AutoServiceHistory AutoServiceHistory

PRIVACY

Privacy Policy

Last updated 16 May 2026.

DRAFT — not yet legally reviewed

This text reflects our current intent and the way the service works today. We're publishing it now so users can read it; a final professional review may make adjustments. Please email questions to support@autoservicehistory.co.uk.

1. Overview

AutoServiceHistory ("we", "us", "our") is the operator of the AutoServiceHistory web application, available at app.autoservicehistory.co.uk and via our marketing site at autoservicehistory.co.uk (together, the "Service").

This Privacy Policy explains what personal data we collect about you when you use the Service, why we collect it, how long we keep it, who we share it with, and the rights you have over it under UK and EU data-protection law.

If you only read one section, please read sections 4 (lawful bases), 7 (who we share data with), and 8 (PII Blurring) — they explain the most important commitments we make to you.

2. Who we are and how to contact us

The data controller for the personal data we process about you is the operator of AutoServiceHistory. [REPLACE WHEN INCORPORATED: details of the registered limited company and its registered office will appear here.]

For all data-protection questions, requests, and complaints, please email support@autoservicehistory.co.uk. We aim to respond within 30 days, as required by UK GDPR.

We are working on completing our registration with the UK Information Commissioner's Office (ICO). [ICO_REGISTRATION_TODO: registration number will appear here once issued.]

3. What personal data we collect

The personal data we collect about you falls into the following categories.

Account and profile data

  • Your name, email address, contact number, postal address, and (optional) title.
  • Your date of birth — collected to verify you are 18 or over (see section 13) and, where applicable, to help us verify your identity during account-recovery requests.
  • A display name and an avatar identifier derived from your name.
  • Your account password (stored as an irreversible hash; we never see your plaintext password).
  • Your referral code and, where applicable, the referral code that brought you to the Service.
  • For business accounts: your organisation's trading name, website, contact number, registered address, and team membership records.

Vehicle data

  • Vehicle registrations (VRMs) and VINs you enter.
  • MOT history and DVLA records we look up on your behalf using those identifiers.
  • Vehicle ownership records within AutoServiceHistory (which user a vehicle belongs to, transfer history, share-link history).

Content you upload

  • Photos, paperwork (service invoices, MOT certificates, repair records), and other documents you upload to your vehicles.
  • OCR-extracted text and structured fields from those documents (service date, mileage, items, totals).
  • Secure Documents (V5C, finance, tax, etc.) you store privately on paid plans. See section 9 for the distinct guarantees that apply to these.

Billing data

  • Your Stripe customer ID, subscription state, plan and billing period, and invoice history.
  • We never see, receive, or store your full card number. Card information is captured by Stripe directly inside their hosted checkout and customer portal.

AI Connections (MCP) usage data

  • When you authorise an AI assistant (such as Claude or ChatGPT) to access your account via OAuth, we record each call: which tool was used, when, and a short status code.
  • The content of the AI assistant's responses goes directly between the AI provider and you — we don't store the assistant's output.

System and usage data

  • IP addresses, user-agent strings, request logs, error traces, and audit-log entries (e.g. credit consumption, document deletion).
  • Geolocation derived from your postcode (for our internal distance-helper feature) — never your precise location, never your live location.

4. Lawful bases for processing

Under UK GDPR Article 6, we process your personal data on the following lawful bases.

  • Performance of a contract. For paid features (subscriptions, credit packs, Secure Documents, AI Connections, share links), we process your data because we need to do so to provide the Service to you.
  • Legitimate interests. For fraud prevention, security and abuse-detection, error monitoring, service operation, and your sharing of vehicle data during a sale (see section 8). We have weighed our legitimate interests against your fundamental rights and consider them appropriate.
  • Consent. For any future marketing communications. We do not currently send marketing emails. Where consent is required in future, we will ask for it explicitly and you'll be able to withdraw it at any time.
  • Legal obligation. For billing records we are required to retain under UK HMRC rules, and for any disclosures required under UK law.

5. How long we keep your data

We retain your personal data only for as long as we need it for the purposes set out in this Policy, after which we delete or anonymise it.

  • Active account data. Retained for as long as your account is active.
  • Deleted accounts. When you delete your account, your data moves into a 30-day grace period. During this period you can sign back in to recover the account. After 30 days, your account, profile, vehicles, photos, and uploaded paperwork are irreversibly hard-deleted.
  • Secure Documents. Hard-deleted immediately on account deletion, vehicle deletion, vehicle transfer, or vehicle disassociation. There is no 30-day grace for Secure Documents — see section 9.
  • Billing records. Retained for 6 years from invoice date to meet UK HMRC requirements. After deletion, only the financial-record minimum is kept — no behavioural or product data.
  • Audit logs. Credit-ledger audit entries and account-activity records are kept as immutable rows for as long as we may need them for billing dispute resolution, fraud investigation, and regulatory obligations — at minimum for the duration of your account and the billing-record retention period above.
  • System logs. Application request logs and error traces are retained for as long as reasonably necessary for security and debugging — typically up to 90 days, longer for material incidents under investigation.

