top of page

Privacy Policy

 

Last modified: June 2, 2023
 

Introduction

Pencilwrench, LLC (“Pencilwrench,” “Company,” “we,” “our,” or “us”) is a wholly owned subsidiary of StoneEagle F&I, Inc. We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy.


This Policy describes the types of information we may collect from you or that you may provide when you visit www.pencilwrench.com (the “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Policy applies to information we collect:

  • On this Website

  • On our associate web-based applications and software platforms
     

This Policy does not apply to information collected by us offline or through other means, or by any third party (including our affiliates and subsidiaries), through any application or content that may link to or be accessible from this Website.


Please read this Policy carefully. If you do not agree with our policies and practices, your choice is to not use our Website. By accessing or using this Website, you agree to this Privacy Policy. Please read this Policy carefully. If you do not agree with our policies and practices, your choice is to not use our Website. By accessing or using this Website, you agree to this Privacy Policy. We will notify you of material changes by updating the “Last Modified” date above and may, at our discretion, provide additional notice for significant changes by posting a notice on the Website. Your continued use of the Website after we post changes constitutes your acceptance of those changes. Please review this Policy periodically. Please review this Policy periodically.

 

1. Children Under the Age of 18

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Website, register on the Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any username.

 

If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at legal@se-fi.com.

California residents under 18 years of age may have additional rights regarding the collection and sale of their personal information. Please see Section 8 (State Privacy Rights) for more information.
 

2. Information We Collect About You

A. Information You Provide to Us
The information we collect on or through our Website may include:

  • By which you may be personally identified, such as name, postal address, email address, telephone number and any other identifier by which you may be contacted online or offline (“personal information“);

  • About your internet connection, IP address, the equipment you use to access our Website, and usage details.
     

We collect this information:

  • Information you provide by filling in forms on our Website, including at the time of registering to use our Website, requesting a demo or test drive, subscribing to our service, or requesting further information or services

  • Records and copies of your correspondence (including email addresses) if you contact us

  • Your responses to surveys that we may ask you to complete for research purposes

  • Details of transactions you carry out through our Website and fulfillment of orders, including financial information where required

  • Your search queries on the Website

B. Information We Collect Automatically

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and usage patterns, including:

  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources you access

  • Information about your computer and internet connection, including your IP address, operating system, and browser type

  • Information about your login status

We may use this information to:

  • Estimate our audience size and usage patterns

  • Store information about your preferences and customize our Website to your interests

  • Speed up your searches

  • Recognize you when you return to our Website

C. Technologies Used for Automatic Data Collection

Cookies

A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting in your browser. However, if you do so, you may be unable to access certain parts of our Website. Unless you have adjusted your browser settings to refuse cookies, our system will issue cookies when you direct your browser to our Website. We use:

  • Essential/functional cookies: necessary for the Website to operate (e.g., session management)

  • Analytics cookies: to understand how visitors use the Website (see Section 3 below)

  • Advertising/targeting cookies: placed by third-party advertising networks to serve relevant advertisements based on inferred interests

Web Beacons

Pages of our Website may contain small electronic files known as web beacons (also referred to as clear GIFs, pixel tags, and single-pixel GIFs) that permit us to count users who have visited those pages and gather other related Website statistics.

Global Privacy Control (GPC)

We recognize and honor Global Privacy Control (GPC) browser signals as a valid opt-out of the sale or sharing of personal information for cross-context behavioral advertising, consistent with the California Privacy Rights Act (CPRA). If your browser transmits a GPC signal, we will treat it as a request to opt out of sharing your personal information for targeted advertising purposes.

3. Third-Party Service Providers

​We have engaged the following third-party service providers in connection with Website and platform operations. Each is bound by contractual obligations governing their use of personal information. However, we are not responsible for the privacy or security practices of these third-party providers, and we encourage you to review their respective privacy policies:

Wix.com

Our Website is hosted and served through Wix.com Ltd. (“Wix”), a cloud-based website development and hosting platform. Wix collects and processes Website visitor data (including IP addresses, device data, and session information) as a data processor on our behalf, subject to Wix’s Data Processing Addendum and Privacy Policy (available at wix.com/about/privacy).

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (“Google”), to collect information about how users access and use the Website. Google Analytics uses cookies and similar technologies to collect data such as pages viewed, time on site, traffic sources, and demographic information. You may opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-On at tools.google.com/dlpage/gaoptout.

