Privacy Policy

Vehicle Imagery ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Vehicle Imagery API service ("Service"). We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use our Service.

1. Data Controller

The data controller responsible for processing your personal data is:

2. Information We Collect

We collect different types of information depending on how you interact with our Service:

2.1 Account Information

When you create an account, we collect:

• Name and contact information (email address, company name)
• Billing address and payment information (processed securely through payment processors)
• Account credentials (username, password - stored in encrypted form)
• Company details and website URL

2.2 Usage Data

When you use our API, we automatically collect:

• API request logs (endpoints accessed, timestamps, response codes)
• Usage statistics (number of requests, bandwidth usage, error rates)
• IP addresses and geolocation data (for security and analytics)
• Device and browser information
• Referral sources and traffic patterns

2.3 Communication Data

When you contact us, we collect:

• Contact form submissions (name, email, message content)
• Support tickets and correspondence
• Newsletter subscription information (if you subscribe)

2.4 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Maintain your session and authentication state
• Remember your preferences and settings
• Analyze website traffic and usage patterns
• Improve our Service and user experience

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service.

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our API service
• Account Management: To create and manage your account, process payments, and handle billing
• Communication: To respond to your inquiries, provide customer support, and send service-related notifications
• Security: To detect, prevent, and address security issues, fraud, and abuse
• Analytics: To analyze usage patterns, monitor performance, and improve our Service
• Legal Compliance: To comply with legal obligations and enforce our Terms of Service
• Marketing: To send you promotional communications (with your consent, where required)

We process your personal data based on legitimate interests, contractual necessity, legal obligations, or your consent, as applicable under GDPR.

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: To fulfill our contractual obligations to provide the Service
• Legitimate Interests: For security, fraud prevention, service improvement, and business operations
• Legal Obligations: To comply with applicable laws, regulations, and court orders
• Consent: For marketing communications and optional features (you can withdraw consent at any time)

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

5.1 Service Providers

We may share data with trusted third-party service providers who assist us in:

• Payment processing (stripe, PayPal, etc.)
• Cloud hosting and infrastructure (AWS, Cloudflare, etc.)
• Email delivery and communication services
• Analytics and monitoring tools
• Customer support platforms

These service providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to:

• Comply with legal processes or respond to government requests
• Enforce our Terms of Service and protect our rights
• Prevent fraud, security threats, or illegal activities
• Protect the safety of our users and the public

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.

6. Data Retention

We retain your personal data only for as long as necessary to:

• Provide the Service and fulfill our contractual obligations
• Comply with legal, tax, and accounting requirements
• Resolve disputes and enforce our agreements
• Maintain security and prevent fraud

Retention periods vary by data type:

• Account Data: Retained while your account is active and for 7 years after account closure (for tax/legal purposes)
• Usage Logs: Retained for 12 months for security and analytics purposes
• Communication Records: Retained for 3 years after last contact
• Marketing Data: Retained until you unsubscribe or withdraw consent

After the retention period, we securely delete or anonymize your data, unless legal requirements mandate longer retention.

7. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

7.1 Right of Access

You have the right to request a copy of the personal data we hold about you and information about how we process it.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to legal and contractual obligations that may require us to retain certain data.

7.4 Right to Restrict Processing

You can request that we limit how we process your data in certain circumstances.

7.5 Right to Data Portability

You can request a copy of your data in a structured, machine-readable format.

7.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw your consent at any time.

7.8 Right to Lodge a Complaint

You have the right to file a complaint with a supervisory authority, particularly in your country of residence, if you believe we have violated data protection laws.

To exercise any of these rights, please contact us at [email protected] or through our contact page. We will respond to your request within one month (or two months for complex requests).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Employee training on data protection and security
• Incident response procedures and breach notification protocols
• Regular backups and disaster recovery plans

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Your data may be processed and stored in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission
• Other legally recognized transfer mechanisms

By using our Service, you consent to the transfer of your data to countries outside the EEA, subject to these safeguards.

10. Children's Privacy

Our Service is not intended for individuals under the age of 16 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

11. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

Common third-party services we use include payment processors, analytics tools, and customer support platforms. These services have their own privacy policies governing data collection and use.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website with a new "Last updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice in the Service

Your continued use of the Service after the effective date of the updated Privacy Policy constitutes acceptance of the changes. If you do not agree with the changes, you should stop using the Service and close your account.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For data protection inquiries, you can also contact our Data Protection Officer (if applicable) or file a complaint with your local data protection authority.