Back to GarageIQ

Privacy Policy

Last updated: 20 April 2026

1. Introduction

GarageIQ is a UK-based AI diagnostic service for automotive garages. This policy explains what data we collect, how we use it, and the rights you have under UK GDPR. If you have questions, contact us at hello@getgarageiq.com.

2. Data We Collect

• Account data: email address, garage name, labour rate, VAT status.
• Usage data: diagnostic queries, vehicle registrations looked up, fix outcomes you confirm.
• Payment data: handled by Stripe. We do not store card details on our servers.
• Device data: session tokens and basic device information used for login security.

3. How We Use Your Data

• To provide the diagnostic service.
• To improve AI accuracy over time using anonymised fix outcomes.
• To send service emails such as trial expiry and password reset messages.
• To prevent fraud and abuse of the service.

4. Data Sharing

We share limited data with trusted providers who help run the service:

• DVLA Vehicle Enquiry Service API for vehicle registration lookups.
• MOT History API (DVSA) for MOT records.
• Anthropic for AI processing. Queries are processed but not stored by Anthropic.
• Stripe for payment processing.
• Supabase for hosting and database services.

We do not sell your data to third parties.

5. Cookies

• Essential session cookies that keep you logged in and the service working.
• Analytics cookies, used only if you give consent via the cookie banner.

6. Your Rights Under UK GDPR

• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion of your data.
• Receive a copy of your data in a portable format.
• Withdraw consent for any processing based on consent.
• Complain to the Information Commissioner's Office (ICO) at ico.org.uk.

7. Data Retention

• Active accounts: data is retained while your subscription is active.
• Deleted accounts: personal data is removed within 30 days of account deletion.
• Anonymised fix outcome data is retained indefinitely for AI training purposes.

8. Security

• All data is encrypted in transit using HTTPS.
• Database access is restricted using Row Level Security (RLS) policies.
• Passwords are hashed, never stored in plain text.
• Sessions are isolated per user, with one active session per user at a time.

9. Children

GarageIQ is a professional tool for qualified automotive technicians. The service is not intended for anyone under the age of 18.

10. International Transfers

Your data is stored in the EU (Supabase eu-west-1). Some processing takes place in the United States via Anthropic. These transfers are covered by Standard Contractual Clauses approved by the UK government.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by email or through the service. Continued use after changes means you accept the updated policy.

12. Contact

For questions about this privacy policy or to exercise your rights, contact us at hello@getgarageiq.com.