products or services.
• Voluntarily complete a customer survey or provide feedback by filling out a form.
• Use or view our online properties via your browser’s cookies.

• Social Media and Advertising Platforms

We use the information we collect for various purposes, including:

• Processing orders and delivering vehicles.
• Providing customer support and responding to inquiries.
• Managing user accounts.
• Improving our Site, products, and services.

• Sending you marketing emails and newsletters (with your consent).
• Displaying targeted advertising on our online properties and other websites.
• Analyzing marketing campaign performance.
• Communicating with you about promotions, events, and other news.

When Our Company processes your order, it may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.

Our Company securely stores your data at AWS Servers and in each respective platform detailed in our cookies. The information is protected by:

• SSL/TLS Encryption
• Usage of complex passwords with a combination of uppercase and lowercase letters, numbers, and symbols.
• Role-Based Access Control
• Web Application Firewal
• Regular Security Updates and Patches
• Malware Scanning and Prevention
• Data Backups
• Protection Against DDoS Attacks
• Secure Coding Practices
• Restriction of file uploads
• Security monitoring and logging

We use first- and third-party cookies for several reasons. Some cookies are required for technical reasons in order for our online properties to operate, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies also enable us to track and target the interests of our users to enhance the experience on our Online Properties. Third parties serve cookies through our online properties for advertising, analytics, and other purposes. This is described in more detail below.

You have the right to decide whether to accept or reject cookies. You can exercise your cookie rights by setting your preferences in the Cookie Consent Manager. The Cookie Consent Manager allows you to select which categories of cookies you accept or reject. Essential cookies cannot be rejected as they are strictly necessary to provide you with services.

The Cookie Consent Manager can be found in the notification banner and on our online properties. If you choose to reject cookies, you may still use our online properties, though your access to some functionality and areas of our online properties may be restricted. You may also set or amend your web browser controls to accept or refuse cookies.

The specific types of first- and third-party cookies served through our online properties and the purposes they perform are described in the table below (please note that the specific cookies served may vary depending on the specific Online Properties you visit):

• Essential cookies: These cookies are strictly necessary to provide you with services available through our online properties and to use some of its features, such as access to secure areas.
• Performance and functionality cookies: These cookies are used to enhance the performance and functionality of our online properties but are non-essential to its use.
• Analytics and customization cookies: These cookies collect information that is used either in aggregate form to help us understand how our online properties are being used or how effective our marketing campaigns are, or to help us customize our online properties for you.
• Advertising cookies: These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