6. How we use your data

We use the data described above to:

  • Provide the Service to you — store your vehicles, look up MOT/DVLA records, process documents, surface AI features.
  • Bill you for paid features (via Stripe) and provide receipts.
  • Send you transactional emails — receipts, password resets, vehicle-transfer notifications, support replies, account-state changes.
  • Operate AI Connections requested by you (Claude / ChatGPT via MCP).
  • Generate share links you request, including applying the automatic PII-blurring pipeline before publication.
  • Investigate fraud and abuse, and enforce our Terms.
  • Monitor the Service for errors, performance issues, and security incidents.
  • Meet legal and regulatory obligations (e.g. HMRC record retention).

We do not sell your personal data. We do not use it for advertising. We do not share it with any third party for their own marketing.

7. Who we share your data with

We use a small number of trusted third-party services ("sub-processors") to operate AutoServiceHistory. Each is contractually bound to handle your data in accordance with this Policy and applicable law.

Stripe (payments)

Stripe Payments Europe Ltd (Ireland) handles all card payments, customer-portal flows, subscription billing, and invoice generation. We provide Stripe with your email, billing address, and the items you purchased. Stripe is a separate data controller for the payment data they collect.

Google Gemini (AI + OCR)

When you upload a document, we send the document content to Google Gemini for OCR text extraction and PII region detection. When you use the AI chat feature on a public report, we send the messages to Gemini. Gemini operates under the Google Cloud Platform Terms.

AWS Textract (OCR + structured-field extraction)

Alongside Gemini, we use AWS Textract — an OCR service operated by Amazon Web Services — to extract structured fields from receipts and service invoices (recipient name, address, totals, line items). Textract processes uploaded documents in the AWS London (eu-west-2) region and is bound by the AWS Data Processing Addendum.

Anthropic and OpenAI (AI Connections)

If, and only if, you authorise a Claude or ChatGPT connection via OAuth, our system will respond to requests from those AI providers on your behalf — sending the data those tools are authorised to read. Anthropic and OpenAI are each separate data controllers for the data they receive once you have authorised the connection.

Government / public-record APIs

We send vehicle registrations to the DVLA Vehicle Enquiry Service and the MOT History API to retrieve public records. We send postcodes to Ideal Postcodes and Postcodes.io for address lookup and geocoding. These services return publicly available data; we don't share your personal details with them beyond the lookup terms.

Cloudflare Turnstile (bot protection)

On sign-up, sign-in, and password-reset pages we use Cloudflare Turnstile to distinguish humans from bots. The challenge sends your IP address, user-agent string, and browser-fingerprint signals to Cloudflare (US-based, with Standard Contractual Clauses in place for UK / EU transfers). Cloudflare uses the data solely to score the challenge — they do not share it with us beyond a pass/fail result.

Postmark (transactional email)

Transactional emails (account creation, password reset, support replies, transfer notifications) are delivered by Postmark. We send Postmark your email address and the message contents.

Amazon Web Services (hosting)

All application infrastructure runs on AWS in the London (eu-west-2) region. AWS hosts the application servers, the relational database, file storage (S3), queueing (SQS), and supporting infrastructure. AWS is bound by the AWS Data Processing Addendum.

8. PII Blurring and your right to share vehicle history

When you upload a document (such as a service invoice or MOT certificate) to a vehicle's history, our system automatically:

  1. Reads the text using OCR.
  2. Identifies regions containing personal information — names, customer addresses, contact details, recipient information.
  3. Applies a permanent blur overlay to those regions in the version that appears in any public share link.

The original document is encrypted at rest. Only the blurred version is ever visible via a share link.

Why this matters under GDPR

UK GDPR Article 6 permits a vehicle owner to share information about their vehicle (including its service history) where that sharing is necessary for the performance of a sale contract (Article 6(1)(b)), or pursuant to the owner's legitimate interest in facilitating such a sale (Article 6(1)(f)).

Traditional private vehicle sales typically involve handing over physical paperwork — invoices, receipts, V5C copies — which expose the previous owner's full name, address, and contact details to the buyer. AutoServiceHistory goes beyond the legal minimum: we blur the previous owner's PII out of the shareable record automatically, so the buyer sees the service history without ever seeing the seller's home address or other personal details.

