CDL-ANTISCAM

Privacy Policy

Last updated: June 2026

This Privacy Policy explains how CDL AntiScam ("we", "us") collects, uses, and protects your personal information when you use our website and services.

1. Who we are

CDL AntiScam is a community platform for professional reviews about freight brokers and CDL drivers in the trucking industry.

This policy applies to visitors and registered users of cdl-antiscam.com and related services.

2. Information we collect

Account data: email address, name (first and last), username, and password hash when you register or sign in with email.

Profile and content: reviews you submit, ratings, photos attached to reviews, and broker or driver identifiers you provide (such as MC# or US DOT#).

MVR uploads: if you use MVR-related features, we may process driving record documents and related metadata you submit.

Technical data: basic logs needed to operate and secure the service (for example, IP address and browser type in server logs).

3. Sign in with Google

When you choose "Continue with Google", you are redirected to Google's sign-in flow. Google acts as an independent service provider for that step; Google's use of your data is governed by Google's Privacy Policy.

On our website we use Google Sign-In (Google Identity Services). After you authorize access, Google provides us a secure ID token. Our server verifies this token directly with Google.

From Google we receive and use the following data to create or sign you into your CDL AntiScam account:

• Email address — required. Used as your unique account identifier and for support communication. If Google does not provide a verified email, sign-in may fail.

• First name (given name) — stored in your profile when available.

• Last name (family name) — stored in your profile when available.

• Display name — used as your username on the platform when provided; otherwise we use your first name or email.

We do not request or store your Google password, Google account ID, profile photo, contacts, calendar, Drive files, or other Google account data beyond what is listed above.

The Google ID token is used only to complete sign-in. We do not permanently store Google OAuth or ID tokens after authentication finishes.

If an account with the same email already exists (for example, from email registration or Facebook sign-in), we link the sign-in to that existing account instead of creating a duplicate.

4. Sign in with Facebook

When you choose "Continue with Facebook", Facebook's login dialog opens. Facebook acts as an independent service provider for that step; Facebook's use of your data is governed by Meta's Privacy Policy.

We request the email permission (scope: email) so we can identify your account. After you authorize access, Facebook provides us a short-lived access token. Our server uses it once to call the Facebook Graph API and verify your identity.

From Facebook we request the fields: id, name, email, first_name, and last_name. We receive and use the following for your CDL AntiScam account:

• Email address — required. Used as your unique account identifier. If your Facebook account has no email or you do not grant email permission, sign-in will not complete.

• First name (first_name) — stored in your profile when available.

• Last name (last_name) — stored in your profile when available.

• Full name (name) — used as your username on the platform when available; otherwise we use your email.

We do not permanently store your Facebook user ID (id), Facebook access tokens, friends list, posts, photos, Messenger data, or other Facebook profile data beyond the fields listed above.

The Facebook access token is used only during sign-in verification and is not kept after authentication completes.

If an account with the same email already exists (for example, from email registration or Google sign-in), we link the sign-in to that existing account instead of creating a duplicate.

5. Bot protection (Cloudflare Turnstile)

We use Cloudflare Turnstile on registration and sign-in to reduce automated abuse. Turnstile may process technical signals in your browser according to Cloudflare's privacy policy.

We receive a verification result from our servers; we do not use Turnstile for advertising profiling.

6. How we use your information

To create and manage your account, authenticate you, and provide platform features.

To display, store, and moderate reviews and related content according to our Terms and Conditions.

To protect the service, prevent fraud and abuse, and respond to support requests.

To comply with legal obligations when required.

7. What is public vs private

Reviews and ratings you publish are generally visible to other users and may appear in search results on the site.

Your email address, password, and account security data are not displayed publicly.

On reviews and ratings, only your chosen username is displayed publicly. If you have not set a username, your reviews appear as 'Member'.

Do not include sensitive personal data of others in public reviews unless you have a legitimate reason and comply with applicable law.

8. Storage and third parties

Data is hosted on infrastructure we use to run the website and API (hosting and database providers).

OAuth sign-in involves Facebook and/or Google as independent controllers for the login step.

We do not sell your personal information. We share data only with service providers needed to operate the platform or when required by law.

9. Your rights and data deletion

You may request access, correction, or deletion of your personal data subject to applicable law and our legitimate needs (for example, fraud prevention or legal retention).

To delete your account and associated personal data, follow the instructions on our Data Deletion page.

Data deletion instructions

10. Changes and contact

We may update this Privacy Policy from time to time. The "Last updated" date at the top will change when we do.

Questions about privacy: contact us at support@cdl-antiscam.com.