Pendo

We use Pendo, a product analytics and user engagement platform provided by Pendo.io, Inc. (“Pendo”), on our web-based platforms. Pendo collects information about how users navigate and interact with our software interfaces, including pages and features visited, click patterns, session duration, and in-application behavior. This information is used to improve product usability, prioritize feature development, and deliver in-application guidance. Pendo may use cookies and similar technologies in connection with data collection. For more information, see Pendo’s Privacy Policy at www.pendo.io/legal/privacy-policy.

Third-Party Advertising Networks

We may work with third-party online advertising companies that collect information about your browsing activity on our Website and elsewhere to serve targeted advertisements. These companies may use cookies, web beacons, and similar technologies to collect data. California residents may opt out of sharing for cross-context behavioral advertising as described in Section 8.

4. How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

  • To present our Website and its contents to you

  • To provide you with information, products, or services that you request from us

  • To fulfill any other purpose for which you provide it

  • To provide you with notices about your account, including expiration and renewal notices

  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection

  • To notify you about changes to our Website or any products or services we offer

  • To allow you to participate in interactive features on our Website

  • For product analytics and improvement through Pendo and similar tools

  • In any other way we may describe when you provide the information

  • For any other purpose with your consent

5. Disclosure of Your Information

We may disclose aggregated information about our users and information that does not identify any individual without restriction.

 

We may disclose personal information that we collect or that you provide as described in this Policy:

  • To our parent company StoneEagle F&I, Inc. and its other subsidiaries and affiliates

  • To contractors, service providers, and other third parties we use to support our business (including those identified in Section 3), who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them

  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceeding

  • To fulfill the purpose for which you provide it

  • For any other purpose disclosed by us when you provide the information

  • With your consent

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request

  • To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of our company, our customers, or others

We do not sell personal information to third parties for their own marketing or commercial purposes. However, certain third-party advertising cookies on our Website may constitute “sharing” for cross-context behavioral advertising under California law. Please see Section 8(A) for your opt-out rights.

6. Data Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Policy, to comply with applicable legal obligations, to resolve disputes, and to enforce our agreements. The following are general guidelines for typical retention periods, which may vary based on specific circumstances, legal requirements, or legitimate business needs:

  • Contact and lead/demo request data: up to 3 years from last contact, or until you request deletion

  • Account and customer data: for the duration of the active customer relationship and for up to 7 years thereafter to satisfy legal and contractual obligations

  • Google Analytics data: governed by our Google Analytics data retention settings (default 26 months)

  • Pendo session data: as configured in our Pendo account (generally up to 24 months)

  • Cookie data: session cookies expire when you close your browser; persistent cookies expire per the applicable retention period set at deployment

 

When we no longer need personal information, we take reasonable steps to securely delete or de-identify it.

7. Data Security

We have implemented commercially reasonable measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. These include computer safeguards, secured files and facilities, access controls, and encryption of sensitive data in transit.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping that password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we use commercially reasonable measures to protect your personal information, we cannot guarantee the security of personal information you transmit to or through our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures on the Website, nor for any unauthorized access, hacking, data loss, or other breach of security that is beyond our reasonable control.

8. Your State Privacy Rights

A. California Residents (CCPA / CPRA)

Categories of Personal Information Collected

For California residents, we collect the following categories of personal information as defined under the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”):

  • Identifiers: name, postal address, email address, IP address, phone number

  • Protected classifications: age/date of birth, gender (where collected through our platforms)

  • Commercial information: vehicle service and repair transaction data processed through our platforms

  • Internet/network activity: browsing history on our Website, interaction with Website features

  • Inferences: information derived from the above to create a consumer profile for advertising purposes (Website visitors only)

Do Not Sell or Share My Personal Information

Pencilwrench does not sell personal information to third parties for monetary consideration. However, certain third-party advertising cookies on our Website may constitute “sharing” for cross-context behavioral advertising under the CPRA. California residents have the right to opt out of such sharing.

To opt out of the sale or sharing of your personal information for targeted advertising, you may:

  • Email us at legal@se-fi.com with the subject line “California Opt-Out – Do Not Sell or Share”

  • Use a Global Privacy Control (GPC)-enabled browser, which we will honor as described in Section 2(C)

  • Use the Digital Advertising Alliance opt-out tool at www.aboutads.info

California Consumer Rights

Subject to applicable exceptions, California residents have the following rights:

  • Right to Know/Access: Up to twice per year, you may request that we disclose the categories and specific pieces of personal information we have collected about you in the prior 12 months, including the categories of sources, the business or commercial purpose, and the categories of third parties with whom we share it.

