Privacy Policy

Data Controller
Data We Collect
How We Use Data
Legal Basis
Data Sharing
Cookies
Data Retention
Your Rights
Data Security
International Transfers
Children's Privacy
Policy Changes
Contact Us

1. Data Controller

Autotargy ("we", "us", "our") is the data controller responsible for your personal data. We are committed to processing your data fairly, lawfully, and transparently.

Company: Autotargy

Website: autotargy.com

Data Protection Contact: privacy@autotargy.com

2. Data We Collect

2.1 Information You Provide

Data Type	Examples	Purpose
Account Information	Email, name, password (hashed)	Account creation and authentication
Car Listing URLs	Links to third-party car ads	Performing AI analysis
Payment Information	Processed by payment provider	Credit purchases
Communications	Support emails, feedback	Customer support
Language Preference	Selected language	UI personalization

2.2 Information Collected Automatically

Data Type	Examples	Purpose
Device Information	Browser type, OS, device type	Service optimization
Usage Data	Pages visited, features used	Service improvement
IP Address	Your IP address	Security, geolocation for language
Cookies	Session, preferences	Authentication, personalization
Log Data	Timestamps, request data	Security, debugging

2.3 Information We Do NOT Collect

Credit card numbers (handled entirely by payment processor)
Government-issued ID numbers
Biometric data
Health or genetic information
Religious, political, or philosophical beliefs
Trade union membership

3. How We Use Your Data

We use your personal data for the following purposes:

3.1 Service Delivery

Creating and managing your account
Performing AI analysis of car listings you submit
Processing credit purchases and managing your balance
Delivering analysis results and reports
Providing customer support

3.2 Service Improvement

Improving our AI algorithms and analysis accuracy
Understanding how users interact with our service
Identifying and fixing bugs or issues
Developing new features

3.3 Communications

Sending transactional emails (analysis complete, purchase confirmation)
Responding to your inquiries and support requests
Sending important service announcements
Marketing communications (only with your consent)

3.4 Security and Legal

Protecting against fraud and unauthorized access
Complying with legal obligations
Enforcing our Terms of Service
Responding to legal requests from authorities

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

Legal Basis	Processing Activities
Contract Performance	Account management, service delivery, payment processing
Legitimate Interests	Service improvement, security, fraud prevention, analytics
Consent	Marketing communications, non-essential cookies
Legal Obligation	Tax records, responding to legal requests

5.1 We May Share Data With:

Payment Processors

We use third-party payment processors (such as Lemon Squeezy, Stripe) to handle payments. They receive only the data necessary to process transactions. We never see or store your full credit card number.

Hosting Providers

Our servers are hosted by professional cloud providers who may process data on our behalf under strict data protection agreements.

Analytics Providers

We may use analytics services to understand usage patterns. This data is typically anonymized or aggregated.

Error Tracking

We use error tracking services (such as Sentry) to identify and fix bugs. These may receive limited technical data.

5.2 We Do NOT:

Sell your personal data to third parties
Share data for advertising purposes without consent
Provide data to data brokers or marketing companies
Share identifiable data with car sellers or marketplaces

5.3 Legal Disclosure

We may disclose your data if required by law, court order, or to protect our rights, safety, or property.

6. Cookies and Tracking Technologies

6.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential	Authentication, session management, security	Session / 30 days
Functional	Language preference, user settings	1 year
Analytics	Usage statistics, performance monitoring	2 years

6.2 Managing Cookies

You can control cookies through your browser settings:

Most browsers allow you to refuse or delete cookies
Disabling essential cookies may prevent the service from functioning properly
You can opt out of analytics cookies without affecting core functionality

7. Data Retention

We retain your data only as long as necessary for the purposes outlined in this policy:

Data Type	Retention Period
Account data	Until account deletion + 30 days
Car analyses	2 years from creation
Transaction records	7 years (legal requirement)
Support communications	3 years after resolution
Server logs	90 days
Analytics data	26 months (anonymized)

8. Your Rights Under GDPR

If you are in the European Economic Area (EEA), you have the following rights:

Right to Access

Request a copy of your personal data

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your data ("right to be forgotten")

Right to Restriction

Limit how we process your data

Right to Portability

Receive your data in a portable format

Right to Object

Object to certain processing activities

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@autotargy.com. We will respond within 30 days. We may need to verify your identity before processing your request.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated. In Romania, this is the National Supervisory Authority for Personal Data Processing (ANSPDCP).

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Encryption

HTTPS/TLS encryption for all data in transit; passwords are hashed using bcrypt

Access Control

Strict access controls; only authorized personnel can access personal data

Security Monitoring

Continuous monitoring for security threats; regular security updates

Backups

Regular encrypted backups to prevent data loss

Note: While we implement strong security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs) approved by the European Commission
Transfers to countries with adequacy decisions
Binding Corporate Rules where applicable

11. Children's Privacy

Our Service is not directed to children under 18 years of age. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at privacy@autotargy.com.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new Privacy Policy on this page
Updating the "Last updated" date
Sending an email notification for significant changes

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

For any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer: privacy@autotargy.com

General Inquiries: support@autotargy.com

Website: https://autotargy.com

Privacy Summary

We collect only data necessary to provide our service
We do NOT sell your personal data
We use encryption and security best practices
You have full control over your data (GDPR rights)
You can request data deletion at any time

GDPR Compliant

Contents