AUTO PRINCESS LTD
PRIVACY POLICY
IMPORTANT LEGAL NOTICE: Please read this Privacy Policy carefully before downloading, installing, or using the Auto Princess mobile application or any associated services. This document constitutes a legally binding agreement between you and Auto Princess Ltd. By proceeding to use the Software, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy in their entirety. If you do not agree with any part of this Policy, you must not access or use the Software and must immediately uninstall any installed versions.
1. Controller Identity and Contact Information
The data controller responsible for your personal data is:
Auto Princess Ltd
Company Number: 17155826 (registered in England and Wales)
Registered Office: 71-75 Shelton St, London WC2H 9JQ
Email: support@autoprincess.com
Website: https://autoprincess.com
For all privacy-related enquiries, data subject access requests, objections, or complaints, please contact us in writing at the email address above. We will acknowledge your request within five (5) business days and provide a substantive response within one (1) calendar month in accordance with Article 12 UK GDPR. Where the complexity or volume of requests necessitates an extension, we will notify you within the initial one-month period and may extend the response period by a further two (2) calendar months, providing written reasons for the extension.
We are not currently required to appoint a Data Protection Officer (DPO) under Article 37 UK GDPR, as we do not engage in large-scale systematic monitoring of individuals or large-scale processing of special category data. Should our processing activities change such that appointment becomes mandatory, we will update this Policy accordingly and publish the DPO's contact details.
We are registered with the Information Commissioner's Office (ICO) under registration number 00014589025. Our supervisory authority for UK GDPR purposes is the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. You have the right to lodge a complaint with the ICO at any time by visiting www.ico.org.uk or by calling 0303 123 1113.
For users located in the European Economic Area (EEA): Auto Princess Ltd acts as a data controller in respect of EEA residents' personal data pursuant to the EU General Data Protection Regulation (EU) 2016/679. We have not appointed an EU representative under Article 27 EU GDPR at this time. EEA residents may contact us directly at support@autoprincess.com for matters relating to the processing of their personal data.
2. Scope and Application
This Privacy Policy governs the collection, processing, storage, disclosure, and use of personal data obtained through the following services (collectively, the "Software" or "Services"):
- The Auto Princess mobile application, available on iOS (Apple App Store) and Android (Google Play Store);
- The Auto Princess website located at https://autoprincess.com;
- The Auto Princess backend infrastructure, including Firebase Cloud Functions deployed in the europe-west2 (London) region;
- Any associated APIs, including but not limited to DVLA vehicle enquiry integrations and MOT History API integrations;
- Stripe-powered subscription and payment processing services;
- Any future services, features, or products offered under the Auto Princess brand, unless covered by a separate privacy notice.
This Policy applies to all users of the Software, including free-tier users, subscribers to Pro plans (monthly and annual), business account holders, and visitors to our website.
This Policy does not apply to third-party websites, applications, or services that may be linked to or from our Software. We are not responsible for the privacy practices of third parties, and we encourage you to review their privacy policies independently.
This Policy should be read alongside our Terms of Service, which is incorporated by reference herein. In the event of any conflict between this Policy and the Terms of Service, this Policy shall prevail in respect of matters relating to the processing of personal data.
3. Definitions
For the purposes of this Privacy Policy, the following definitions apply:
- "Personal Data" means any information relating to an identified or identifiable natural person, as defined in Article 4(1) UK GDPR.
- "Processing" means any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organisation, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
- "Data Subject" means the identified or identifiable natural person to whom personal data relates, being you, the user.
- "Controller" means the natural or legal person which determines the purposes and means of processing personal data. Auto Princess Ltd is the controller in respect of this Policy.
- "Processor" means a natural or legal person which processes personal data on behalf of the controller.
- "Consent" means any freely given, specific, informed, and unambiguous indication of the data subject's wishes, by which they signify agreement to the processing of personal data, pursuant to Article 7 UK GDPR.
- "Legitimate Interests" means our legitimate business interests in operating and improving our services, which have been assessed against your rights and freedoms.
- "Special Category Data" means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, sex life, or sexual orientation.
- "AI Model" means any machine learning model, neural network, statistical model, or artificial intelligence system trained or fine-tuned using your submitted data.
- "OBD-II" means On-Board Diagnostics version II, a standardised vehicle diagnostic interface and protocol.
- "Vehicle Passport" means the longitudinal vehicle record created and maintained within the Software, comprising accumulated diagnostic, service, and condition data associated with a specific vehicle registration.
- "Pro Plan" means either the monthly (currently £3.99/month) or annual (currently £29.99/year) subscription tier providing access to premium features within the Software.
- "Entitlement" means the access control record stored in our Firestore database under the path entitlements/{userId}, which governs whether a user may access Pro features.
4. Data We Collect and Lawful Basis
We collect and process several categories of personal data. For each category, we identify the specific data elements, the purpose of processing, and the lawful basis under Article 6 UK GDPR (and Article 9 where applicable). Where we rely on legitimate interests, we confirm that we have conducted and documented a Legitimate Interests Assessment (LIA) balancing our interests against your rights and freedoms.