  • Right to Delete: You may request deletion of personal information we have collected from you, subject to applicable exceptions.

  • Right to Correct: You may request correction of inaccurate personal information we maintain about you.

  • Right to Opt Out of Sale or Sharing: As described above.

  • Right to Limit Use of Sensitive Personal Information: Where we collect sensitive personal information as defined under CPRA, you may request that we limit its use to purposes permitted by law.

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

 

To submit a California privacy rights request, please email legal@se-fi.com or call (855) 937-8729. We will respond within 45 days of receipt of a verifiable consumer request (extendable by an additional 45 days with prior notice).

Global Privacy Control

We recognize and process GPC signals received from your browser as a valid opt-out of sale or sharing of personal information for cross-context behavioral advertising, consistent with CPRA regulations.

 

“Shine the Light” Law

California Civil Code § 1798.83 permits California residents to request information about personal information shared with third parties for their direct marketing purposes during the prior calendar year. To submit such a request, contact us at legal@se-fi.com.

B. Texas Residents (Texas Data Privacy and Security Act — TDPSA)

Effective July 1, 2024, the Texas Data Privacy and Security Act (TDPSA) provides Texas residents with certain rights regarding their personal data. Subject to applicable exceptions, Texas residents have the right to:

  • Confirm whether we process their personal data and access that data

  • Correct inaccuracies in their personal data

  • Delete personal data provided by or obtained about the consumer

  • Obtain a portable copy of their personal data in a readily usable format

  • Opt out of the processing of personal data for purposes of: (i) targeted advertising; (ii) sale of personal data; or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects

 

To exercise your TDPSA rights, please email legal@se-fi.com with the subject line “Texas Privacy Rights Request.” We will respond within 45 days (extendable by 45 days with notice). If we decline your request, you may appeal by re-contacting us with the subject line “Texas Privacy Rights Appeal.”

C. Colorado, Connecticut, Virginia, and Utah Residents

Residents of Colorado, Connecticut, Virginia, and Utah have the right to:

  • Confirm whether we process their personal data and access that data

  • Delete certain personal data

  • Obtain a portable copy of personal data in a usable format

  • Opt out of personal data processing for purposes of targeted advertising, sale of personal data, or profiling

 

Colorado, Connecticut, and Virginia residents also have the right to correct inaccurate personal data and to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise these rights, please contact us at legal@se-fi.com. We will respond within the timeframe required by your state’s applicable law.

D. Other State Residents

Additional state privacy laws may apply to residents of other states. We are committed to complying with applicable privacy law and will make good-faith efforts to respond to verified privacy requests submitted to legal@se-fi.com, to the extent required by applicable law.

9. Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us:

  • Tracking Technologies and Advertising: You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To opt out of interest-based advertising, visit the Digital Advertising Alliance at www.aboutads.info or the Network Advertising Initiative at www.networkadvertising.org.

  • California, Texas, and other state residents may exercise additional opt-out rights as described in Section 8 above.

  • Google Analytics: You may opt out via the Google Analytics Opt-Out Browser Add-On at tools.google.com/dlpage/gaoptout.

  • GPC: We honor GPC signals as a valid opt-out of sale/sharing for targeted advertising purposes.

10. Changes to Our Privacy Policy

It is our policy to post any material changes we make to our Privacy Policy on this page and update the “Last Modified” date. For significant changes, we may, at our discretion, provide additional notice through means such as a prominent notice on the Website. You are responsible for periodically visiting our Website and this Privacy Policy to check for any changes.

11. Contact Information

To ask questions, comment about this Privacy Policy, or exercise any of the privacy rights described herein, please contact us at:

Pencilwrench, LLC

(A subsidiary of StoneEagle F&I, Inc.)

Attn: Legal Department — Privacy

3400 North Central Expressway, Suite 110

Richardson, Texas 75080

legal@se-fi.com

Tel: (855) 937-8729

Requests submitted by email should include “Pencilwrench Privacy Request” in the subject line and specify the nature of your request and the state in which you reside. We may need to verify your identity before processing your request.

bottom of page