Auto

Auto ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our app and website (collectively, the "Services"), in compliance with applicable data protection laws including the EU General Data Protection Regulation (GDPR), UK GDPR, and the California Consumer Privacy Act (CCPA) as amended by the CPRA.

1. Personal Data We Collect

Personal Data You Provide

We collect personal data that you voluntarily provide when using the Services, including:

Account information: name, email address, phone number, password, and other registration details.
Profile data: information you choose to add to your profile or account settings.
Payment information: billing address and payment method details (processed through trusted third-party payment processors).
Communications: messages, feedback, or inquiries you send to us.
Customer content: Including email content, documents, and other content you provide when using features of the Services or that you input, upload or transmit to us.
Sensitive content:

Personal Data Automatically Collected

We automatically collect certain data when you interact with our Services, such as:

Device and usage data: IP address, device ID, browser type, operating system, pages visited, and timestamps.
Cookies and similar technologies: Used to enhance user experience, security, analytics, and marketing. You can manage cookie preferences through your browser settings.
Log data: Server logs and technical data used for maintenance, security, and performance.

2. How We Use Personal Data

We use your personal data to:

Provide and operate the Services.
Process transactions and send confirmations.
Improve, personalize, and optimize our platform.
Communicate with you, including customer support and product updates.
Maintain security and prevent fraud or abuse.
Comply with legal obligations.

GDPR Lawful Bases for Processing

Where the GDPR applies, we rely on one or more of the following legal bases to process your personal data:

Contract: to provide the Services and fulfill our contractual obligations.
Consent: for optional features, marketing communications, or cookie-based tracking.
Legitimate interests: to operate and improve the Services in ways that do not override your privacy rights.
Legal obligation: to comply with applicable laws or respond to lawful requests.

3. Sharing and Disclosure of Personal Data

We do not sell your personal data. We may share it in the following circumstances:

With service providers: We work with trusted vendors that provide hosting, analytics, payment processing, customer support, and other operational services.
With Large Language Model (LLM) providers: Auto is an AI-powered product and as such, the content you submit may be processed by third-party LLM providers to analyse and generate responses.
For legal reasons: If required by law, court order, or governmental authority, or to protect our rights, safety, and security.
In corporate transactions: In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred in accordance with this Policy and applicable law.

If required by law, we will enter into appropriate Data Processing Agreements (DPAs) and, for international transfers, apply adequate safeguards such as Standard Contractual Clauses.

4. Data Retention

We retain personal data only for as long as necessary to:

Provide the Services;
Comply with legal and regulatory obligations;
Resolve disputes;
Enforce agreements.

When no longer needed, data is securely deleted, anonymized, or aggregated.

5. Your Rights

Depending on your jurisdiction, you may have the following rights:

Under GDPR (EU/UK):

Right of access – to know what personal data we hold about you.
Right to rectification – to correct inaccurate or incomplete data.
Right to erasure ("Right to be forgotten") – to request deletion of your personal data.
Right to restriction – to limit certain processing.
Right to object – to processing based on legitimate interests or for marketing.
Right to data portability – to receive your data in a structured, machine-readable format.
Right to withdraw consent – at any time, without affecting the lawfulness of processing before withdrawal.
Right to lodge a complaint – with a supervisory authority in your country.

Under CCPA/CPRA (California):

Right to know what personal information is collected, used, disclosed, or sold.
Right to access your personal information.
Right to delete personal information, subject to legal exceptions.
Right to correct inaccurate personal information.
Right to opt-out of the sale or sharing of personal information (we do not sell data).
Right to non-discrimination for exercising your rights.

To exercise your rights, contact us at support@auto.inc. We may verify your identity before processing requests.

6. Children

Our Services are not directed to children under 16 years old. We do not knowingly collect personal data from minors. If we learn that we have inadvertently collected such data, we will take steps to delete it promptly.

7. Security

We implement appropriate technical and organizational measures to protect personal data, including:

Encryption in transit and at rest
Access controls and monitoring
Regular security testing and vulnerability assessments

However, no system is 100% secure. We encourage users to use strong passwords and report any security concerns to us.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted here with a new "Last updated" date. For material changes, we may notify you directly through the app, email, or other appropriate means.

9. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us:

Email: support@auto.inc

Address: 3769 Rosewood Avenue, Los Angeles, CA 90066