4.1 Account and Identity Data
Data Collected:
- Email address (collected at registration via Firebase Authentication);
- User ID (a unique identifier assigned by Firebase Authentication upon account creation, stored as a UUID string);
- Display name (optional, if provided by you or populated from your Google/Apple sign-in credentials);
- Authentication method (email/password, Google OAuth, or Sign in with Apple);
- Account creation timestamp and last login timestamp;
- Account status (active, suspended, deleted);
- Entitlement status (free or pro) stored in Firestore at path entitlements/{userId}.
Purpose: To create and maintain your account, authenticate your identity, grant or restrict access to features based on your subscription tier, provide customer support, and contact you regarding your account.
Lawful Basis: Performance of a contract (Article 6(1)(b) UK GDPR). The processing of account data is necessary to provide you with the Software as agreed.
4.2 Vehicle and Diagnostic Data
Data Collected:
- Vehicle Registration Number (VRM), Make, Model, Fuel Type, Engine Size, Year of Manufacture, and Colour, as retrieved from the DVLA Vehicle Enquiry API upon user-initiated lookup;
- MOT history data retrieved from the DVLA MOT History API, including test dates, test results, advisory notices, failure reasons, mileage at test, and test station information;
- OBD-II diagnostic data, including Diagnostic Trouble Codes (DTCs), live sensor readings (engine RPM, coolant temperature, vehicle speed, fuel trim, throttle position, oxygen sensor values, mass airflow, intake manifold pressure), freeze frame data, and readiness monitor status, obtained via Bluetooth connection to an ELM327 OBD-II adapter;
- Vehicle Passport records, comprising accumulated historical diagnostic snapshots, fault records, service entries manually added by you, mileage records, and condition notes;
- Fault descriptions and symptom notes entered manually by you;
- AI-generated diagnostic reports and recommendations associated with a specific vehicle.
Purpose: To provide core diagnostic functionality, populate the Vehicle Passport, generate AI-assisted fault analysis and maintenance recommendations, and display MOT history.
Lawful Basis: Performance of a contract (Article 6(1)(b) UK GDPR), being the provision of diagnostic services. Where you voluntarily add service records or notes beyond what is required for core diagnostics, we additionally rely on your consent (Article 6(1)(a)).
4.3 Audio Data
Data Collected:
- Audio recordings captured via your device microphone when you explicitly activate the engine sound analysis feature, comprising short audio clips of vehicle engine and mechanical sounds;
- Derived metadata associated with each recording: timestamp, device type, device operating system version, app version, vehicle registration (if associated), and geographic region (country only, not precise location).
IMPORTANT DISCLOSURE: The Auto Princess application requests access to your device's microphone solely for the purpose of capturing engine and mechanical sounds when you actively use the audio analysis feature. The microphone is not activated at any other time. The application does not record ambient conversations, background audio unrelated to vehicle diagnostics, or any audio when the audio analysis screen is not actively open and recording.
Purpose: To perform AI-powered engine sound analysis for fault classification and diagnostic inference. Audio data is also used to expand and refine our machine learning sound classification dataset, subject to the AI training disclosure in Section 7.
Lawful Basis: Consent (Article 6(1)(a) UK GDPR). You are required to grant explicit microphone permission at the operating system level before any audio can be captured. You may revoke this permission at any time via your device settings, which will disable the audio analysis feature. We additionally rely on legitimate interests (Article 6(1)(f)) for the specific use of anonymised, non-reversible audio features in AI model training, having assessed that our interest in improving diagnostic accuracy is proportionate and does not override your rights.
4.4 Image and Visual Data
Data Collected:
- Photographs and images captured via your device camera when you explicitly activate the AR (Augmented Reality) visual inspection feature, comprising images of vehicle components, bodywork, tyres, or other vehicle elements you choose to photograph;
- Derived metadata associated with each image: timestamp, device type, device operating system version, app version, and vehicle registration (if associated). We do not extract or retain GPS EXIF data from images.
Purpose: To perform AI-powered visual inspection and condition assessment of vehicle components. Images are also used to expand our machine learning visual classification dataset, subject to the AI training disclosure in Section 7.
Lawful Basis: Consent (Article 6(1)(a) UK GDPR). Camera access requires explicit permission at the operating system level. You may revoke this at any time via your device settings, disabling the visual inspection feature.
4.5 Subscription, Payment, and Billing Data
Data Collected:
- Subscription tier (Free, Pro Monthly at £3.99/month, or Pro Annual at £29.99/year);
- Stripe Customer ID (a pseudonymous identifier assigned by Stripe, stored in our Firestore database, allowing us to manage your subscription and entitlement);
- Stripe Subscription ID and Payment Intent ID (stored to facilitate subscription management and webhook processing);
- Subscription status (active, cancelled, past_due, trialing), subscription start date, current period start and end dates, and cancellation date where applicable;
- Pro entitlement record stored in our Firestore database at path entitlements/{userId}, containing the fields: status (pro/free), stripeCustomerId, stripeSubscriptionId, planType, currentPeriodEnd, and updatedAt timestamp;
- Payment method type (e.g., card, not full card details);
- Transaction amounts and currency (GBP);
- Billing-related email communications sent to your registered email address.
