Privacy Policy

1. Who we are

AmpAuto (“we,” “us,” “our”) operates the website ampauto.io. This Privacy Policy explains how we collect, use, and protect information when you use our website, AI diagnostic tool, and related services.

2. Information we collect

Information you provide directly:

• Diagnostic input: the DTC code(s) you enter, your vehicle year/make/model/mileage/transmission/engine, and any symptoms or notes you describe
• VIN data (optional): if you use our VIN decoder, we send your VIN to NHTSA's public API to retrieve your vehicle profile
• Email address (optional): if you choose to receive a free copy of your diagnosis or unlock the paid full report
• Payment information: handled entirely by Stripe (we never see or store your card number)

Information collected automatically:

• Vercel Analytics: aggregate, privacy-respecting page-view data (no cookies, no fingerprinting). We see traffic patterns, not individual users.
• Server logs: standard request logs (IP address, user agent, timestamp) kept short-term for security and abuse prevention
• Browser preferences: we use localStorage to remember your dark/light mode choice. This data never leaves your browser.

What we do NOT collect:

• Third-party advertising cookies or trackers
• Cross-site tracking pixels (Facebook Pixel, etc.)
• Browser fingerprinting data
• Your name, address, or phone number (we don't ask for these)

3. How we use your information

• To deliver the diagnosis: your DTC code and vehicle data are sent to our third-party AI provider to generate your ranked causes and repair guidance. The data is processed in real time and is not used to train any AI model.
• To process payments: Stripe handles your payment securely. We receive only a confirmation that payment succeeded plus an order ID.
• To email your report (if requested): if you provide an email address, we send your diagnosis to that address. We do not add you to a marketing list.
• To improve the service: aggregated, non-identifying data may be reviewed to identify which codes are most queried and where the tool can be improved.

4. Third parties we share data with

We use a small number of trusted third-party services to operate AmpAuto. Each receives only the data needed for its specific function:

• Third-party AI provider: receives your DTC code, vehicle info, and symptoms to generate the diagnosis. Our AI provider does not retain this data for training.
• Stripe: processes payments. Stripe receives your card details directly (we never see them). Stripe Privacy Policy
• Vercel: hosts the website and provides privacy-respecting analytics. Vercel Privacy Policy
• NHTSA: public US government API used to decode VINs and retrieve recall data. NHTSA receives your VIN if you use the VIN decoder. NHTSA Privacy Policy

We do not sell, rent, or share your information with advertisers or data brokers.

5. Affiliate links

AmpAuto participates in the Amazon Services LLC Associates Program. When you click an affiliate link and make a purchase on Amazon, we may earn a small commission at no extra cost to you. Amazon, not AmpAuto, may set their own cookies when you click these links. See our Affiliate Disclosure for details.

6. Data retention

• Diagnoses are processed in real time. We do not maintain a long-term database of individual diagnostic queries tied to identifiable users.
• Email addresses (if provided) are kept only as needed to deliver your report and any related correspondence.
• Payment records are retained per Stripe's standard policies for tax and dispute purposes.
• Server logs are rotated within a short window (days, not months).

7. Your rights

Depending on your location, you may have rights under laws such as the GDPR (EU/UK), CCPA (California), or similar regulations:

• Access: request a copy of any personal data we hold about you
• Deletion: request deletion of your data
• Correction: ask us to correct inaccurate information
• Opt-out: opt out of email communications at any time

To exercise any of these rights, email us at hello@ampauto.io. We respond within 30 days.

8. Children's privacy

AmpAuto is not directed to children under 13, and we do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

9. Security

We use industry-standard practices to protect your data: HTTPS for all traffic, secure third-party providers (Stripe for payments, an enterprise-grade AI provider for diagnostics), and minimal data retention. No system is 100% secure, but we work to keep yours safe.

10. Changes to this policy

We may update this policy occasionally to reflect changes in our practices or legal requirements. The “Last updated” date at the top will reflect the most recent change. Significant changes will be highlighted on the homepage.

11. Contact us

Questions, requests, or concerns about this Privacy Policy? Email hello@ampauto.io.