Cookie Name	Service	Duration	Purpose
_ga	Google Analytics	2 years	Stores a unique ID to distinguish users.
_gid	Google Analytics	24 hours	Stores a unique ID to distinguish users per session.
_gat	Google Analytics	1 min	Throttles request rate to Google servers.
_gac_<property-id>	Google Ads	90 days	Stores campaign information for Ads and Analytics integration.
_ga_<container-id>	Google Analytics 4	2 years	Used to persist session state.
IDE	Google Ads (DoubleClick)	13 months (EU) 24 months (outside EU)	Used for ad personalization and tracking.
1P_JAR	Google Ads	30 days	Stores information about ad interactions.
CONSENT	Google	2+ years	Stores the user’s consent status.
NID	Google Search/Maps	6 months	Stores user preferences and personalizes services.
ANID	Google Ads	13 months	For advertising served across the web.
DV	Google	5-10 minutes	Supports Google services and analytics.
OTZ	Google	1 month	Provides aggregate analysis of online visitors.
AEC	Google	Few hours	Ensures requests within a session are made by the user, not other sites.
woocommerce_cart_hash	WooCommerce	Session	Helps WooCommerce detect cart changes.
woocommerce_items_in_cart	WooCommerce	Session	Stores the number of items in the cart.
wp_woocommerce_session_	WooCommerce	2 days	Stores a unique code for each customer to retrieve their cart.
woocommerce_recently_viewed	WooCommerce	Session	Tracks recently viewed products.
store_notice[notice id]	WooCommerce	Session	Remembers if the user dismissed a site notice.
wordpress_logged_in_[hash]	WordPress	Session	Indicates when a user is logged in.
wordpress_sec_[hash]	WordPress	Session	Used for authentication and user session security.
wordpress_test_cookie	WordPress	Session	Tests if the browser accepts cookies.
wp-settings-{user_id}	WordPress	1 year	Stores user dashboard settings.
wp-settings-time-{user_id}	WordPress	1 year	Stores the time when wp-settings was set.
tk_ai, tk_lr, tk_or	Jetpack/Stats	Session to 1 year	Collects internal metrics on user activity.
__stripe_mid	Stripe	1 year	Prevents fraud by identifying the user across sessions.
__stripe_sid	Stripe	30 minutes	Temporary session cookie to identify the user.
{Hubspot ID}	HubSpot	6 months	Tracks leads and user behavior.
m	Stripe	2 years	Used for fraud prevention (device fingerprinting).
et_pb_ab_test_*	Divi Split Testing	Session or 30 days	Used for A/B testing feature in Divi Builder.
et_editor	Divi Builder (Admin)	Session	Stores state for Visual Builder UI (admin only).
et-pb-recent-items-fonts	Divi Builder	Session	Loads recent font choices for faster access in the builder.
et_pb_device_view	Divi Builder	Session	Remembers which device preview mode is active (admin only).
wpdm_client	WPDM	Session	Used to store a temporary session ID for the user downloading files.
wpdm_download_lock	WPDM	Session/Persistent	Stores access permission for locked files (e.g., password/ email gated).
wpdmkey_{id}	WPDM	Varies	Stores the file access key when a user unlocks a protected download.
wpdm_package_history	WPDM	Session or Persistent	Keeps track of downloaded packages for the user session or stats.
wpdm_loggedin	WPDM	Session	Confirms if a user is logged in to access restricted downloads.
wpdm_terms_agreed	WPDM	Session/Persistent	Stores agreement status to terms before download (if enabled).
hjSessionUser{site_id}	Hotjar	1 year	Stores a unique user ID. Ensures that cross visits from the same user are attributed to the same user ID.
hjSession{site_id}	Hotjar	30 minutes	Holds current session data. Ensures that requests within the session window are attributed to the same session.
_hjIncludedInPageviewSample	Hotjar	30 minutes	Determines if the user is included in the pageview sampling for site performance analytics.
_hjIncludedInSessionSample	Hotjar	30 minutes	Determines if the user is included in the session recording sample.
_hjAbsoluteSessionInProgress	Hotjar	30 minutes	Used to detect the first pageview session of a user.
_hjFirstSeen	Hotjar	Session	Identifies a new user’s first session. Used by recording filters to identify new user sessions.
_hjTLDTest	Hotjar	Session	Tests cookie functionality across different subdomain levels. Used to determine the most generic cookie path to use.
FPAU, FPGCLAW, FPGCLGB, FPGCLDC	Google Ads	90 days approx.	Enhanced conversion tracking (first-party attribution).
__Secure-3PSID	Google	2 years	Builds a profile of interests for personalized ads.
__Secure-3PAPISID	Google	2 years	Used for targeting purposes to build user profiles.
__Secure-3PSIDCC	Google	1 year	Delivers personalized ads.

Google Tag Manager (GTM)	Google	A tag management system to control multiple pixels/ tags without editing code.
Google Optimize (Deprecated)	Google	A/B testing and personalization (now merged into GA4).
YouTube Embed Pixel (via API)	Google/Youtube	Tracks video views and interactions on embedded videos.
Google Analytics for WooCommerce	WooCommerce Plugin	Adds enhanced eCommerce tracking to GA.
Jetpack Stats Pixel	WordPress/Jetpack	Tracks basic user behavior, page views, and referrals.
Stripe.js (not a pixel, but similar)	Stripe	Tracks payment sessions and detects fraud.
Stripe Radar (part of Stripe.js)	Stripe	Analyzes behavioral signals to prevent fraudulent payments.

