Nova Garage — Privacy Policy

Last updated: March 2025

1. Introduction

Nova Garage ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, Nova Garage (the "Service").

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

We collect information in the following ways:

2.1 Information You Provide Directly

• Account Information: When you create an account, we collect your email address, password, and full name (if provided).
• Vehicle Information: Details about vehicles you save to your garage, including year, make, model, and any notes you add.
• Images and Descriptions: Vehicle photos, video frames, and text descriptions you submit for vehicle identification.
• Location Data: Your device's geolocation when you search for service shops.

2.2 Information Collected Automatically

• Usage Data: Information about how you interact with the Service, including scans performed, search queries, links clicked, and features used.
• Device Information: Device type, operating system, unique device identifiers, and app crash data.
• Performance Data: Timestamps, response times, and other diagnostic information to improve our Service.

3. How We Use Your Information

We use the information we collect to:

• Provide Services: Deliver vehicle identification, recall checking, service shop recommendations, and account management features.
• Process Payments: Handle subscription billing through Apple's In-App Purchase system via RevenueCat.
• Improve Our Service: Analyze usage patterns to enhance features, fix bugs, and optimize performance.
• Communication: Send account notifications, technical updates, and customer support responses.
• Safety and Compliance: Detect and prevent fraud, protect against malicious activity, and comply with legal obligations.
• Analytics: Understand how our Service is used to make data-driven improvements.

4. Third-Party Service Providers

We use the following third-party services to deliver our Service:

4.1 AI & Data Processing

• OpenAI: Vehicle identification uses OpenAI's GPT-4o model. Images and vehicle descriptions are sent to OpenAI for analysis and immediately deleted from their servers after processing. OpenAI retains data according to their privacy policy (https://openai.com/privacy).

4.2 Backend & Authentication

• Supabase: We use Supabase for user authentication, database storage, and edge functions. Data is encrypted at rest and in transit. Supabase's privacy policy: https://supabase.com/privacy

4.3 Payment Processing

• RevenueCat: Handles subscription management and billing. Apple's App Store processes all payment information securely. RevenueCat's privacy policy: https://www.revenuecat.com/privacy
• Apple In-App Purchase: Your subscription is managed through Apple's App Store. Apple handles all payment card information according to their privacy practices: https://www.apple.com/privacy/

4.4 External Services

• Aftermarket Parts Links: When you click on aftermarket parts links, you are redirected to third-party retail websites that have their own privacy policies. We are not responsible for their practices.
• Service Shop Data: Service shop information comes from publicly available databases and mapping services (e.g., Google Maps, Apple Maps).

5. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols.
• Encryption at Rest: Sensitive data in our database is encrypted at rest.
• Password Security: Passwords are hashed using industry-standard algorithms and are never stored in plain text.
• Access Controls: Only authorized personnel have access to personal data, and access is limited to what is necessary.
• Regular Audits: We regularly review and update our security practices.

However, no method of transmission over the Internet is 100% secure. While we use commercially reasonable efforts to protect your information, we cannot guarantee absolute security.

6. Data Retention & Deletion

• Account Data: Your scan records, vehicle information, and account details are retained while your account is active.
• Account Deletion: When you delete your account through the Settings screen in the app, all associated data (scans, vehicle info, profile) is permanently deleted from our systems within 30 days.
• Backup Copies: Deleted data may persist in our backup systems for up to 90 days before being permanently purged.
• Images: Vehicle photos submitted for identification are deleted from OpenAI's servers immediately after processing and from our logs within 7 days.

7. Your Rights & Choices

7.1 Access & Portability

You have the right to access, review, and obtain a copy of your personal information. You can view and update your account information through the app's Settings screen.

7.2 Deletion

You can request deletion of your account and all associated data at any time through Settings → Delete Account. This action is permanent and cannot be undone.

7.3 Location Services

You can disable location services for the app through your device's settings. However, certain features (like service shop recommendations) may not function without location access.

7.4 Marketing Communications

We do not send unsolicited marketing emails. If we do communicate, you can opt out at any time by following the unsubscribe link in the email.

8. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information promptly.

9. International Data Transfers

Your information may be processed and stored in the United States and other countries where our service providers operate. By using Nova Garage, you consent to the transfer of your information to countries other than your country of residence, which may have different data protection rules.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information is collected, used, and shared
• Delete personal information collected from you
• Opt-out of the "sale" of personal information

To exercise these rights, contact us at hello@paynegroup45.com with the subject line "California Privacy Request."

11. GDPR (European Users)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

• Right to access your data
• Right to rectification or deletion
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

To exercise these rights, contact us at hello@paynegroup45.com with the subject line "GDPR Request."

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last Updated" date at the top of this policy. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy, your data, or how we handle your information, please contact us:

Email: hello@paynegroup45.com
Company: Nova Garage
Address: Available upon request

We will respond to your inquiry within 30 days.

Thank you for trusting Nova Garage with your information.