Privacy Policy

The short version: Your vehicle data belongs to you. We collect only what we need to run the service. We don't sell your data, we don't run ads, and we never will. Revenue comes from subscriptions — that's the deal.

Who we are
What data we collect
What we do not collect or sell
How we use your data
Third-party processors
Cookies and local storage
Data retention
Your rights
Children
Changes to this policy
Contact us

1. Who we are

MyDIYGarage is a vehicle maintenance tracking application operated by Nielsen Digital, LLC ("we," "us," "our"), a Texas limited liability company. Our service is accessible at app.mydiygarage.com.

This Privacy Policy explains how we collect, use, and protect information you provide when you use MyDIYGarage. By creating an account or using the service, you agree to the practices described here.

2. What data we collect

Account information

Email address — required to create an account, send transactional emails (verification, password reset), and contact you about your subscription.
Username — chosen by you, displayed in your account settings.
First and last name — optional, used for personalization only.
Password — stored as a one-way bcrypt hash. We cannot read your password.
Phone number — optional, never required, not used for marketing.

Vehicle and maintenance data

All vehicle records you create — service logs, fuel logs, fault codes, maintenance schedules, vehicle details — are stored on our servers to provide the service. This data is yours. We do not analyze it for advertising, sell it to third parties, or share it with insurers, dealers, or data brokers.

Billing information

If you subscribe to a paid plan, payment is handled by Stripe. We receive a payment confirmation and your Stripe customer ID. We never see, store, or process raw card numbers, bank account details, or full payment credentials.

Technical data

IP address (logged by our infrastructure for security and abuse prevention)
Browser type and operating system (included in standard HTTP headers)
Timestamps of account actions (login, registration, record creation)

We do not use analytics platforms (Google Analytics, Mixpanel, etc.) that track your browsing across our site.

3. What we do not collect or sell

✓ We do not sell your data to anyone, ever.
✓ We do not run ads or use ad-targeting networks.
✓ We do not share your vehicle data with insurance companies, dealers, or data brokers.
✓ We do not build behavioral profiles for third-party marketing.
✓ Our revenue comes entirely from subscription fees. Your data is not the product.

4. How we use your data

We use the information we collect exclusively to:

Create and maintain your account
Deliver the features of the MyDIYGarage service (storing and retrieving your vehicle records)
Send transactional emails: email verification, password resets, subscription receipts, and service notices
Process subscription payments through Stripe
Respond to support requests you initiate
Detect and prevent fraud, abuse, and security incidents
Comply with legal obligations

We do not use your data for any purpose not listed above without first updating this policy and notifying you.

5. Third-party processors

We use a small number of third-party services to operate MyDIYGarage. Each has its own privacy policy. We share only the minimum data necessary for the service to function. The categories of third parties to whom we disclose personal information are: payment processors and cloud infrastructure providers. We do not disclose personal information to advertisers, data brokers, CRM platforms, or analytics services.

Stripe (payment processing)

Stripe processes all subscription payments. When you subscribe, your payment details are entered directly into Stripe's secure checkout — they never pass through our servers. Stripe may set cookies during checkout sessions. See Stripe's Privacy Policy.

Amazon Web Services (infrastructure)

Our application and your data are hosted on AWS. We use AWS for compute, database, and transactional email. AWS does not access your personal data except as required to deliver infrastructure services. See AWS Privacy Policy.

We do not use any other third-party services that receive your personal data (no Google Analytics, no CRM platforms, no ad networks).

6. Cookies and local storage

We use a minimal set of cookies and browser storage. See our Cookie Policy for full details.

Session authentication cookie — a secure, HTTP-only cookie that keeps you logged in. Strictly necessary; cannot be disabled without logging out.
Local storage — we store your UI preferences (display units, default vehicle) in your browser's local storage. This data never leaves your device.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies on this site. If this changes, we will update our Cookie Policy and this section, and add a consent banner before deploying any new cookies.

7. Data retention

We retain your data for as long as your account is active. If you delete your account:

Your vehicle records and personal information are deleted within 30 days.
Billing records (subscription history, payment confirmations) may be retained for up to 7 years as required by financial and tax regulations.
Anonymized, aggregated usage statistics — data from which all identifying information has been removed and that cannot be reasonably re-linked to any individual — may be retained indefinitely.

To request deletion of your account and data, email us at privacy@mydiygarage.com or use the account deletion option in your settings.

Security safeguards

We use industry-standard technical and organizational measures to protect your personal information, including encryption in transit (TLS) and encryption at rest for data stored on our servers. Access to personal data is restricted to personnel and systems that require it to provide the service. No transmission over the internet or method of electronic storage is 100% secure; we cannot guarantee absolute security.

Security incidents

In the event of a security incident that affects your personal information, we will notify affected users as required by applicable law — including the Texas Business & Commerce Code Chapter 521 — and, in all cases, without undue delay. Notification will be sent to the email address on your account.

8. Your rights

Depending on your location, you may have the following rights regarding your personal data. We honor these requests for all users regardless of jurisdiction.

Access — request a copy of the personal data we hold about you.
Correction — request correction of inaccurate or incomplete data.
Deletion — request deletion of your account and associated data (subject to legal retention requirements above).
Portability — request a copy of your vehicle data in a machine-readable format by contacting us at privacy@mydiygarage.com.
Objection / Restriction — object to or request restriction of certain processing activities.
Withdraw consent — where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@mydiygarage.com. We will respond within 30 days. We do not charge for reasonable requests.

California residents (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA). We do not sell personal information as defined by the CCPA, and we do not share personal information for cross-context behavioral advertising as defined by the CPRA. California residents have the right to:

Know — request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collection, and the categories of third parties with whom we share it.
Delete — request deletion of your personal information, subject to certain exceptions.
Correct — request correction of inaccurate personal information we maintain about you.
Opt out of sale/sharing — we do not sell or share personal information, so this right is not applicable but is acknowledged.
Non-discrimination — we will not discriminate against you for exercising any CCPA/CPRA rights.

We do not collect sensitive personal information as defined by the CPRA. To exercise any of these rights, contact us at privacy@mydiygarage.com. We will respond within 45 days, as required by California law.

EU/UK residents (GDPR)

If you are in the European Union or United Kingdom, our legal basis for processing your data is:

Contract — processing necessary to provide the service you signed up for
Legitimate interest — fraud prevention and security
Legal obligation — financial record retention

We do not engage in solely automated decision-making that produces legal or similarly significant effects on you, as defined by Article 22 of the GDPR.

You have the right to lodge a complaint with your local supervisory authority. Our Data Protection contact is privacy@mydiygarage.com.

9. Children

MyDIYGarage is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If you believe a child under 13 has created an account, contact us at privacy@mydiygarage.com and we will delete the account.

Users between 13 and 17 may use the service with verifiable parental or guardian consent.

10. Changes to this policy

We may update this Privacy Policy as the service evolves. For material changes — changes that affect what data we collect, how we use it, or who we share it with — we will:

Post the updated policy at this URL with a new effective date
Send an email to registered users at least 30 days before the change takes effect

Non-material changes (clarifications, formatting, typo fixes) take effect immediately. Continued use of the service after an effective date constitutes acceptance of the updated policy.

11. Contact us

For privacy questions, data requests, or concerns:

Email: privacy@mydiygarage.com
General contact: hello@mydiygarage.com

Nielsen Digital, LLC
c/o Northwest Registered Agent, LLC
5900 Balcones Drive, Suite 100
Austin, TX 78731
United States

Contents