What we collect
Account information (email, hashed password, optional shop name), the diagnostic content you submit (DTCs, vehicle metadata, chat messages, feedback), and operational telemetry (request IDs, user-agent, IP-derived geolocation for security logging).
How we use it
Strictly to provide the AiAutoDiag service: answering your diagnostic queries, persisting your sessions, training our learning loop on the feedback you explicitly submit, and operating the platform safely.
Third-party processors
- Railway — application hosting (US region).
- Cloudflare — edge security (DDoS, WAF, bot mitigation).
- OpenRouter — LLM inference for chat responses.
- Cohere — reranker (when enabled).
- Plausible — cookieless website analytics.
Data residency
Our infrastructure runs on Railway in the United States. EU residents' personal data is therefore transferred to a US processor under standard contractual clauses. If this is a blocker for you, contact us before creating an account.
Your rights
You can export all of your data and delete your account at any time from /settings. We honour the GDPR rights of access, rectification, erasure, restriction, portability, and objection. Contact [email protected].
Retention
Active accounts: indefinite while you keep using the service. Deleted accounts: hard-deleted within 30 days, with the exception of mechanic knowledge contributions (tombstoned with author cleared so the learning loop is preserved).