Your data, our rules.

We collect the minimum data needed to deliver your report. No accounts, no marketing emails, no third-party tracking. All processing happens in the EU.

What we collect

• Vehicle plate number (to look up registry data)
• Email address (collected by Stripe at checkout, used only for the report delivery)
• Payment confirmation from Stripe (no card details touch our servers)
• Anonymous server logs (IP, request time, browser type) for 14 days for abuse prevention

How we use it

• Generate your report and email it to you
• Process refunds if requested
• Comply with Estonian tax and accounting law (invoice records)

Retention

Reports auto-delete from our servers 30 days after purchase. Email addresses are kept only for the same 30-day window unless tax law requires longer (Estonian tax records: 7 years for the invoice number alone, no other data).

Third-party processors

We use these EU-compliant services:

• Stripe (Ireland), payment processing
• Resend (USA, EU-adequacy certified), email delivery
• Google Gemini API (EU region). AI report generation
• Hetzner Cloud (Germany), server hosting

Your GDPR rights

You have the right to:

• Access, request a copy of all data we hold about you
• Deletion, request immediate deletion of your data (besides legally-required invoice records)
• Correction, fix any inaccurate data
• Portability, receive your data in a machine-readable format

Contact us

For any privacy-related question or to exercise your rights, email us. We respond within 5 business days. If you're not satisfied with our response, you can contact the Estonian Data Protection Inspectorate (AKI).