Privacy Policy

This Privacy Policy explains how NavoTech, LLC d/b/a AutoDealer.io (“AutoDealer.io,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when people use autodealer.io, our dealer app, our hosted dealer website features, public shopper chat, lead forms, support channels, and related services (collectively, the “Service”).

Who this policy covers

This policy covers information we process for our own business purposes, such as account management, billing, security, product analytics, support, and marketing. When a dealership uses the Service to manage its own customers, leads, deals, documents, or hosted website visitors, that dealership is usually responsible for its own legal notices, consumer privacy choices, financing disclosures, and retention duties. We process that dealership-controlled data as a service provider or processor under our customer agreement, these customer data processing terms, and our Terms. We do not decide what information a dealership may collect, what notices it must provide, how long it must keep records, or whether its use of the Service satisfies laws that apply to its business.

Customer data processing terms

For Customer Data entered into the Service, the dealership is the controller, business, financial institution, or equivalent decision-maker. AutoDealer.io processes Customer Data as a processor, service provider, or vendor on the dealership's behalf, except where we process information for our own business purposes described in this policy. Dealerships remain solely responsible for the lawfulness, accuracy, completeness, retention, notice, consent, disclosure, export, deletion, and transaction use of Customer Data.

We process Customer Data to:

• provide, secure, maintain, support, and improve the Service;
• perform dealership configuration, integration, AI, import, export, and hosting instructions;
• comply with law, enforce agreements, prevent fraud and abuse, and protect the Service;
• perform other documented instructions agreed by the parties.

Dealership instructions must be lawful and sufficient for the intended processing. We do not determine whether dealership instructions, disclosures, consents, forms, communications, retention periods, or compliance workflows satisfy dealership legal, regulatory, lender, marketplace, or contractual obligations.

Information we collect

We collect information directly from users, from dealerships, from hosted website visitors, and from service activity.

• Account and user information: names, email addresses, dealership affiliation, role, title, authentication status, security settings, support requests, and communications with us.
• Dealership information: dealer name, legal and public business profile, EIN or tax identifiers when provided, locations, website settings, custom domains, subscription tier, billing status, team members, vendors, lienholders, compliance settings, and audit history.
• Dealer business data: inventory, vehicle details and photos, acquisition and sales records, leads, customers, deals, payments recorded in the DMS, title work, documents, form templates, notes, tasks, communications, marketplace settings, and related metadata.
• Consumer and applicant data entered by dealerships: names, contact details, addresses, date of birth, driver license details, financing or deal information, documents, signatures, and other information a dealership chooses to enter or upload.
• Hosted website and shopper data: form submissions, public chat messages, vehicle interests, lead source, pages viewed, approximate device and browser information, and referral details.
• Billing data: subscription details, invoices, payment method brand, type, and last four digits. Card data is handled by Stripe; we do not store full payment card numbers.
• Usage, device, and security data: IP address, user agent, session events, log data, diagnostic events, feature usage, authentication events, and similar records used to operate and protect the Service.
• Third-party enrichment data: data returned by configured integrations, such as VIN decoding, maps or places data, marketplace services, email delivery, billing, AI providers, and analytics tools.

How we use information

• Provide, maintain, secure, troubleshoot, and improve the Service.
• Create and administer dealer accounts, users, roles, permissions, subscriptions, and support sessions.
• Host dealer websites, inventory pages, vehicle photos, lead forms, public chat, and custom domains.
• Process subscription billing, invoices, payment method updates, and related notices.
• Deliver transactional email, product notices, security alerts, support messages, and requested marketing communications.
• Power AI features, including dealer assistants, public shopper chat, draft content, summaries, and proposed actions.
• Monitor usage, enforce our terms, prevent fraud and abuse, protect tenants from cross-dealer access, and investigate security events.
• Comply with contracts, legal obligations, subpoenas, government requests, audits, tax and accounting obligations, and dispute resolution.

How we share information

• With service providers and subprocessors: hosting, database, storage, CDN, payment, email, AI, analytics, logging, security, support, and enrichment providers that help us operate the Service. Our current list is available on the Security & Subprocessors page.
• With dealerships and their authorized users: dealer account owners and authorized users can access the dealership data available to their role.
• With integrations enabled by a dealership: marketplace, catalog, mapping, vehicle data, finance, email, or other integrations that a dealership configures or requests.
• With public website visitors: published dealership content, visible inventory, public vehicle photos, public pricing/status fields, and dealership contact information may be displayed on hosted dealer websites and feeds.
• For legal and safety reasons: if we believe disclosure is necessary to comply with law, enforce agreements, protect the Service, prevent fraud or abuse, or protect rights, safety, and security.
• Business transfers: in connection with a merger, financing, acquisition, reorganization, or sale of assets, subject to appropriate confidentiality and data protection obligations.