CRITICAL: Auto Princess Ltd does not collect, store, or process your full payment card number, CVV/CVC, bank account details, or any other full financial credentials. All payment transactions are processed exclusively by Stripe Technology Europe Limited, which acts as an independent data controller for payment processing. Your complete card data is transmitted directly to Stripe and is never accessible to Auto Princess systems. Please review Stripe's Privacy Policy at https://stripe.com/gb/privacy for details of how Stripe processes your payment data.
Purpose: To process subscription payments, manage your Pro entitlement, gate access to premium features (requirePro Cloud Function enforcement), handle subscription renewals, cancellations, and failed payment events via Stripe webhooks, and provide billing-related customer support.
Lawful Basis: Performance of a contract (Article 6(1)(b) UK GDPR). Processing subscription and billing data is necessary to fulfil and manage your paid subscription.
4.6 Device and Technical Data
Data Collected:
- Device type and model;
- Operating system and version (iOS or Android);
- Application version number and build number;
- Firebase Installation ID (a pseudonymous identifier assigned by Firebase to your app installation, distinct from your user account);
- Firebase App Check attestation tokens (generated by Apple App Attest on iOS or Google Play Integrity API on Android), which are cryptographic tokens confirming the Software is genuine and unmodified. These tokens are verified server-side and are not stored;
- IP address (collected transiently by Firebase infrastructure for request routing and security purposes; not persistently stored by us);
- Error logs, crash reports, and performance metrics collected via Firebase Crashlytics and Firebase Performance Monitoring;
- App session data including feature interaction logs (which screens accessed, features used, session start and end times).
Purpose: To ensure the technical operation and security of the Software, detect and fix bugs and crashes, monitor application performance, prevent fraudulent or abusive use, enforce API security via Firebase App Check, and understand feature usage patterns to inform product development.
Lawful Basis: Legitimate interests (Article 6(1)(f) UK GDPR). We have a legitimate interest in maintaining the security, stability, and integrity of the Software, and in understanding how users interact with it to improve our services. We have assessed that this processing does not override your interests, rights, or freedoms, as the data is pseudonymous, technical in nature, and not used for profiling or advertising purposes.
4.7 DVLA API Data
When you enter a vehicle registration number and initiate a lookup, our Cloud Function (dvlaLookup, deployed to europe-west2) makes a server-side request to the DVLA Vehicle Enquiry Service API on your behalf. The data retrieved and stored by us is limited to the vehicle's technical and registration attributes (as listed in Section 4.2 above). We do not receive, store, or process the registered keeper's name or address from DVLA. Your vehicle registration number is processed by the DVLA under their own privacy notice, available at https://www.gov.uk/government/organisations/driver-and-vehicle-licensing-agency.
4.8 Data We Do Not Collect
We explicitly confirm that Auto Princess does not intentionally collect or store:
- Full payment card numbers, bank account details, sort codes, or financial credentials of any kind;
- Driving licence number or driving licence images;
- Passport, national identity card, or government-issued photographic identification documents;
- Insurance policy documents or insurance credentials;
- Precise real-time GPS location data (we collect country-level region from device locale settings only);
- Contacts from your device address book;
- Contents of other apps on your device;
- Biometric data as defined under Article 9 UK GDPR (e.g., fingerprints, facial geometry). Note: Face ID or Touch ID may be used at the device OS level for authentication unlock, but biometric data is processed exclusively by your device's secure enclave and is never transmitted to or accessible by Auto Princess systems;
- Health or medical data;
- Children's personal data (the Software is not directed at persons under 18 years of age).
5. Automated Processing and the Paywall System
5.1 Pro Feature Gating (Paywall)
Access to premium (Pro) features within the Software is controlled through an automated entitlement system operating as follows:
- When you initiate a subscription via the in-app subscription screen, you are redirected to a Stripe-hosted checkout page. You complete payment directly on Stripe's platform.
- Upon successful payment, Stripe transmits a secure webhook event (checkout.session.completed or invoice.payment_succeeded) to our stripeWebhook Cloud Function, deployed to europe-west2.
- The stripeWebhook function verifies the webhook signature using our Stripe webhook signing secret to confirm the event is authentic and originated from Stripe.
- Upon verified payment, the function writes your Pro entitlement record to Firestore at path entitlements/{userId}, setting status to "pro", recording your Stripe Customer ID, Stripe Subscription ID, plan type, and current period end date.
- When you attempt to access a Pro feature within the app, our requirePro Cloud Function verifies your entitlement record in real-time. If status is "pro" and the subscription period is current, access is granted. If the entitlement is absent, expired, or set to "free", access is denied and you are shown an informational screen describing available plans.
- For subscription renewals, Stripe sends invoice.payment_succeeded webhook events at each billing cycle, and the entitlement record is updated accordingly. For cancellations or payment failures, invoice.payment_failed and customer.subscription.deleted events update the entitlement status and restrict Pro access at period end.
