Privacy Policy

Introduction

At TrackVIN ("we," "our," or "us"), we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our vehicle history report services. This policy applies to all users of our services, regardless of location, and complies with applicable privacy laws including GDPR, CCPA, and other regional data protection regulations.

Our Privacy Principles

Information We Collect

1. Personal Information You Provide

When you use our services, we may collect the following personal information:

• Contact Information: Name, email address, phone number, and mailing address
• Payment Information: Billing address and payment method details (processed securely by third parties)
• Vehicle identification numbers (VINs) and license plate numbers
• Account Information: Username, password, and account preferences
• Communication Records: Customer service interactions, support tickets, and feedback
• Marketing Preferences: Email subscription preferences and communication choices

2. Information Automatically Collected

We may automatically collect certain information about your device and usage:

• Technical Information: IP address, browser type and version, operating system
• Usage Data: Pages visited, time spent on site, click patterns, and navigation paths
• Device Information: Device type, screen resolution, and unique device identifiers
• Location Data: General geographic location based on IP address
• Referral Information: Source website or search terms that led you to our site

3. Information from Third Parties

We may receive information from third-party sources including:

• Vehicle Data Providers: NMVTIS, state DMVs, insurance companies, and auto auctions
• Payment Processors: Transaction details from Stripe, PayPal, and other payment services
• Analytics Services: Website usage data from Google Analytics and similar services
• Social Media: Public profile information if you connect social media accounts

How We Use Your Information

Primary Uses

We use your information for the following primary purposes:

• Service Delivery: Process orders, generate reports, and deliver purchased services
• Communication: Send order confirmations, delivery notifications, and service updates
• Customer Support: Respond to inquiries, resolve issues, and provide technical assistance
• Account Management: Create and maintain user accounts, process payments, and manage subscriptions
• Legal Compliance: Meet regulatory requirements, prevent fraud, and ensure service security

Secondary Uses

With your consent or as permitted by law, we may also use your information to:

• Marketing Communications: Send promotional emails, newsletters, and service announcements
• Service Improvement: Analyze usage patterns to enhance our website and services
• Personalization: Customize your experience and provide relevant recommendations
• Research and Analytics: Conduct market research and analyze industry trends
• Security Monitoring: Detect and prevent fraudulent activities and security threats

Legal Basis for Processing

We process your personal information based on:

• Contract Performance: To fulfill our service obligations to you
• Legitimate Interests: To improve our services and prevent fraud
• Legal Compliance: To meet regulatory and legal requirements
• Consent: For marketing communications and optional features

Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties for their marketing purposes. We may share your information only in the following limited circumstances:

• Service Providers: Trusted third-party vendors who help us operate our business (payment processors, hosting providers, email services)
• Legal Requirements: When required by law, court order, or government request
• Safety and Security: To protect our rights, property, or safety, or that of our users or others
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to affected users)
• Data Sources: With authorized vehicle data providers to generate comprehensive reports
• Consent: When you have given explicit consent for specific sharing purposes

Third-Party Service Providers

We work with the following types of service providers:

• Payment Processors: Stripe, PayPal (for secure payment processing)
• Cloud Hosting: Amazon Web Services, Google Cloud (for data storage and processing)
• Email Services: EmailJS, SendGrid (for transactional and marketing emails)
• Analytics: Google Analytics (for website usage analysis)
• Customer Support: Help desk and chat support platforms

Data Security

We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

Technical Safeguards

• Encryption: 256-bit SSL encryption for all data transmission and storage
• Secure Servers: Industry-standard data centers with physical and digital security
• Access Controls: Multi-factor authentication and role-based access restrictions
• Regular Audits: Quarterly security assessments and vulnerability testing
• Data Backup: Encrypted, geographically distributed backup systems

Organizational Safeguards

• Employee Training: Regular privacy and security training for all staff
• Data Minimization: We collect and retain only necessary information
• Incident Response: Established procedures for security breach notification and response
• Vendor Management: Due diligence and contractual protections for third-party providers
• Compliance Monitoring: Regular compliance reviews and policy updates

Your Rights and Choices

Universal Rights

Regardless of your location, you have the following rights:

• Right to Access: Request a copy of all personal information we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information (subject to legal requirements)
• Right to Restrict Processing: Limit how we use your information in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

Additional Rights for EU Residents (GDPR)

If you are located in the European Union, you have additional rights under GDPR:

• Right to Lodge a Complaint: File complaints with your local data protection authority
• Right to Automated Decision-Making: Object to decisions based solely on automated processing
• Right to be Informed: Receive clear information about how your data is processed

Additional Rights for California Residents (CCPA)

If you are a California resident, you have additional rights under CCPA:

• Right to Know: Detailed information about personal information collection and use
• Right to Delete: Request deletion of personal information we have collected
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: Equal service regardless of exercising privacy rights

How to Exercise Your Rights

To exercise any of these rights, contact us at:

Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience and analyze website usage:

Types of Cookies We Use

• Essential Cookies: Required for basic website functionality and security
• Performance Cookies: Help us understand how visitors interact with our website
• Functional Cookies: Remember your preferences and personalize your experience
• Marketing Cookies: Used to deliver relevant advertisements (with your consent)

Cookie Management

You can control cookies through your browser settings or our cookie preference center. Note that disabling essential cookies may affect website functionality. You can:

• Accept or reject cookies through our cookie banner
• Modify cookie preferences in your browser settings
• Delete existing cookies from your device
• Set your browser to notify you when cookies are being used

Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy:

Retention Periods

• Account Information: Until account deletion or 3 years of inactivity
• Order Records: 7 years for tax and legal compliance purposes
• Payment Information: As required by payment processors and applicable law
• Customer Support Records: 3 years from last interaction
• Marketing Data: Until you unsubscribe or request deletion
• Website Analytics: 26 months (Google Analytics default)

Secure Deletion

When we no longer need your information, we securely delete or anonymize it using industry-standard methods. Some information may be retained in anonymized form for statistical and analytical purposes.

International Data Transfers

If you are located outside the United States, your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries with adequate data protection laws
• Standard Contractual Clauses: EU-approved contracts for international transfers
• Certification Programs: Privacy Shield successors and similar frameworks
• Explicit Consent: Your consent for specific transfer purposes

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take immediate steps to delete such information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@trackvin.info.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable laws. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last updated" date
• Sending email notifications to registered users for significant changes
• Displaying prominent notices on our website
• Requesting renewed consent where required by law

Your continued use of our services after policy changes constitutes acceptance of the updated terms.