If you ever spot personal information that should have been blurred but wasn't, please tell us at support@autoservicehistory.co.uk and we'll act promptly to revoke the share link and address the issue.

9. Secure Documents

Paid-plan users can store private documents (V5C, finance agreements, tax records, MOT certificates containing personal information) in a separate Secure Documents area. These files are treated quite differently to the documents covered by section 8.

  • Secure Documents are encrypted at rest in a private storage bucket and only ever served back to you over an authenticated, signed URL.
  • They are visible only to you (and, for business accounts, to members of your organisation with write access).
  • Never included in any public share report — our share-link generator excludes Secure Documents by design.
  • Not used for analytics, training data, or any pipeline beyond what you explicitly request. If you choose to enable OCR on a Secure Document at upload, the document content will be sent to Google Gemini and AWS Textract for text extraction (under the same sub-processor terms as your public documents — see section 7). The OCR output is stored privately and never appears in a share report. If you do not enable OCR, the document is stored without any automated processing.
  • Immediately and irreversibly hard-deleted when you delete your account, delete the vehicle, transfer the vehicle to another user, or disassociate the vehicle from your account. There is no 30-day grace period for Secure Documents.

10. International transfers

AutoServiceHistory hosts all primary application data in the AWS London (eu-west-2) region. However, some of our sub-processors are headquartered or process data outside the UK / EEA:

  • Stripe (Ireland — within the EEA).
  • Google Gemini, Anthropic, OpenAI, Postmark, and Cloudflare — operate from the United States, with Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms in place under UK GDPR Article 46.

Where data is transferred outside the UK / EEA, we ensure an appropriate safeguard is in place: an adequacy decision, SCCs, or another mechanism approved under UK GDPR.

11. Your rights

Under UK GDPR (and, for EU/EEA users, EU GDPR) you have the following rights over your personal data.

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate or incomplete data.
  • Erasure — ask us to delete your data (subject to lawful retention obligations such as the 6-year billing rule).
  • Restriction — ask us to limit processing in certain circumstances.
  • Portability — receive a copy of your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests, including profiling.
  • Withdraw consent — where processing is based on consent, you can withdraw it at any time.
  • Complain — to a supervisory authority (see section 16).

To exercise any of these rights, email support@autoservicehistory.co.uk. We aim to respond within 30 days. We may ask you to verify your identity before acting.

12. Cookies and tracking

AutoServiceHistory uses only strictly necessary cookies. These are required for the Service to function and do not need your consent under the Privacy and Electronic Communications Regulations (PECR).

  • Django session cookie — maintains your login state across page loads.
  • CSRF token — protects you against cross-site request forgery attacks on form submissions.
  • Dark-mode preference — stored in your browser's localStorage so we don't override your visual preference between sessions.
  • Cloudflare Turnstile — sets short-lived challenge cookies on sign-up, sign-in, and password-reset pages to verify that the request is coming from a human, not a bot. Set by Cloudflare under their terms.

We do not use analytics cookies, tracking pixels, third-party advertising cookies, fingerprinting, or any cross-site tracking mechanism.

13. Children

AutoServiceHistory is intended for users aged 18 or over. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please contact us and we will delete it.

14. Security

We take reasonable and appropriate technical and organisational measures to protect your data, including:

  • TLS encryption for all data in transit.
  • AWS-managed encryption at rest for the relational database and object storage.
  • Strict access controls on production systems, with audit logging on access to sensitive data.
  • Immutable financial-record storage for the credit ledger.
  • Cloudflare Turnstile bot-protection on sign-up, sign-in, and password-reset pages.
  • Regular dependency updates and security patches.

We do not currently offer multi-factor authentication (MFA / 2FA). We are evaluating this for a future release. In the meantime, please use a strong, unique password and consider a password manager.

No system can be guaranteed completely secure. If we become aware of a personal-data breach that affects you, we will notify you and the relevant supervisory authority in accordance with UK GDPR Article 33.

15. Changes to this Policy

We may update this Policy from time to time to reflect changes in the Service or in the law. If we make material changes, we will notify you by email at the address associated with your account.

The "Last updated" date at the top of this Policy shows when it was most recently revised.

16. Contact and complaints

For any data-protection question, request, or complaint, please email support@autoservicehistory.co.uk.

If you're not satisfied with our response, UK users have the right to lodge a complaint with the Information Commissioner's Office at ico.org.uk/concerns. EU/EEA users may complain to their local data-protection authority.

{# Print + readable typography rules for legal docs. Kept inline so they ship with the page and apply regardless of the iframe embed context. #}