No human intervention is involved in the routine granting or revocation of Pro access. Entitlement decisions are made programmatically based on verified Stripe webhook data.
5.2 Automated Decision-Making and Profiling
The entitlement system described in Section 5.1 constitutes automated decision-making within the meaning of Article 22 UK GDPR insofar as it produces a decision (access granted or denied) with a legal or similarly significant effect on you. However, this processing is necessary for the performance of a contract between you and Auto Princess Ltd, being your subscription agreement. You have the right to request human review of any automated entitlement decision by contacting us at support@autoprincess.com.
Beyond entitlement gating, we do not use your personal data to create profiles for the purposes of targeted advertising, personalised pricing (other than the published subscription tiers), or any other form of automated profiling that produces significant effects on you.
5.3 In-App Purchase Compliance
The Auto Princess mobile application does not include tappable external links or in-app mechanisms that direct users to complete payment outside the app in a manner that would contravene Apple App Store Review Guideline 3.1.1 or the Google Play Developer Distribution Agreement. Payment flows are presented via informational screens describing available plans. All payment processing for subscriptions initiated through the iOS or Android app is conducted via Stripe-hosted web checkout pages accessed through the device browser, or through Apple In-App Purchase or Google Play Billing where required by the respective platform's policies.
6. Cookies, Tracking, and Analytics
6.1 Mobile Application
The Auto Princess mobile application does not use browser cookies, as it is a native mobile application. The application does use the following tracking and analytics technologies:
- Firebase Analytics SDK: Collects anonymous, aggregated usage statistics including event counts, session duration, feature usage frequency, and crash rates. Firebase Analytics data is pseudonymised at collection and aggregated before being made available in our analytics dashboard. This data does not identify you individually.
- Firebase Crashlytics: Collects crash reports and error logs tied to a pseudonymous installation identifier. In the event of a crash, a report containing the stack trace, device type, OS version, and app version is transmitted to Google Firebase servers.
- Firebase Performance Monitoring: Collects anonymised data regarding network request latency, screen rendering times, and app startup duration.
Lawful Basis: Legitimate interests (Article 6(1)(f) UK GDPR). We have a legitimate interest in monitoring application stability and performance. You may opt out of Firebase Analytics data collection within the app's Settings screen.
6.2 Website
Our website at https://autoprincess.com may use the following cookie categories:
- Strictly Necessary Cookies: Required for the website to function. These cannot be disabled. They include session management cookies and security tokens.
- Analytics Cookies: Used to understand visitor behaviour in aggregate (e.g., pages visited, time on site). These are only placed with your consent via our cookie consent banner, in accordance with the Privacy and Electronic Communications Regulations 2003 (PECR).
- Functional Cookies: Remember your preferences (e.g., language selection). Placed only with your consent.
Marketing or advertising cookies are not used on our website. A full cookie declaration, listing each cookie by name, provider, type, and retention period, is available at https://autoprincess.com/cookies and is updated whenever our cookie usage changes.
Consent for non-essential cookies is obtained via our cookie consent management tool displayed on first visit to the website. You may withdraw consent or change your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of the website.
Lawful Basis: Strictly necessary cookies are processed under the basis of our legitimate interests in operating the website. All other cookies are placed on the basis of your consent, in compliance with PECR and UK GDPR Article 6(1)(a).
7. Artificial Intelligence and Machine Learning Data Processing
7.1 Overview of AI Processing
The Software incorporates artificial intelligence and machine learning systems powered primarily by Google Gemini APIs. These systems provide diagnostic reasoning, audio-based fault classification, image-based visual inspection, and natural language diagnostic explanations. This section provides full disclosure of how your data is used in connection with these AI systems.
7.2 Real-Time AI Inference
When you use AI-powered features within the Software, the following data is transmitted to AI processing services for the purpose of generating a diagnostic response:
- For audio analysis: processed audio features derived from your engine sound recording, alongside vehicle metadata. Raw audio may be transmitted to the Gemini API for analysis.
- For image analysis: the image you capture using the camera feature, alongside vehicle metadata.
- For OBD-II diagnostic interpretation: fault codes, sensor readings, and vehicle metadata.
- For natural language queries: the text you enter and relevant vehicle context.
This inference-time processing is conducted under the terms of Google LLC's API usage policies. Data transmitted for inference purposes is processed by Google's infrastructure and is governed by Google's applicable data processing terms. We do not grant Google the right to use your identifiable personal data for Google's own model training in this context, and our API agreement with Google includes appropriate data processing protections. Please review Google's Generative AI Prohibited Use Policy and API Terms of Service for further information.
7.3 AI Training Data Collection and Use
CRITICAL DISCLOSURE: Auto Princess actively collects and uses user-submitted data to train, fine-tune, evaluate, and improve our proprietary AI and machine learning models. By using the Software and submitting data, you grant Auto Princess Ltd the rights described below. Please read this section carefully.
The following categories of data may be used for AI training purposes:
- Audio recordings and derived audio features submitted via the engine sound analysis feature;
- Images submitted via the visual inspection (AR camera) feature;
- OBD-II diagnostic data, DTCs, and associated sensor readings;
- Diagnostic queries submitted in text form;
- Feedback you provide on AI diagnostic results (e.g., whether a diagnosis was accurate);
- Anonymised usage patterns relevant to feature performance.
