Privacy Policy

Last updated June 2026

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and password. For shop accounts, we also collect the shop name and contact information.

Shop & Business Information: Shop owners provide business details such as shop name, address, phone number, labor rates, tax settings, and business hours.

Customer & Vehicle Data: You upload information about your customers and their vehicles, including names, contact information, vehicle year/make/model/VIN, mileage, service history, and maintenance notes.

Usage Data: We automatically collect information about how you use the Service, including login times, pages accessed, features used, diagnostic queries, and interaction patterns.

Device & Technical Information: We collect information about the devices you use to access the Service, including IP address, browser type, operating system, and device identifiers.

2. Payment Information

Payment processing is handled entirely by Stripe for subscription billing. Mechanics does not collect, store, or access full credit card numbers. Stripe securely handles all payment information in accordance with PCI-DSS standards. When you connect your own Stripe or Square merchant account for processing customer payments, we do not access, store, or see your customer payment card data. Payment data is transmitted directly to your payment processor and not routed through Mechanics' servers.

3. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process subscriptions and billing
  • Send transactional emails (account confirmations, invoices, password resets)
  • Respond to your inquiries and support requests
  • Personalize your experience and optimize the Service for your shop type
  • Detect, prevent, and address fraud, security issues, and technical problems
  • Send marketing emails and product updates (you may opt out at any time)
  • Comply with legal obligations and enforce our agreements

4. Third-Party Service Providers

We share information with third-party service providers who assist us in operating the Service:

  • Stripe: Payment processor for subscription billing and connected merchant account transactions.
  • Square: Payment processor for shops connecting their own merchant account.
  • Resend: Transactional email service for sending invoices, confirmations, and password resets.
  • Anthropic Claude: AI service provider for diagnostic suggestions. Diagnostic inputs may be sent to Anthropic for processing.
  • Sentry: Error monitoring and crash reporting to identify and fix Service issues.
  • Google Analytics: Website analytics to understand how visitors use our marketing site.
  • Railway: Cloud hosting provider where our Service infrastructure runs.
  • NHTSA Vehicle Database: Public vehicle database used for VIN decoding to populate vehicle year/make/model/trim information.

These providers are contractually obligated to protect your information and may only use it for purposes necessary to provide services to us.

5. AI Processing & Diagnostics

Diagnostic Processing: When you use the AI diagnostic feature, information about the vehicle, symptoms, and history is sent to Anthropic's servers for processing. Anthropic processes this data to generate diagnostic suggestions and does not use it for other purposes.

Diagnostic Sharing Pool: Mechanics offers an optional, anonymized diagnostic sharing feature that contributes diagnostic data to improve future diagnostic accuracy. This feature is opt-in and off by default. Data shared to the diagnostic pool is anonymized to remove identifying information about your shop, customers, and vehicles. You can enable or disable diagnostic sharing at any time in your account settings.

6. Data Retention

We retain your account information and shop data for as long as your account is active. If you cancel your subscription, we retain your data for 30 days to allow for reactivation. After 30 days of inactivity following cancellation, we delete your data from our production systems. You may request earlier deletion by contacting support. Backup copies may be retained for up to 90 days as part of standard backup procedures. Billing and payment records are retained as required by law (typically 7 years).

7. Data Security

We implement industry-standard security measures including encryption in transit (HTTPS/TLS) and at rest, secure authentication, regular security audits, and access controls to protect your information. However, no security measures are 100% secure. We cannot guarantee absolute security of your data. You are responsible for maintaining the confidentiality of your login credentials and for notifying us of any unauthorized access.

8. Your Rights

Access: You have the right to access your personal information. You can view and download most of your data directly from your account dashboard.

Correction: You can correct inaccurate information in your account at any time through your account settings.

Deletion: You may request deletion of your account and associated data. Contact support@mechanics.app with your request.

Portability: You can export your work orders, invoices, and customer data from the Service in standard formats.

Objection to Processing: You have the right to object to our use of your data for marketing purposes. You can opt out of marketing emails at any time by clicking the unsubscribe link in the email or updating your preferences in account settings.

9. Cookies

Mechanics uses cookies and similar technologies to remember your login state, protect against fraud, and analyze how you use the Service. Most browsers allow you to refuse cookies or alert you when they are being sent. If you disable cookies, some features of the Service may not function properly. We do not use third-party cookies for advertising purposes.

10. Children's Privacy

Mechanics does not intentionally collect personal information from children under 13. The Service is not directed to children. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information and terminate the child's account. Parents or guardians who believe a child has provided us with information should contact us at support@mechanics.app.

11. International Users

Mechanics is based in the United States. If you are located outside the U.S., your personal information will be transferred to, stored in, and processed in the United States. By using the Service, you consent to the transfer of your information to the United States. U.S. privacy laws may not provide the same level of protection as the laws of your home country. We comply with applicable data protection regulations including GDPR where applicable.

12. Changes to Privacy Policy

Mechanics may update this Privacy Policy at any time. We will notify you of material changes via email or by posting the updated policy on the Service with a new "Last Updated" date. Your continued use of the Service following changes constitutes acceptance of the new privacy policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

13. Contact

If you have questions about this Privacy Policy, your personal information, or our privacy practices, please contact us at support@mechanics.app. We will respond to your inquiry within 30 days.