AutoBuddy LogoAutoBuddy

Legal Center

Privacy Policy

Effective date: May 23, 2026 | Last updated: June 21, 2026

1. Who We Are

AutoBuddy Manager and related services are provided by AutoBuddy Inc., trading as AutoBuddy ("AutoBuddy", "we", "us", or "our").

Contact details:

  • Legal entity: AutoBuddy Inc.
  • Registered address: Mombasa, Kenya
  • Support email: autobuddybusiness1@gmail.com
  • Privacy email: autobuddybusiness1@gmail.com
  • Phone: 0790100002

AutoBuddy provides business software for vehicle showrooms and similar businesses. The service helps users manage client installment records, vehicle inventory, reminders, agreements, cloud sync, team access, billing, and related automation.

2. What This Policy Covers

This policy explains how AutoBuddy collects, uses, stores, shares, and protects personal data when you use:

  • The AutoBuddy Manager desktop app.
  • AutoBuddy cloud sync and private cloud features.
  • Automated SMS, WhatsApp, email, and voice reminders.
  • WhatsApp and other inventory ingestion tools.
  • AI-assisted scanning, parsing, captioning, and template generation.
  • Billing, subscription, support, diagnostics, updates, and related backend services.
  • Social publishing and rendering features where enabled.

This policy applies to showroom owners, managers, workers, and business users. It also describes how AutoBuddy may process personal data about your clients, customers, buyers, guarantors, or other contacts when you enter that information into the service.

3. Your Role And Our Role

When you use AutoBuddy to manage your own clients, payments, reminders, inventory, agreements, or communications, you are normally the data controller or the party deciding why and how that data is used. AutoBuddy acts mainly as your service provider or processor for that customer data.

You are responsible for making sure that you have the right to collect, upload, store, use, and message your clients through AutoBuddy. This includes getting any consent or other lawful basis required for SMS, WhatsApp, calls, email, payment reminders, marketing, social posting, record keeping, and customer support.

For account registration, billing, service security, support, analytics, and our own legal obligations, AutoBuddy may act as an independent controller.

4. Personal Data We Collect

Depending on how you use AutoBuddy, we may process the following categories of data.

Account And User Data

Name, email address, phone number, role, showroom membership, and login details. Invite or worker membership records, subscription status, billing status, device/license checks, and support records.

Showroom And Business Data

Showroom name, business profile, branch or team details, agreement templates, letterhead, settings, and configuration. Manager and worker access permissions.

Client And Installment Data

Client names, phone numbers, email addresses, IDs, vehicle details, payment schedules, amounts due, payment history, notes, reminders, agreements, and vehicle photo metadata.

Communications Data

Reminder templates, email subjects and bodies, message text, voice scripts, test dispatch details, channel settings, WhatsApp instance mappings, and limited delivery metadata.

Connected Google And Gmail Data

If you connect Gmail, AutoBuddy requests only openid, email, and gmail.send. We use them to identify the verified account you selected and send reminder emails you enable.

We may store the sender email, Google account subject ID, encrypted refresh token, connection status, timestamps, and limited delivery or error metadata. AutoBuddy does not request Gmail read, modify, contacts, drafts, labels, settings, or mailbox-history permissions, so this connection cannot read your inbox, contacts, drafts, sent-mail history, or existing messages.

To send an email, AutoBuddy transfers the recipient email address, subject, body, and necessary delivery metadata to Google solely to send the reminder or test email requested through AutoBuddy.

AutoBuddy's use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including its Limited Use requirements. We do not sell Google user data, use it for advertising, or use it for creditworthiness or lending decisions.

Gmail and Google account data is not sent to Gemini or any other AI provider and is never used to create, train, or improve artificial intelligence or machine-learning models.

You can disconnect in AutoBuddy or revoke access in your Google Account. Disconnecting disables sending and removes the stored refresh token from active use; limited security, revocation, delivery, backup, or legal records may remain where required.

5. How We Use Personal Data

We use personal data to:

  • Provide and maintain the AutoBuddy app and backend services.
  • Authenticate users and enforce showroom-scoped access control.
  • Sync showroom data between authorized devices and cloud services.
  • Run automated or manual reminders through enabled channels.
  • Verify a connected Google account and send enabled reminders through Gmail.
  • Process inventory photos, descriptions, and social media rendering.
  • Process subscriptions, billing, renewals, and feature entitlement.

6. Legal Bases

We process personal data based on service performance necessity, legitimate interests (service security, billing diagnostics, fraud prevention, support), consent where required, and applicable legal obligations.

7. Automated Reminders And Communications

AutoBuddy can send SMS, WhatsApp, email, and voice reminders. Gmail reminders use the connected account's Gmail Send permission and only send when enabled in AutoBuddy. You are solely responsible for recipient consent or another lawful basis, accurate content, opt-outs, anti-spam rules, legal debt collection, consumer protection, and provider compliance.

8. AI Features

We use Google Gemini to parse inventory details. All AI outputs must be validated before client communications or legal agreement generations.

9. Security And Encryption

AutoBuddy utilizes user authentication boundaries and access tokens. Under encrypted cloud configurations, client records are encrypted inside Supabase. De-crypted memory segments exist temporarily during automated scheduled cloud runs.

10. Infrastructure And Subprocessors

Primary infrastructure relies on:

  • Supabase (Database, Auth, Storage)
  • DigitalOcean VPS (Workers, APIs)
  • Cloudflare (Tunnels, Security)
  • Twilio (Voice Calls & Verification)
  • Africa's Talking (SMS Gateways)
  • Google OAuth and Gmail API (Connected Account Identification & Email Sending)
  • Google Gemini (AI Parsers)