1. Overview
1. Resumen
AutoInx ("we," "us," or "our") operates the website autoinx.com and related services. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our site or make a purchase.
By using our platform, you agree to the collection and use of information in accordance with this policy. This policy applies to all users regardless of location.
Short version: We collect only what we need to fulfill your order, keep it secure, and never sell it to third parties. You can request deletion at any time.
2. Data We Collect
2. Datos que Recopilamos
2.1 Information You Provide Directly
- Name and email address — required to process and confirm your order
- Phone number — used for shipping updates if you opt in to SMS notifications
- Delivery address — required to calculate shipping and fulfill your order
- Account password — hashed and stored securely via Firebase Authentication; we never see your plain-text password
- Order notes — any special instructions you provide at checkout
- Payment confirmation screenshots — only for Zelle or cash orders; stored securely in Firebase Storage
2.2 Information Collected Automatically
- IP address — used for rate limiting and fraud prevention; not stored long-term
- Browser and device type — used to optimize your experience
- Pages visited and actions taken — collected via Google Analytics 4 in aggregate, anonymized form
- Cart contents — temporarily stored in your browser's session storage and, if you are signed in, in our Firestore database to enable cart recovery
- Language preference — stored in your browser's local storage
2.3 Information from Third Parties
- Google Sign-In — if you use Google to create an account, we receive your name, email address, and profile picture from Google
- Stripe — we receive a confirmation of payment and a Stripe customer ID; we never receive or store your full card number
⚠️ We do not collect or store Social Security numbers, government-issued ID numbers, or full payment card information. Payment data is handled entirely by Stripe.
3. How We Use Your Data
3. Cómo Usamos tus Datos
We use the information we collect for the following purposes:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Process and fulfill your order | Name, email, address, order details | Contract performance |
| Send order confirmations and shipping updates | Email, phone (if opted in) | Contract performance |
| Customer support | Name, email, order history | Legitimate interest |
| Fraud prevention and security | IP address, order patterns | Legitimate interest |
| Improve our website and services | Anonymized usage data | Legitimate interest |
| Post-purchase follow-up emails | Email, order date | Consent (opt-out available) |
| Abandoned cart recovery | Email, cart contents | Consent (opt-out available) |
| Legal and tax compliance | Order data, billing address | Legal obligation |
We will not use your data for automated decision-making or profiling that produces legal or similarly significant effects.
5. Third-Party Services
5. Servicios de Terceros
We use the following third-party services. Each operates under its own privacy policy, which we encourage you to review:
| Service | Purpose | Data Shared |
|---|---|---|
| Stripe (privacy policy) | Payment processing, Stripe Tax | Name, email, billing address, order total |
| Firebase / Google (privacy policy) | Authentication, database, file storage | Email, name, order data, uploaded files |
| Google Analytics 4 (privacy policy) | Website analytics | Anonymized usage data, device info |
| Shippo | Shipping rate calculation & label generation | Name, delivery address, package details |
| Brevo (formerly Sendinblue) | Transactional email delivery | Name, email, order details |
| Anthropic / Claude AI | AI-powered parts advisor chat widget | Chat messages only; not linked to your account |
| Netlify | Website hosting and serverless functions | IP address, request logs (auto-deleted after 30 days) |
7. Data Retention
7. Retención de Datos
We retain your personal data for as long as necessary to fulfill the purposes described in this policy:
- Order records — kept for 7 years to comply with U.S. tax and accounting requirements
- Account data — retained while your account is active; deleted within 30 days of an account deletion request
- Abandoned cart data — automatically deleted after 90 days of inactivity
- Email logs — kept for 12 months for support and dispute resolution
- Payment proof uploads — retained for 2 years then automatically purged
- Analytics data — aggregated and anonymized; retained up to 26 months in Google Analytics
8. Security
8. Seguridad
We implement industry-standard technical and organizational measures to protect your data:
- All data transmitted between your browser and our servers is encrypted with TLS 1.2+
- Passwords are hashed using Firebase Authentication's secure hashing — we never store plaintext passwords
- Sensitive API endpoints are protected by HMAC request signing and rate limiting
- Firebase Firestore security rules restrict data access to authenticated owners and administrators
- Admin access requires a Firebase custom claim token and is further protected by IP allowlisting
- Payment card data is handled entirely by Stripe and never touches our servers
Despite our efforts, no method of transmission over the internet is 100% secure. If you suspect a security breach involving your AutoInx account, contact us immediately at support@autoinx.com.
9. Your Rights
9. Tus Derechos
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate or incomplete data
- Deletion — request deletion of your personal data ("right to be forgotten"), subject to our legal retention obligations
- Portability — receive your data in a structured, machine-readable format
- Opt-out — unsubscribe from marketing and follow-up emails at any time by replying "UNSUBSCRIBE" to any email
- Objection — object to processing based on legitimate interest
To exercise any of these rights, contact us at support@autoinx.com with the subject line "Privacy Request". We will respond within 30 days. We may need to verify your identity before processing your request.
🇨🇦 California residents (CCPA): You have the right to know what personal information we collect, to delete it, and to opt out of its sale. We do not sell personal information. Contact us to exercise your CCPA rights.
10. Children's Privacy
10. Privacidad de Menores
Our platform is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at support@autoinx.com and we will delete it promptly.
11. Changes to This Policy
11. Cambios a esta Política
We may update this Privacy Policy periodically. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify registered account holders by email at least 14 days before the change takes effect.
Your continued use of our platform after the effective date constitutes acceptance of the updated policy.
12. Contact Us
12. Contáctanos
For privacy-related inquiries, data requests, or to report a security concern:
Business Locations
United States
587 Paradise Blvd
Hayward, CA 94541
Colombia
Calle 68A 92-24, Bogotá DC
Calle 68A 92-58, Bogotá
© 2026 AutoInx. All rights reserved. Family-Owned Operation.