We do not sell personal information for money. We do not knowingly share personal information for cross-context behavioral advertising through the core Service. Dealerships may add their own analytics or marketing tags to their hosted websites; those dealer-controlled tools are the dealership's responsibility.

AI features

The Service uses AI providers to process prompts, chat messages, dealership context, public vehicle data, and draft outputs as needed to provide AI features. Dealer AI actions that would change records are designed to create proposals for authorized users to review and approve, not to mutate records automatically. Public shopper AI is limited to public inventory, published website content, and safe general automotive information. AI use is also governed by our Terms of Use.

Data security

We use technical and organizational safeguards designed to protect information, including tenant isolation, role-based access, audit logging, encryption for selected sensitive fields, secure direct uploads, MFA support, observability controls that scrub sensitive data, and infrastructure providers with security programs. No method of transmission or storage is completely secure. See the Security Overview for more detail.

Data retention

We retain information for as long as needed to provide the Service, maintain business records, comply with law, resolve disputes, enforce agreements, maintain security, and support dealership retention obligations. Dealer-controlled records may be retained or deleted according to the dealer's instructions, the subscription status, backup cycles, legal holds, these terms, and our customer agreement.

Your privacy rights and choices

Depending on where you live, you may have rights to know, access, correct, delete, export, restrict, or object to certain processing of your personal information. If your request concerns information a dealership collected from you, we may direct you to that dealership or ask for its authorization because the dealership controls those records. To make a request to us, email info@autodealer.io.

When you create an account we subscribe you to marketing email (our newsletter, product news, tips, and trial reminders). You can unsubscribe at any time using the unsubscribe link in any marketing message or from the email preferences in your account settings, and we will honor your request promptly. We may still send transactional, billing, security, and account notices, which are part of the Service and cannot be turned off while your account is active.

Cookies and similar technologies

We use cookies, local storage, pixels, SDKs, and similar technologies on autodealer.io, the dealer app, admin tools, hosted dealer websites, public shopper chat, support flows, and pages served through dealer subdomains or custom domains.

• Strictly necessary: authentication, session management, CSRF protection, security, routing, billing checkout, support sessions, and load balancing.
• Preferences: interface choices such as sidebar state, theme preferences, and similar settings that make the Service work as expected.
• Analytics and diagnostics: feature usage, page performance, error reporting, event logs, and product analytics used to improve reliability and understand adoption.
• Communications and support: support, contact, demo, email, and notification workflows.
• Dealer-enabled technologies: scripts, pixels, analytics, chat tools, and marketing tags a dealership adds to its hosted website through custom code or integrations.

Most browsers let you block or delete cookies. If you block strictly necessary cookies, parts of the Service may not work, including sign-in, security checks, billing checkout, or dealer website functions. Some browsers offer “Do Not Track” signals; because there is no consistent industry standard for responding to these signals, the Service may not respond to them. We will honor legally required opt-out signals where applicable and technically feasible.

Financial privacy and auto dealer compliance

Auto dealers that provide financing or lease-related services may have independent obligations under the Gramm-Leach-Bliley Act, the FTC Privacy Rule, the FTC Safeguards Rule, state privacy laws, and motor vehicle finance rules. AutoDealer.io provides software tools; dealerships remain responsible for determining which notices, opt-outs, safeguards, forms, and retention rules apply to their customers and transactions. We do not assume a dealership's privacy, financial, advertising, credit, title, registration, records, or consumer-notice obligations by hosting, processing, routing, storing, displaying, or exporting dealership-controlled data.

International users

The Service is operated from the United States and is designed for United States dealerships. If you use the Service from outside the United States, your information may be processed in the United States and other countries where our providers operate.

Children's privacy

The Service is intended for businesses and vehicle shoppers. It is not directed to children under 16, and we do not knowingly collect personal information from children under 16.

Changes to this policy

We may update this policy from time to time. We will post the updated version here and revise the “last updated” date above.

Contact us

Questions or privacy requests can be sent to info@autodealer.io.