Before being used in AI training, data is subjected to the following processing steps:
- Disassociation from direct identifiers: your email address, display name, and Stripe Customer ID are removed before data is used for training.
- Vehicle registration numbers may be retained in training data to anchor diagnostic context, but are not used to identify you as an individual.
- Data is aggregated with similar data from other users to create training datasets.
7.4 Intellectual Property Licence for AI Training Data
By submitting audio recordings, images, text inputs, or other data through the Software, you grant Auto Princess Ltd a worldwide, irrevocable, perpetual, royalty-free, non-exclusive licence to use, reproduce, modify, adapt, publish, translate, distribute, process, and create derivative works from such data, including for the purposes of training, evaluating, and improving AI and machine learning models used within the Software or in future Auto Princess products and services.
This licence is granted in addition to, and does not replace, any rights Auto Princess Ltd holds over AI training data as the data controller under UK GDPR on the basis of legitimate interests (for anonymised or pseudonymised training data) or under the terms of this Privacy Policy.
7.5 The Irreversibility of AI Model Training
IMPORTANT LIMITATION ON ERASURE RIGHTS: You should be aware that once your data has been used to train a machine learning model, it is not technically possible to identify and remove the influence of that specific data from the trained model's weights, parameters, or representations. This is an inherent technical characteristic of how neural networks and statistical learning systems function, as recognised by the UK ICO and addressed in Recital 26 of UK GDPR, which provides that the principles of data protection do not apply to anonymous information. Where your data has been genuinely anonymised prior to or as a result of model training (such that you cannot be identified from the model weights), it falls outside the scope of UK GDPR and your erasure rights do not extend to it. Where your data has been pseudonymised but not fully anonymised within training datasets, we will honour erasure requests in respect of those dataset copies to the extent technically feasible.
In practical terms: if you request deletion of your account and personal data, we will:
- Delete your account record, authentication credentials, and directly identifying information from our live systems within 30 days;
- Delete your vehicle records, Vehicle Passport data, diagnostic logs, and entitlement records from Firestore within 30 days;
- Suppress or delete any pseudonymised training data records that can be linked to your user ID from our training datasets to the extent technically feasible;
- Not be able to remove your data's influence from AI model weights that have already been trained, where such data has been anonymised as part of the training process.
7.6 Sound Classification Dataset
Auto Princess maintains a proprietary sound classification dataset, currently comprising labelled audio clips of vehicle engine and mechanical sounds. This dataset is used to train fault classification models. Audio data contributed to this dataset is anonymised prior to dataset inclusion by removing direct identifiers. The dataset is stored securely within our infrastructure and is not sold, licensed, or shared with third parties, except as part of a business transfer as described in Section 10.
8. How We Use Your Personal Data
The following table summarises all purposes for which we process personal data, cross-referenced to the data categories in Section 4 and the lawful bases in Section 4:
- Account Management: Maintaining your user account, authenticating your identity, and enabling login. [Basis: Contract]
- Service Delivery: Providing vehicle diagnostic features, Vehicle Passport, MOT history lookup, OBD-II analysis, audio analysis, and visual inspection. [Basis: Contract]
- Subscription and Payment Management: Processing Pro subscriptions, managing entitlements, handling renewals and cancellations via Stripe webhooks. [Basis: Contract]
- Pro Feature Gating: Enforcing access controls to restrict premium features to verified Pro subscribers via the requirePro Cloud Function. [Basis: Contract]
- AI Inference: Transmitting relevant data to AI APIs (Google Gemini) to generate diagnostic responses in real-time. [Basis: Contract and Legitimate Interests]
- AI Model Training and Improvement: Using anonymised and pseudonymised user data to train and improve our proprietary diagnostic AI models. [Basis: Legitimate Interests, supplemented by Consent for audio and image data]
- Security and Fraud Prevention: Monitoring for fraudulent activity, API abuse, and security threats. Enforcing App Check attestation. [Basis: Legitimate Interests and Legal Obligation]
- Bug Fixing and Performance Monitoring: Collecting crash reports and performance metrics to identify and resolve technical issues. [Basis: Legitimate Interests]
- Product Analytics: Understanding aggregate feature usage to inform product development decisions. [Basis: Legitimate Interests]
- Legal Compliance: Processing data as required by applicable law, including responding to lawful requests from regulators and law enforcement. [Basis: Legal Obligation]
- Customer Support: Processing your communications with our support team to resolve your enquiries. [Basis: Contract and Legitimate Interests]
- Service Notifications: Sending transactional emails relating to your account, subscription status, and significant service changes. [Basis: Contract]
We do not use your personal data for marketing or promotional purposes without your separate, explicit opt-in consent. We do not sell your personal data to third parties. We do not use your personal data for targeted advertising.
