Privacy Policy

1. Business-to-Business Context

The Platform is designed for use by businesses, including automotive service providers and similar commercial entities. The Platform is not intended for personal, household, or consumer use.

In most cases, the Company processes information on behalf of business customers that use the Platform. Those business customers determine how and why personal information relating to their customers, leads, or contacts is collected and used. In such circumstances, the Company acts as a service provider or data processor, while the business customer acts as the data controller.

This distinction is important for understanding rights, responsibilities, and how data-related requests are handled.

2. Roles of the Company and Business Users

Depending on the context, the Company may act in one of two roles:

As a data controller, when the Company collects and processes information directly from business users, such as account registration details, authorized user information, or support communications.

As a data processor or service provider, when the Company processes information uploaded, stored, or managed by business users through the Platform, including information relating to their customers or contacts.

When acting as a data processor or service provider, the Company processes information solely in accordance with the instructions of the business user and for the purpose of providing and improving the Platform. The Company does not independently determine the purposes for which such information is used.

Business users are responsible for providing appropriate notices to individuals whose information they collect and for ensuring that such collection and use complies with applicable laws.

3. Geographic Applicability and Legal Framework

The Company operates in the United States and provides the Platform to business users across multiple states. This Privacy Policy is designed to align with applicable U.S. federal and state privacy laws, including state-level privacy frameworks where applicable.

Certain rights and obligations described in this Privacy Policy may apply only to residents of specific states or in specific circumstances. Where required by law, the Company will honor applicable privacy rights in accordance with relevant statutes and regulations.

This Privacy Policy does not address international data transfer frameworks or non-U.S. privacy regimes unless explicitly stated.

4. Information Covered by This Privacy Policy

For purposes of this Privacy Policy, "personal information" generally means information that identifies, relates to, describes, or could reasonably be linked to an identifiable individual. This may include information relating to business users, their authorized personnel, or individuals whose data is processed through the Platform.

5. Updates to This Privacy Policy

The Company may update this Privacy Policy from time to time to reflect changes in legal requirements, data practices, or the Platform. When updates are made, the "Last Updated" date will be revised accordingly.

Where required by law, the Company will provide notice of material changes. Continued use of the Platform after an updated Privacy Policy becomes effective constitutes acknowledgment of the updated policy.

6. Information Collected from Business Users

When a business creates an account on the Platform, the Company collects information necessary to establish, maintain, and secure that account. This may include business name, contact information, email address, phone number, user credentials, and information relating to authorized users who are granted access to the Platform. Such information is used for account administration, authentication, customer support, billing coordination, system security, and communication related to the operation of the Platform.

The Company may also collect information provided through support requests, feedback submissions, onboarding processes, or other direct interactions. This information is used to respond to inquiries, improve the Platform, and maintain service quality. The Company does not collect personal information beyond what is reasonably necessary to provide the Platform and related support services.

7. Customer and Contact Data Uploaded by Business Users

Business users may upload, import, or otherwise submit information relating to their own customers, leads, contacts, or other third parties for the purpose of using Platform features. This information may include names, email addresses, phone numbers, appointment details, service history, notes, communication records, and other business-related data determined by the business user.

The Company does not independently collect this information and does not determine how it is used. Such information is processed solely on behalf of the business user and in accordance with the business user's instructions. The Company does not verify the accuracy, legality, or consent status of such information and relies on the business user to ensure that all required permissions and notices have been obtained.

8. Information Generated Through Platform Use

As the Platform is used, certain information is automatically generated based on interactions with the system. This may include activity logs, feature usage data, timestamps, configuration settings, performance metrics, and diagnostic information. This information helps the Company operate, maintain, secure, and improve the Platform.

Such information may be associated with a business account or authorized user but is generally used in an aggregated or contextual manner to understand how the Platform is functioning and to support system reliability and optimization. The Company does not use this information to profile individuals or for consumer advertising purposes.

9. Communication Data

When business users send communications through the Platform, such as emails, SMS messages, notifications, or automated messages, the Platform may process related information necessary to deliver and manage those communications. This may include sender information, recipient information, message metadata, delivery status, and error reports.

The content of communications is processed only to the extent necessary to transmit, store, or display such communications at the direction of the business user. The Company does not review message content except where required to address technical issues, investigate misuse, comply with legal obligations, or enforce platform policies.

10. Data from Integrated Third-Party Services

The Platform may allow business users to connect third-party services, such as advertising platforms, analytics providers, cloud services, or business tools. When such integrations are enabled, the Platform may receive data from those services as permitted by the business user and the applicable third-party terms.

This data may include performance metrics, account identifiers, campaign information, or other data made available by the third-party service. The Company does not control the scope, accuracy, or availability of such data and processes it solely to provide the requested integration functionality. Use of third-party services is governed by the terms and privacy policies of those providers.

11. Device and Technical Information

When authorized users access the Platform, the Company may collect limited technical information such as IP address, browser type, operating system, device identifiers, and access timestamps. This information is used for security, fraud prevention, system administration, and troubleshooting.

The Company does not use this information for cross-platform tracking, behavioral advertising, or consumer profiling.

12. Information Not Collected

The Company does not intentionally collect sensitive personal information such as government-issued identification numbers, financial account passwords, biometric identifiers, or precise geolocation data, unless explicitly required for a specific feature and clearly disclosed at the time of collection.

Business users are strongly discouraged from uploading sensitive personal information unless it is strictly necessary for their use of the Platform and permitted by applicable law.

