Blitz T Club BlitzVolt

Privacy Policy

Privacy Policy & Full Disclosure

Last Updated: May 19, 2026

Blitz T Club ("we", "us", or "our") operates the BlitzVolt platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service. This policy is compliant with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.

Our Commitment: We believe in radical transparency. This policy discloses every type of data we collect, exactly how we use it, who we share it with, and how long we keep it. If you have any questions after reading this, contact us at privacy@blitztclub.com.

1.0 Data Controller

The data controller responsible for your personal information is:

Blitz T Club
EntityBlitz T Club
JurisdictionOntario, Canada
Privacy Officerprivacy@blitztclub.com
General Inquiriesinfo@blitztclub.com

As the data controller, we determine the purposes and means of processing your personal information and are responsible for ensuring compliance with PIPEDA.

2.0 Information We Collect

We collect the following categories of personal information to operate the BlitzVolt platform:

2.1 Account Information

  • Full legal name
  • Email address
  • Province of residence
  • Account creation date

2.2 Tesla API Tokens & Vehicle Data

  • OAuth Tokens: Encrypted Tesla Fleet API access tokens and refresh tokens, stored using AES-256-GCM encryption.
  • Vehicle Identification Number (VIN): Used to verify vehicle ownership and attribute charging sessions to your account.
  • Charging Data: Energy delivered (kWh), charging start and end timestamps, session duration, and charging power levels.
  • GPS Coordinates: Location data recorded during charging sessions for geofence verification of home charging.

2.3 Home Geofence Data

  • Home address or manually set GPS coordinates.
  • Geofence radius configuration for charging session verification.

2.4 Financial Transaction Data

  • Reward accumulation history (kWh credits, CAD balances).
  • Withdrawal requests and Interac e-Transfer transaction records.
  • Referral bonus payments received.
  • Interac e-Transfer email address for payout delivery.

2.5 Referral Data

  • Unique referral code generated for your account.
  • Referral relationships (who referred you, who you referred).
  • Referral qualification status and progress toward thresholds.

2.6 Device & Usage Information

  • Browser type and version, operating system.
  • Device identifiers for session management.
  • IP addresses for security and fraud prevention.
  • App usage patterns and interaction data.

3.0 How We Use Your Data

We use your personal information for the following specific, identified purposes:

  • Reward Calculation: To calculate and credit your account with points based on verified home charging sessions at the applicable rate (4 points per kWh).
  • Geofence Verification: To verify that charging sessions occur at your registered home location using GPS coordinate matching and the Haversine formula.
  • CFR Carbon Credit Aggregation: To aggregate verified charging data for the purpose of generating carbon credits under Canada's Clean Fuel Regulations (CFR), which funds the rewards program.
  • Fraud Prevention: To detect and prevent fraudulent activity, including anomalous charging patterns, duplicate accounts, and referral program abuse.
  • Service Improvement: To analyze usage patterns and improve the platform experience, performance, and reliability.
  • Communication: To send service-related notifications, reward updates, and important account information.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4.0 Data Sharing

We do not sell your personal information. We share data only with the following categories of service providers and as required by law:

  • Supabase (Data Processor): Our primary database and backend infrastructure provider. All data at rest is encrypted and protected by Row Level Security (RLS) policies. Supabase acts as a data processor under our instructions and is contractually bound to protect your data.
  • Tesla Fleet API: We send API requests to Tesla's servers to retrieve your charging data as authorized by your OAuth consent. Tesla's own privacy policy applies to data on their platform.
  • Interac e-Transfer Processor: We share your Interac e-Transfer email address and payment amount with our payment processor to facilitate withdrawals. No banking credentials or account numbers are shared with us or stored.
  • Legal Requirements: We may disclose information when required by law, regulation, legal process, or governmental request, including to comply with CRA reporting obligations and law enforcement requests.