9. Data Sharing and Third-Party Processors
We do not sell, rent, or trade your personal data to third parties. We share your personal data only in the following circumstances:
9.1 Service Providers (Data Processors)
We engage the following third-party data processors, each operating under a written data processing agreement with Auto Princess Ltd and bound by appropriate data protection obligations:
- Google LLC / Firebase (Cloud Infrastructure): Firebase Authentication, Cloud Firestore, Cloud Functions, Firebase Hosting, Firebase Analytics, Firebase Crashlytics, Firebase Performance Monitoring, and Firebase App Check are provided by Google LLC. Data is stored in the europe-west2 (London) region for our primary Firebase infrastructure. Analytics and Crashlytics data may be processed in the United States (see Section 11 regarding international transfers). Privacy Policy: https://policies.google.com/privacy.
- Google LLC (Gemini AI APIs): AI inference requests are processed by Google's Gemini API infrastructure. Data submitted for inference is subject to Google's API data processing terms.
- Stripe Technology Europe Limited (Payment Processing): Stripe processes all subscription payment transactions. Stripe is authorised as a payment institution by the Central Bank of Ireland. Stripe acts as an independent data controller for payment card data and as our data processor for subscription management data. Privacy Policy: https://stripe.com/gb/privacy.
- DVLA (Government API): Vehicle registration lookup and MOT history queries are made to the Driver and Vehicle Licensing Agency's APIs. The DVLA is an executive agency of the UK Government and processes data under its own statutory authority and privacy notice.
- [Any additional processors, e.g., customer support tooling, email delivery service, to be listed here prior to launch].
9.2 Legal and Regulatory Disclosure
We may disclose your personal data to law enforcement agencies, regulatory authorities, courts, or other public bodies where we are required to do so by applicable law, court order, or other legal process, or where such disclosure is necessary to protect our legal rights, enforce our Terms of Service, or prevent fraud or illegal activity. Where legally permissible, we will notify you of any such disclosure.
9.3 Business Transfers
In the event that Auto Princess Ltd undergoes a merger, acquisition, asset sale, restructuring, insolvency, or other business transfer, your personal data may be transferred to the acquiring entity or successor as part of the assets of the business. We will notify you via email or prominent in-app notice before your personal data is transferred under such circumstances and becomes subject to a different privacy policy.
9.4 Aggregated and Anonymised Data
We may share aggregated, anonymised statistical data with third parties, including investors, research partners, or industry bodies, where such data cannot reasonably be used to identify any individual. This does not constitute sharing of personal data.
10. International Data Transfers
Auto Princess Ltd is incorporated in England and Wales, and our primary data processing infrastructure (Firebase Cloud Functions and Firestore) is deployed in the europe-west2 (London) region within the United Kingdom. However, certain third-party processors may process your data outside the UK and EEA:
- Google LLC is headquartered in the United States. Firebase Analytics and Crashlytics data, and Gemini API inference requests, may be processed on Google's US-based infrastructure. Google LLC participates in the UK Extension to the EU-US Data Privacy Framework (or such equivalent adequacy mechanism as is in force at the time of processing) and relies on Standard Contractual Clauses (SCCs) for UK-to-US data transfers where required. Our Data Processing Agreement with Google incorporates the appropriate transfer mechanisms under Article 46 UK GDPR.
- Stripe Technology Europe Limited is established in Ireland and primarily processes European payment data within the EEA. Cross-border transfers by Stripe are governed by Stripe's own transfer mechanisms, including SCCs where applicable.
Where we transfer personal data outside the UK, we ensure that one of the following safeguards applies: an adequacy decision by the Secretary of State; Standard Contractual Clauses approved under Article 46 UK GDPR; or another appropriate safeguard recognised under UK data protection law. You may request copies of the relevant transfer safeguard documentation by contacting us at support@autoprincess.com.
For EEA residents: transfers of your personal data from the EEA to the UK are permitted on the basis of the European Commission's adequacy decision in respect of the United Kingdom (Commission Implementing Decision (EU) 2021/1772). Transfers from the EEA to the United States by our processors are governed by the applicable EU SCCs.
11. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. The following retention periods apply:
- Account Data (email, Firebase UID, display name): Retained for the duration of your account, plus 2 years following account deletion or closure, to allow resolution of any disputes or legal claims arising during the period of use.
- Vehicle and Diagnostic Data (VRM, OBD-II readings, DTCs, Vehicle Passport records): Retained for the duration of your account. Deleted within 30 days of a valid account deletion request.
- Audio Recordings (raw): Retained for a maximum of 90 days following capture, after which raw recordings are deleted. Derived audio features and anonymised training data extracted from recordings may be retained indefinitely as part of our AI training dataset.
- Image Data (raw): Retained for a maximum of 90 days following capture. Derived features and anonymised training data extracted from images may be retained indefinitely.
- Subscription and Payment Records: Retained for 7 years from the date of the relevant transaction, in compliance with the Companies Act 2006 accounting record retention requirements and HMRC obligations.
- Stripe Customer ID and Subscription ID: Retained for the duration of the subscription plus 7 years.
- Entitlement Records (Firestore entitlements/{userId}): Retained for the duration of your account plus 2 years.
- Device and Technical Logs, Error Logs, and Crash Reports: Retained for 90 days.
