Vyntechs Privacy Policy
TL;DR. We collect what you type and upload to run the diagnostic tool. We share narrow slices of it with named third parties so we can host the app, process payments, and generate AI suggestions. We never sell your data, never send your name or email to the AI, and never store payment cards. We keep your data until you ask us to delete it; backups age out within 90 days.
Who this policy is for
Vyntechs is a diagnostic tool for automotive shops. This policy is written for the people who sign in and use Vyntechs directly: shop owners, techs, and other team members.
If your shop enters its own customers' information into Vyntechs, your shop is responsible for the consent under its own customer agreements. This policy explains how we handle that customer information on your shop's behalf.
You can email brandon@vyntechs.com about anything below.
What we collect
When you sign up or are invited to a shop
- Your email address (you need it to sign in)
- Your name (you type it in)
- Your role in your shop (tech, advisor, owner, etc.)
- Your shop's name(your shop's owner sets this once)
When you use the diagnostic tool
- Vehicle details — year, make, model, engine, VIN, mileage, license plate
- Diagnostic content— the customer's complaint, your observations, the steps you tried, root cause, repair notes
- Files you upload — photos, videos, audio recordings, scan-tool screenshots, wiring diagrams
- Ambient conditions if you choose to log them — temperature, humidity, optional location
When your shop enters customer information
- Customer name, phone number, and (optionally) email — stored on behalf of your shop so techs can reference customer history
Automatically while you use the app
- Timestamps for every action
- Page views and basic interaction events, via Vercel Analytics
- Which “What's New” entries you've seen (one date per user)
What we do NOT collect
- We do not log your IP address or browser fingerprint in our application code
- We do not collect any data about children — Vyntechs is a tool for working shop staff and is not directed at minors
- We do not store payment card details ourselves — Stripe handles all of that
Who else sees your data
To run Vyntechs we share narrow slices of your data with the third-party services below. Each link goes to the vendor's own privacy policy.
| Service | What this service does and what it sees |
|---|---|
| Hosting and data storage | |
| Vercel | Hosts the app, runs scheduled background jobs, captures basic page-view analytics. |
| Supabase | Runs the database, handles sign-in (including magic-link emails), stores the files you upload. |
| Payments | |
| Stripe | Sees your email, your shop's identifier, and your subscription status; holds payment cards (we never see them). |
| AI and reference data | |
| Anthropic (Claude) | Receives vehicle data, customer complaint text, your observations, and uploaded file contents to generate diagnostic suggestions. Never receives your name or email. Anthropic does not train its models on the data we send through its API. |
| Voyage AI | Converts text into numbers for similarity matching. |
| Tavily, Brave Search, YouTube Data API (Google), Reddit | Receive a search query made up of the vehicle's year/make/model and the complaint text, to fetch outside repair information. |
| Recall and safety data | |
| NHTSA and manufacturer recall pages for Ford, Chevrolet, Toyota, and BMW | Receive only the vehicle year/make/model when we look up recalls. |
| Backups | |
| GitHub | Receives an encrypted-in-transit daily snapshot of our database. Snapshots older than 90 days are deleted automatically. |
What we never do
- We never sell your data
- We never share your data for marketing or advertising, ours or anyone else's
- We never send your name or email to the AI
- We never store payment card details ourselves
- We never use your data to train our own AI models, and our AI provider (Anthropic) is contractually prohibited from training on the data we send through its API
How long we keep your data
We keep your account and its data for as long as your account is active. We do not yet run automatic deletion of old diagnostic sessions or uploaded files.
When you (or your shop's owner) ask us to delete an account, we delete it within 30 days. Our database backups roll forward every 90 days, so deleted data fully ages out of backups within 90 days of deletion.
We want you to know up front:
- Deactivated team members' past diagnostic sessions remain visible to the shop as part of the shop's repair record. If you want yours fully removed, contact us.
- Vercel runtime logs are retained by Vercel for roughly 24 hours and may contain request metadata.
- Vehicle and customer records entered by your shop persist until your shop deletes them.
Your rights
You can ask us to:
- Send you a copy of all the data we hold on you
- Correct anything that is wrong
- Delete your account and the personal data tied to it
Email brandon@vyntechs.com from the address on your account. We will respond within 30 days and complete deletions within 30 days of confirming the request.
Security
Your data travels over encrypted connections (TLS) between your browser and our servers, and between our servers and the third parties listed above. It's stored in Supabase's encrypted database. Only you, your shop's team, and the Vyntechs team can read your data inside the app. Our sub-processors see only the slices of data we send them as described above.
We are a small team and we don't issue formal security certifications today. If your shop needs one, email us.
Changes to this policy
When we change this policy, we publish a new version with a new effective date on this page. We also show a notice in the app the first time you sign in after the change.
How you can verify this policy
Every claim in this policy can be checked against our source code. If you ever find a place where our code does something this policy doesn't describe, or describes something the code doesn't actually do, email brandon@vyntechs.comand we'll fix the gap.