Privacy Policy

Modlist is operated by MB Karolo. This Privacy Policy explains how the Modlist Operator handles personal data connected to Modlist.

We handle account and setup data such as username, email, optional profile details, login identity data, contact details you provide, and security information needed to run your account.

We handle User Content such as car details, photos, build specs, mods, threads, comments, profile details, and event application material you add to Modlist.

We handle first-party Usage Events for product operation, diagnostics, aggregate product insight, abuse prevention, and aggregate car-page reach metrics showing how often public car pages are viewed.

Some content is intentionally public because Modlist is a public car-profile and community service. Public examples include username, public profile details, avatar, public cars, specs, photos, mods, published threads and comments, visible likes and follows where exposed, public event pages, and organizer names.

Private or limited data includes email, phone, login or Google identity data, private cars, internal moderation data, admin/debug data, and security data.

Your event application details are visible to the organizer, reviewers, and applicant for event management. Organizers and reviewers must use that information only for event management.

Modlist uses no ads, ad tracking, cross-site tracking, or third-party ad pixels. We do not build advertising profiles from your activity.

If product analytics tooling is added later, it requires a deliberate privacy update and configuration that avoids ad tracking.

At launch, Modlist uses necessary cookies and similar storage for login, security, preferences, uploads, and app functionality. We do not use non-essential advertising cookies.

Modlist sends transactional and service emails only, such as account and security emails, event application confirmations or results, organizer/reviewer notifications, important legal or service notices, and support replies.

Organizer-customized event messages are service and event communications. They must not become unrelated marketing blasts. Marketing newsletters require a separate opt-in if added later.

We use service providers and categories needed to operate Modlist, including hosting, database, storage, and image processing providers, Google sign-in, and transactional email providers.

Modlist is operated from Lithuania and the EU. We aim to store production app, database, and upload data in EU-region infrastructure where practical, but we do not promise that all data never leaves the EU.

We keep data for as long as needed to provide Modlist, maintain security, prevent abuse, support event records, resolve disputes, comply with law, and run ordinary business records.

You can request deletion through support@modl.st. We will provide deletion or anonymization of personal data where practical, except where retention is needed for legal, security, accounting, abuse-prevention, event-record, or dispute reasons.

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a copy of personal data connected to you. Send requests to support@modl.st.

We may need to verify your identity before acting on a request, especially for account, security, deletion, or event-related data.

MB Karolo uses reasonable technical and organizational security measures to protect Modlist and personal data, but no online service can guarantee perfect security.

Send privacy, legal, support, moderation, data, IP complaint, and security requests to support@modl.st.