- Firebase Analytics Data: Aggregated and anonymised; retained for up to 14 months in line with Firebase default settings, after which event-level data is deleted.
- Customer Support Communications: Retained for 3 years from the date of the last communication in a support thread.
- AI Training Dataset Records (anonymised): Retained indefinitely, as they no longer constitute personal data following anonymisation.
Following the expiry of the applicable retention period, data is either securely deleted or irreversibly anonymised. We conduct periodic data audits to ensure retention practices are maintained.
12. Your Rights Under UK GDPR and EU GDPR
As a data subject, you have the following rights in respect of your personal data. We will respond to all rights requests within one (1) calendar month of receipt, extendable by a further two (2) months in complex or multiple cases, with written notification of any extension.
12.1 Right of Access (Article 15)
You have the right to obtain confirmation of whether we process personal data about you, and if so, to receive a copy of that personal data together with information about the purposes of processing, categories of data, recipients, retention periods, and your other rights. We will provide this information free of charge, unless your request is manifestly unfounded or excessive, in which case a reasonable fee may be charged.
12.2 Right to Rectification (Article 16)
You have the right to request correction of inaccurate personal data and completion of incomplete personal data concerning you. Where technically feasible, you may update certain account details (such as your display name) directly within the app settings.
12.3 Right to Erasure (Article 17)
You have the right to request deletion of your personal data where: it is no longer necessary for the purposes for which it was collected; you withdraw consent and no other lawful basis applies; you object to processing based on legitimate interests and our interests do not override yours; the data has been unlawfully processed; or erasure is required for compliance with a legal obligation.
Important limitation: As described in Section 7.5, data that has been used in AI model training and has been anonymised as part of that process cannot be retroactively identified or removed from trained model weights. This is a technically unavoidable limitation, consistent with ICO guidance on anonymisation.
12.4 Right to Restriction of Processing (Article 18)
You have the right to request restriction of processing in certain circumstances, including where you contest the accuracy of the data, where processing is unlawful but you oppose erasure, where we no longer need the data but you require it for legal claims, or where you have objected to processing pending verification of our legitimate grounds.
12.5 Right to Data Portability (Article 20)
Where processing is based on consent or contract, and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format (JSON), and to request that we transmit it to another controller where technically feasible. To exercise this right, contact us at support@autoprincess.com.
12.6 Right to Object (Article 21)
You have the right to object at any time to processing of your personal data where we rely on legitimate interests as the lawful basis. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or where processing is necessary for the establishment, exercise, or defence of legal claims. You have an absolute right to object to processing for direct marketing purposes (we do not engage in such processing without your prior opt-in consent).
12.7 Rights in Relation to Automated Decision-Making (Article 22)
You have the right not to be subject to a decision based solely on automated processing which produces legal or similarly significant effects concerning you, except where necessary for a contract, authorised by law, or based on explicit consent. As described in Section 5.2, our entitlement gating system constitutes automated decision-making within the scope of Article 22. You have the right to request human review of any automated entitlement decision.
12.8 Right to Withdraw Consent (Article 7)
Where we rely on your consent as the lawful basis for processing (specifically, microphone access for audio analysis and camera access for image analysis), you have the right to withdraw that consent at any time without detriment. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. You may withdraw consent by revoking the relevant app permission in your device's operating system settings, or by contacting us at support@autoprincess.com.
12.9 Right to Lodge a Complaint
You have the right to lodge a complaint with the supervisory authority at any time. For UK residents, the relevant supervisory authority is:
Information Commissioner's Office (ICO)
Website: https://www.ico.org.uk
Telephone: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
For EEA residents, the relevant supervisory authority is the data protection authority in your country of residence or the country where the alleged infringement occurred.
We would, however, appreciate the opportunity to address your concerns before you contact the ICO, and we encourage you to contact us at support@autoprincess.com in the first instance.
To exercise any of the above rights, please contact us at support@autoprincess.com, providing sufficient information to verify your identity. We will not charge a fee for exercising your rights unless your request is manifestly unfounded, excessive, or repetitive, in which case a reasonable administrative fee may be applied.
13. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, alteration, disclosure, or misuse. Our current security measures include:
- Encryption in transit: All data transmitted between the mobile application and our backend infrastructure is encrypted using Transport Layer Security (TLS) 1.2 or higher.
- Encryption at rest: Data stored in Firebase Firestore and Firebase Storage is encrypted at rest using AES-256 encryption by Google Cloud Platform.
- Firebase App Check: All API calls to our Cloud Functions are verified using Firebase App Check, which uses Apple App Attest (iOS) and Google Play Integrity API (Android) to confirm that requests originate from genuine, unmodified versions of the Auto Princess application, preventing API abuse.
- Access control: Access to our Firebase project, Cloud Functions, and Firestore data is restricted to authorised personnel and enforced through Google Cloud IAM (Identity and Access Management) policies.
- Firestore Security Rules: Database access is governed by Firestore Security Rules that enforce user-level data isolation: users may only access their own records, and Pro entitlement records are read-only from the client side and writable only by server-side Cloud Functions.
