Privacy Policy

DriveDr helps car enthusiasts uncover BuildScores, visual upgrades, and instant guidance powered by image and text generation. This notice explains how we treat the information needed to make that happen.

Last updated: Sept 16, 2025

Our promise to the DriveDr community

Great advice starts with trust. We capture only the data needed to meter usage, validate purchases, and return the results of your requests. When we rely on outside tooling for content generation, the partners are contractually required to protect your requests just as we do.

We never sell your personal information
Usage meters and transaction IDs expire automatically within 7 days
Prompts and media flow through for processing and are not stored by DriveDr
What we collect Transaction identifiers, usage meters, error event metadata How it is used Processing requests, enforcing limits, maintaining reliability Content generation processing Where prompts and photos go when models run Your controls Request support, ask questions, or appeal automated actions

What “content generation” means

In this policy, “content generation” includes every DriveDr feature that turns your text prompts or vehicle images into guidance, BuildScores, or visual mockups. We may update or replace the vendors that power these features at any time, and each vendor must safeguard your information consistently with this notice.

Information we collect

DriveDr keeps only the limited information required to meter your usage, validate purchases, and keep the service healthy. We do not maintain personal profiles, nor do we store prompts, responses, or vehicle images after a request is fulfilled.

Transaction confirmations

  • Store-issued identifiers: anonymized transaction IDs, plan type, and renewal status supplied by Apple or Google so we can confirm eligibility for a request. DriveDr does not receive payment card numbers, billing addresses, or personal names from these records.

Usage metering

  • Token and image counters: the number of text generations, BuildScore scans, or render requests completed over a rolling seven-day window. These counts exist only to enforce fair use and are not linked to personal identifiers.

Error diagnostics

  • Event metadata: timestamped error codes or failure states captured when a request cannot be completed. Any request content or identifiers are stripped before the event is stored, and the remaining metadata expires along with the usage counter.

Transient request processing

  • Prompts and media: instructions and vehicle imagery are relayed to content generation partners solely to produce the requested output. DriveDr does not retain copies once the response is delivered back to your device.

How we use your information

The limited records we keep serve operational safeguards only. Specifically, we use them to:

  • Verify that a request is associated with a valid store transaction before processing.
  • Apply rate limits so every driver gets fair access to content generation features.
  • Diagnose failures and protect DriveDr from misuse or automated attacks.
  • Meet legal, accounting, or security obligations that require proof of how the service is used.

How content generation processing works

DriveDr uses a mix of in-house orchestration and vetted content generation infrastructure partners to turn your prompts and images into responses.

  • Text transformation: Chat prompts sent to the mechanic assistant are relayed to large language model providers that help us craft replies. We only send the content needed to answer your question.
  • Image understanding and rendering: Vehicle photos used for BuildScore ratings or visual upgrades are processed by computer vision and image generation vendors. They receive the file, return scoring metrics or edited artwork, and may handle retention according to their own policies.
  • Vendor policies: We select partners that commit to strong safeguards, but their retention periods and model-training rules may differ. Some vendors may store request data or use it to improve their services; review their policies if you want more detail. We may change partners at any time and will minimize what we send to them.
We review partners regularly and limit the data shared with them. If we materially change how requests are processed, we will update this policy and notify users in the app when feasible. For vendor-specific retention practices, see the documentation each provider publishes.

Retention & deletion

All data DriveDr stores is subject to a fixed time-to-live.

  • Transaction confirmations: Automatically deleted within seven days after the associated request is processed, unless a longer period is legally required (for example, to satisfy an open refund investigation).
  • Usage meters: Token and image counts reset continuously and fully clear within seven days.
  • Error diagnostics: Error metadata is kept for at most seven days to help us reproduce issues, then removed.
  • Prompts and outputs: Text and imagery sent for content generation are not stored by DriveDr after the response is relayed back to your device.

How we share information

We do not sell personal information. The only sharing that occurs is limited to operating the service:

  • Service partners: Hosting providers, content generation vendors, and payment processors that support DriveDr. They receive only the minimum information needed for the task at hand and must protect it under contract.
  • Team members & contractors: DriveDr staff or contractors with a need to know in order to maintain reliability or investigate abuse. Access is logged and limited.
  • Legal reasons: When required by law, court order, or to protect the rights, property, or safety of DriveDr, our community, or others.
  • Business transitions: If DriveDr is involved in a merger, acquisition, or asset sale, we will ensure the successor honors this policy or give you notice before data is transferred.

How we keep information safe

DriveDr uses industry-standard safeguards to protect the limited information we do store.

  • Encryption in transit for all traffic between the app, our servers, and content generation partners.
  • Restricted access and logging on the infrastructure that hosts transactional and usage metadata.
  • Automated policies that purge records after their seven-day lifetime expires.
  • Routine security reviews and incident response processes to handle emerging threats.

No system is flawless. If we ever discover a breach involving your data, we will notify you and the appropriate authorities in line with applicable laws.

Your choices & rights

Because DriveDr does not keep profiles, prompts, or stored media, there is little data for you to manage. Even so, you can always reach out if you need help.

  • Transparency: Ask us what transactional, usage, or error metadata is currently associated with your requests. We will confirm and share it, subject to legal requirements.
  • Deletion or restriction: Request that we remove remaining metadata sooner than the standard seven-day window, or pause additional processing tied to a transaction.
  • Appeals: Contact us if a rate limit or automated decision negatively impacts you. A real person will review the decision and respond.

Residents of the European Economic Area, United Kingdom, Switzerland, certain U.S. states, and other regions may have additional rights such as data portability or the right to lodge a complaint with a supervisory authority. We honor applicable requests even when the only data we hold is metadata.

DriveDr does not collect contact emails for marketing and does not send promotional messages.

Children and age requirements

DriveDr is designed for users who are at least 9 years old. We do not knowingly collect information from children under 9. If you believe someone under 9 has provided us with personal data, please notify us and we will remove it promptly.

International data movement

DriveDr is operated from the United States with infrastructure in multiple regions. When data is moved outside your home country, we rely on approved safeguards such as Standard Contractual Clauses or comparable agreements that require partners to protect your information.

Policy updates

We may update this Privacy Policy to reflect new features, service providers, or legal requirements. When we make material changes we will update the “Last updated” date, highlight the change inside the app or release notes, and provide time to review the new terms before they take effect.

Contacting us

If you have questions about this policy, need help with a privacy request, or want to appeal a response, reach out using the details below.

Privacy team

Email us anytime and we will respond within 48 hours, sooner for urgent security matters.

📬 [email protected]