AH
AutoClub HQBack to Home

Privacy Policy

Last updated: March 2026

AutoClub HQ ("we", "us", "our") is committed to protecting the privacy of our users. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information when you use our compliance tracking platform for auto club towing operations.

1. What Data We Collect

We collect the following categories of information:

  • Account information: Name, email address, password (hashed), organization name, and role within your organization.
  • Driver information: Driver names, employee IDs, contact details, and assigned schedules as entered by your organization.
  • Compliance reports: Decline reports, attendance records, and customer satisfaction survey data ingested from email or entered manually.
  • Email data: When you connect your email inbox, we access incoming messages that match compliance report patterns. We do not read or store unrelated emails.
  • Usage data: Log-in times, feature usage patterns, and browser/device information for service improvement and support.

2. How We Use Your Data

We use the data we collect to:

  • Provide compliance tracking services, including decline tracking, attendance monitoring, and survey management.
  • Send automated notifications to drivers regarding declines, follow-ups, and other compliance matters.
  • Generate compliance reports and dashboards for your organization.
  • Process billing and manage your subscription.
  • Communicate with you about your account, service updates, and support requests.
  • Improve and maintain the Service, including fixing bugs and developing new features.

3. Data Storage & Security

We take the security of your data seriously. All data is stored in a PostgreSQL database hosted on secure infrastructure with encryption at rest. Data transmitted between your browser and our servers is encrypted using TLS (HTTPS).

Access to production systems is restricted to authorized personnel only. We regularly review our security practices and implement industry-standard safeguards to protect against unauthorized access, alteration, disclosure, or destruction of your data.

4. Third-Party Services

We use the following third-party services to operate AutoClub HQ. Each processes data only as necessary to provide their specific function:

  • Resend — for sending transactional and notification emails (e.g., driver decline notices, account invitations). Resend processes recipient email addresses and message content.
  • Stripe — for payment processing and subscription management. Stripe handles your payment information directly; we do not store credit card numbers on our servers.
  • Gmail API — for email ingestion when you connect a Gmail inbox. We request read-only access to incoming messages and only process emails matching compliance report patterns.

We do not sell, rent, or share your data with third parties for marketing purposes.

5. Data Retention

We retain your data for as long as your account is active and as needed to provide you with the Service. Specifically:

  • Active account data is retained for the duration of your subscription.
  • After account cancellation or termination, your data is retained for 30 days to allow for export, after which it is permanently deleted.
  • Billing records may be retained for up to 7 years as required by applicable tax and accounting laws.
  • Anonymized, aggregated usage data may be retained indefinitely for analytics and service improvement.

6. Your Rights

You have the following rights regarding your data:

  • Access: You can request a copy of the personal data we hold about you and your organization.
  • Correction: You can update or correct your account information at any time through the Settings page.
  • Deletion: You can request permanent deletion of your account and all associated data by contacting us.
  • Export: You can request an export of your compliance data in a standard format (CSV/JSON).
  • Withdraw consent: You can disconnect your email inbox or revoke API access at any time through your account settings.

To exercise any of these rights, contact us at support@autoclubhq.com.

7. Cookies

AutoClub HQ uses a minimal cookie approach. We use a single session cookie set by NextAuth.js to maintain your authenticated session. This cookie is essential for the Service to function and cannot be disabled while using the platform. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will revise the "Last updated" date at the top of this page. We will notify account administrators of material changes via email. Continued use of the Service after changes are posted constitutes acceptance of the updated Privacy Policy.

9. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at support@autoclubhq.com.