- Stripe webhook signature verification: All Stripe webhook payloads are verified using HMAC signature verification prior to processing, preventing fraudulent webhook injection.
- Secret management: API keys, Stripe secrets, and webhook signing secrets are stored using Google Cloud Secret Manager and are not hardcoded in application source code.
- Network security: Cloudflare provides DNS management and Web Application Firewall (WAF) protection for our web infrastructure.
Despite these measures, no data transmission over the internet or data storage system can be guaranteed to be 100% secure. We cannot guarantee absolute security of your data and accept no liability for unauthorised access that is beyond our reasonable control, subject to our obligations under applicable law.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of the breach, in accordance with Article 33 UK GDPR. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay, in accordance with Article 34 UK GDPR.
14. Children's Data and Age Restrictions
The Software is intended for use by individuals aged 18 (eighteen) years or older. We do not knowingly collect personal data from individuals under the age of 18.
We do not specifically verify the age of users at registration. However, by creating an account and using the Software, you represent and warrant that you are at least 18 years of age. If you are a parent or guardian and believe that a child under 18 has provided personal data to us without your consent, please contact us immediately at support@autoprincess.com, and we will take steps to delete such data from our systems.
We recognise our obligations under the UK Children's Code (Age Appropriate Design Code) (Information Commissioner's Office, 2021). The Software is not directed at children under 18, does not include features designed to engage children, and does not knowingly process children's data. We will not knowingly retain personal data belonging to a minor.
15. App Store Specific Disclosures
15.1 Apple App Store
The Auto Princess application is distributed on the Apple App Store. Users downloading or using the application via Apple platforms should be aware of the following:
- Sign in with Apple: If you choose to authenticate using Sign in with Apple, Apple may relay your email address to us either directly or in a relay form. We process this email address as part of your account data. Apple's privacy practices are governed by Apple's Privacy Policy at https://www.apple.com/legal/privacy/.
- App Store Privacy Nutrition Label: We maintain an App Store privacy nutrition label consistent with this Privacy Policy. The label accurately discloses data collected, data linked to you, and data used to track you. We do not use data for tracking as defined by Apple's App Tracking Transparency framework and do not request the AppTrackingTransparency permission.
- Microphone and Camera Permissions: iOS permission strings (NSMicrophoneUsageDescription and NSCameraUsageDescription) accurately describe the purpose of microphone and camera access as engine sound analysis and vehicle visual inspection respectively.
15.2 Google Play Store
The Auto Princess application is distributed on the Google Play Store under package identifier com.autoprincess.app. Users downloading or using the application via Google Play should be aware of the following:
- Data Safety Section: We maintain a Google Play Data Safety declaration consistent with this Privacy Policy, accurately disclosing data collected, shared, and security practices.
- Play Integrity API: We use the Google Play Integrity API as part of our Firebase App Check implementation on Android to verify the authenticity of API requests. Google Play Integrity data is not used for any purpose beyond security attestation.
- Android Permissions: The application requests microphone (RECORD_AUDIO) and camera (CAMERA) permissions, used solely for engine sound analysis and visual inspection features respectively. Bluetooth permissions are requested for OBD-II adapter communication.
16. Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. We will notify you of material changes through one or more of the following methods:
- An in-app notification displayed upon your next login following the change;
- An email to your registered email address;
- A prominent notice on our website at https://autoprincess.com.
For non-material changes (such as corrections of typographical errors or clarifications that do not affect your rights), we will update the "Last Updated" date at the top of this Policy without separate notification. Material changes will be indicated by an updated version number.
Where a proposed change involves new or different processing of your personal data that requires your consent, we will request your consent before implementing the change. Your continued use of the Software following notification of material changes constitutes your acceptance of the revised Policy only where consent is not required. Where consent is required, continued use does not substitute for it.
Previous versions of this Privacy Policy are archived and available upon request by contacting us at support@autoprincess.com. A version history is maintained below:
- Version 1.0 - 27 March 2026: Initial Privacy Policy.
- Version 2.0 - 27 June 2026: Comprehensive revision; added lawful basis statements, AI training disclosure, paywall processing disclosure, international transfer mechanisms, expanded data subject rights, App Store disclosures, and full subprocessor list.
17. Governing Law and Jurisdiction
This Privacy Policy is governed by and construed in accordance with the laws of England and Wales. Any dispute arising out of or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of England and Wales, save that nothing in this clause shall limit your rights to bring proceedings before your local courts or before your relevant national supervisory authority under applicable data protection law.
For EEA users: Nothing in this Privacy Policy limits your rights under EU GDPR or your right to bring proceedings before your national data protection supervisory authority or courts.
18. Contact Information and Complaints
For all privacy-related queries, data subject access requests, or complaints, please contact:
Auto Princess Ltd — Data Privacy
Email: support@autoprincess.com
Website: https://autoprincess.com
Post: 71-75 Shelton St, London WC2H 9JQ
We are committed to working with you to resolve any concerns about our processing of your personal data. If you remain dissatisfied after contacting us, you have the right to lodge a complaint with the ICO at https://www.ico.org.uk.
← Back to home