13. How Information Is Used

The Company uses information collected through the Platform solely for legitimate business purposes related to operating, maintaining, and improving the Platform. This includes enabling core functionality, providing access to features, facilitating communications initiated by business users, supporting integrations, and responding to support requests or technical issues.

Information may also be used to monitor platform performance, ensure system stability, prevent fraud or misuse, enforce applicable policies, and comply with legal or regulatory obligations. The Company does not use information processed through the Platform for consumer advertising, data brokerage, or profiling unrelated to the operation of the Platform.

When acting as a data processor or service provider, the Company processes information strictly in accordance with the instructions of the business user and does not determine independent purposes for such processing.

14. Disclosure of Information

The Company does not sell personal information. Information may be disclosed only in limited circumstances consistent with this Privacy Policy and applicable law.

Information may be shared with trusted service providers and vendors that support the operation of the Platform, such as cloud infrastructure providers, email and messaging services, analytics tools, security services, and customer support systems. These providers are authorized to process information only as necessary to provide services to the Company and are subject to contractual confidentiality and security obligations.

Information may also be disclosed where required by law, regulation, legal process, or governmental request, or where necessary to protect the rights, safety, or property of the Company, business users, or others. In such cases, the Company will disclose only the information reasonably necessary to comply with the obligation.

If the Company is involved in a merger, acquisition, reorganization, or sale of assets, information processed through the Platform may be transferred as part of that transaction, subject to appropriate confidentiality protections.

15. Data Retention Practices

The Company retains information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Customer data processed on behalf of business users is retained in accordance with the Company's Data Deletion Policy and applicable contractual arrangements. In general, such data may be retained for a limited period after account inactivity or termination to support account recovery, dispute resolution, compliance obligations, or operational continuity, after which it is deleted or anonymized in accordance with internal policies.

Information relating to platform usage, security, or compliance may be retained longer where necessary to meet legal, regulatory, or risk management requirements.

16. Data Security and Safeguards

The Company implements reasonable administrative, technical, and organizational measures designed to protect information processed through the Platform from unauthorized access, disclosure, alteration, or destruction. These measures include access controls, authentication mechanisms, monitoring, and security practices consistent with industry standards.

Despite these safeguards, no system can be guaranteed to be completely secure. Business users are responsible for maintaining appropriate security practices on their end, including protecting login credentials, managing authorized access, and securing devices used to access the Platform.

The Company disclaims responsibility for security incidents resulting from factors beyond its reasonable control, including user negligence, compromised credentials, or failures of third-party services.

17. Data Accuracy and Business User Responsibility

The Company relies on business users to provide accurate and lawful information. The Company does not independently verify the accuracy or legality of information uploaded or processed through the Platform and is not responsible for errors, omissions, or outdated information supplied by business users.

Business users are responsible for correcting inaccuracies and ensuring that information processed through the Platform remains current and compliant with applicable laws.

18. No Use for Consumer Profiling or Advertising

Information processed through the Platform is not used by the Company for consumer profiling, behavioral advertising, or targeted marketing unrelated to the business user's use of the Platform. The Company does not build consumer profiles or track individuals across unrelated services.

19. Individual Privacy Rights and Requests

Depending on applicable state or federal law, certain individuals may have rights regarding personal information, such as the right to request access, correction, or deletion of their personal information. Where the Company acts as a data controller, it will respond to such requests in accordance with applicable law.

Where the Company acts as a data processor or service provider on behalf of a business user, requests relating to personal information processed through the Platform must be directed to the relevant business user. The Company will reasonably assist business users in responding to such requests where required by law but does not independently verify or fulfill requests related to customer data controlled by business users.

20. Limitations of Company Responsibility for Customer Data

The Company does not have a direct relationship with individuals whose personal information is processed by business users through the Platform. Business users are responsible for responding to privacy inquiries, providing notices, obtaining consent, and honoring applicable rights related to such information.

The Company disclaims responsibility for failures by business users to comply with applicable privacy laws, respond to individual requests, or manage customer data appropriately.

21. Children's Information

The Platform is not intended for use by children and does not knowingly collect personal information from individuals under the age of thirteen (13). Business users are prohibited from submitting or processing children's personal information through the Platform unless permitted by applicable law and strictly necessary for their business operations.

If the Company becomes aware that children's personal information has been processed through the Platform in violation of this Privacy Policy, it may take appropriate action, including deletion of such information or restriction of access.

22. Interaction with Other Platform Policies

This Privacy Policy should be read together with the Company's Terms and Conditions, Acceptable Use Policy, and Data Deletion Policy. Each document serves a distinct purpose and governs different aspects of the relationship between the Company and business users.

In the event of any inconsistency between this Privacy Policy and another policy, this Privacy Policy governs matters relating specifically to information practices, while other policies govern usage, enforcement, and contractual obligations.

23. Policy Updates and Continued Use

The Company may update this Privacy Policy periodically to reflect changes in legal requirements, data processing practices, or the Platform. Updated versions will be made available through the Platform or associated websites, and the "Last Updated" date will be revised accordingly.

Where required by law, notice of material changes will be provided. Continued use of the Platform after an updated Privacy Policy becomes effective constitutes acknowledgment of the updated policy.

24. Contact Information

Questions, concerns, or requests related to this Privacy Policy or the Company's information practices may be directed to:

Email: admin@autotimex.com