5.0 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy:

Retention Schedule
Account DataDuration of active account
Charging Session Data7 years (CFR compliance)
Tesla OAuth TokensDeleted on disconnect
Financial Transaction Records7 years (tax compliance)
Referral DataDuration of active account
Device/Usage Logs90 days

When data reaches the end of its retention period, it is securely deleted or anonymized so it can no longer be associated with you.

6.0 Security Measures

We implement industry-leading security measures to protect your personal information:

  • AES-256-GCM Encryption: All Tesla API tokens and sensitive credentials are encrypted at rest using AES-256-GCM, an authenticated encryption algorithm providing both confidentiality and integrity guarantees.
  • TLS Encryption: All data in transit between your device and our servers is encrypted using Transport Layer Security (TLS 1.2+).
  • Row Level Security (RLS): Our Supabase database enforces Row Level Security policies, ensuring that each user can only access their own data.
  • OAuth 2.0 PKCE: Your Tesla connection uses the PKCE extension to OAuth 2.0, ensuring your Tesla credentials are never exposed to our platform.
  • Access Controls: Internal access to personal data is strictly limited to authorized personnel on a need-to-know basis.

Disclaimer: While we implement robust security measures, no system is completely secure. We cannot guarantee the absolute security of your data. We encourage you to use strong, unique passwords and to protect your account credentials.

7.0 Your Rights Under PIPEDA

Under PIPEDA, you have the following rights regarding your personal information:

  • Right of Access: You may request a copy of all personal information we hold about you. We will provide this within 30 days of receiving a verified request.
  • Right to Correct: You may request correction of any inaccurate or incomplete personal information. You can update most account details directly in the app.
  • Right to Withdraw Consent: You may withdraw your consent for data collection at any time by disconnecting your Tesla account and/or deleting your BlitzVolt account. Note that withdrawal of consent may affect your ability to use the Service.
  • Right to Data Portability: You may request an export of your data in a structured, commonly used, machine-readable format (such as JSON or CSV).
  • Right to Delete: You may request the deletion of your personal information, subject to legal retention requirements (e.g., charging data retained for 7 years for CFR compliance).

To exercise any of these rights, please contact our Privacy Officer at privacy@blitztclub.com. We will respond to all requests within 30 days.

8.0 Cookies & Tracking

BlitzVolt uses minimal cookies and tracking technologies:

  • Essential Cookies: We use cookies necessary for authentication, session management, and security (e.g., CSRF protection). These cannot be disabled.
  • No Third-Party Analytics: We do not use Google Analytics, Facebook Pixel, or any third-party advertising tracking scripts.
  • No Advertising Cookies: We do not serve ads or use advertising cookies of any kind.

If we introduce additional tracking technologies in the future, we will update this policy and provide appropriate notice and consent mechanisms.

9.0 Third-Party Links

The BlitzVolt platform may contain links to third-party websites or services, including Tesla's website and Interac's services. This Privacy Policy does not apply to third-party sites.

We are not responsible for the privacy practices of third-party services. We encourage you to read the privacy policies of any third-party services you access through our platform. Your interactions with third-party websites are governed solely by their respective terms and policies.

10.0 Children's Privacy

BlitzVolt is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

If we become aware that we have collected personal information from a person under 18 without verification of parental consent, we will take steps to delete that information promptly. If you believe a minor has provided us with personal information, please contact us at privacy@blitztclub.com.

11.0 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy.
  • Notify you via email and/or in-app notification at least 30 days before changes take effect.
  • Provide an opportunity for you to review the changes and, if you disagree, to delete your account and data.

Continued use of the Service after the effective date of any changes constitutes acceptance of the revised Privacy Policy.

12.0 Contact

For privacy-related questions, data access requests, or to exercise any of your rights under PIPEDA, please contact our Privacy Officer:

Privacy Officer — Blitz T Club
Privacy Inquiriesprivacy@blitztclub.com
General Supportinfo@blitztclub.com
JurisdictionOntario, Canada

If you are not satisfied with our response to a privacy concern, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.

🏠HomeCharging📊Stats🎁Rewards👥Referrals