As the means by which you can refuse cookies through your web browser controls vary from browser to browser, you should visit your browser’s help menu for more information. The following is information about how to manage cookies on the most popular browsers:

• Chrome
• Internet Explorer
• Firefox
• Safari
• Edge
• Opera
• Samsung Internet

The App collects and uses the following information:

• Device Permissions:
  • Network Information: The App accesses cellular and Wi-Fi network information to enable connectivity features
  • Local Notifications (Android): The App may display local notifications on your device
  • Screen Capture (Android): The App requests permission to capture video for the Screen Mirroring feature
  • Foreground Service (Android): The App maintains a foreground service to keep file transfers and screen mirroring active, and prevents the device from sleeping
• Analytics and Crash Reporting: We collect anonymous analytics and crash reports through Firebase Crashlytics to improve App stability and performance. This data is not linked to your identity.
• Data Storage: Data collected by the App is stored locally on your device and is only retained while the App is installed. This data is not transferred to external servers, except for analytics and crash reports.
• Embedded Site: The App displays the ULV Site, including the Store functionality. All Site data collection, cookies, and tracking technologies described in Section 6 apply when using the Site within the App. Purchases made through the Store are processed through the Site as described in this policy.

Our online properties may contain links to other websites of interest. However, once you have used these links to leave our Site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

We reserve the right to change the information, services, features, and policies at any time. We will post changes to this and any other policies on our website in writing.

Our legal basis for collecting and using your personal information will depend on the specific information concerned and the context in which we collect it. However, we will normally collect personal information from you only where:

• We have your consent to do so;
• Where we need the personal information to perform a contract with you (e.g., to deliver your vehicle); or
• Where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.

We may share your information with the following third parties:

• Service Providers: We may share your information with service providers who assist us with payment processing, data analytics, email marketing, customer support, and other essential functions. We have contracts with our service providers that require them to protect your information.
• Business Partners: We may share your information with business partners, such as financing companies, and home assistance providers, to fulfill your requests and provide you with relevant services.
• Internal Parties: We share your information with our internal team, including employees and contractors, who need access to the information to perform their job duties. All our employees and contractors are bound by confidentiality obligations.
• Legal Authorities: We may disclose your information to legal authorities if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, or protect the personal safety of users or the public.

We take reasonable measures to protect your information from unauthorized access, use, or disclosure. These measures include:

• Data Encryption: We use encryption to protect your information during transmission and storage.
• SSL Certificate: Our online properties use SSL certificates to encrypt data transmitted between your browser and our server.
• Firewall: Our online properties are protected by a robust firewall that monitors and controls network traffic, blocking unauthorized access to our systems. Our infrastructure operates within a secure private network for enhanced security.
• Access Controls: We restrict access to your information to authorized personnel only.
• NDAs: We have Non-Disclosure Agreements (NDAs) in place with our employees, contractors, and partners to protect your information.

We will retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

You have the following data protection rights:

• Access: You can request access to your personal information. We may charge you a small fee for this service, unless prohibited by law.
• Correction: You can request that we correct any inaccuracies in your personal information.
• Deletion: You can request that we delete your personal information, under certain conditions.
• Restrict Processing: You have the right to request that we restrict processing of your personal information, under certain circumstances.
• Objection: You can object to our processing of your personal information under certain conditions.
• Objection: You can object to our processing of your personal information under certain conditions.
• Port Data: You may request that we transfer your personal information to another organization, or directly to you, under certain circumstances.If you make a request, we have one month to respond to you. To exercise any of these rights, please contact us using the contact details provided below.

If you make a request, we have one month to respond to you. To exercise any of these rights, please contact us using the contact details provided below.

In the event of a data breach, we will notify you and the relevant authorities as required by applicable law.

We do not knowingly collect personal information from children under the age of 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on the Site and by sending you an email notification (if you have subscribed to our email list).

If you have any questions about this Privacy Policy, please contact us.

• Claims: claims@driveulv.com
• Resolution: resolution@driveulv.com
• Support: support@driveulv.com
• Purchasing: purchasing@driveulv.com
• Trademark: trademark@driveulv.com

• General inquiries: www.driveulv.com/contact
• Opt-Out request and Data inquiries: www.driveulv.com/data-support