Privacy Policy

Effective Date: January 1st, 2026

Version: 1.0

Table of Contents

  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. How We Protect Your Information
  5. Data Sharing and Third Parties
  6. Data Retention
  7. Your Privacy Rights
  8. Children's Privacy
  9. Changes to This Privacy Policy
  10. Contact Us

Introduction

Welcome to Total Loss Tool Kit. We are committed to protecting your privacy and being transparent about how we collect, use, and protect your personal information. This Privacy Policy explains our practices regarding data collection and your rights as a user.

Our service helps vehicle owners obtain comprehensive valuation reports for insurance negotiations. We take the sensitivity of vehicle-related data seriously and have implemented measures to protect your information.

Information We Collect

Account Information

When you create an account with us, we collect:

  • Name (first and last)
  • Email address
  • Password (stored securely using industry-standard encryption)

Vehicle Information

To provide valuation reports, we collect:

  • Vehicle Identification Numbers (VINs) - We recognize that VINs are sensitive data as they can be linked to personal vehicle ownership records and may reveal information about your vehicle and insurance claims
  • Vehicle Mileage - This data is not considered sensitive or private but is handled in the same manner as VIN data

Technical Information

We automatically collect certain information when you use our service:

  • IP addresses - Used for security, fraud prevention, and general analytics
  • Usage data and analytics - We use standard software to collect information about how you interact with our website, including pages visited, features used, and time spent on our platform

Payment Information

We do not directly collect or store payment information. All payment processing is handled securely by:

  • Lemon Squeezy - These third-party payment processors collect and process payment card information according to their own privacy policies and PCI-DSS compliance standards

How We Use Your Information

We use the information we collect for the following purposes:

To Provide Our Services

  • Generate comprehensive vehicle valuation reports using VIN data
  • Access premium vehicle data through our third-party API providers
  • Maintain and manage your user account
  • Process your payments through our payment processors

To Improve Our Services

  • Analyze usage patterns to enhance user experience
  • Monitor and improve platform performance
  • Develop new features and services

To Communicate With You

  • Send service-related notifications (report delivery, account updates)
  • Respond to your inquiries and support requests
  • Provide customer service

Future Marketing Communications (With Your Consent)

  • We may send promotional emails, newsletters, or special offers in the future
  • You will have the ability to opt-out of marketing communications at any time
  • You will receive clear notice and obtain your consent before initiating any marketing communications

How We Protect Your Information

We take the security of your personal information seriously and implement multiple layers of protection:

Data Storage

  • All user data is stored on Supabase, a secure cloud database platform
  • Data is transmitted using industry-standard SSL/TLS encryption

Access Controls

  • We implement strict access controls limiting who can view or handle sensitive data
  • Only authorized personnel have access to user information on a need-to-know basis
  • VIN data receives additional protection due to its sensitive nature

Security Measures

  • Regular security assessments and updates
  • Password protection using secure hashing algorithms
  • Monitoring for unauthorized access attempts

VIN Data Protection

Because VINs are considered sensitive personal identifiers that can be linked to vehicle ownership:

  • We limit VIN data access to essential operations only
  • VINs are only shared with trusted API providers necessary for generating your reports
  • We do not sell or share VIN data with third parties for marketing purposes

Please note: While we implement robust security measures, no method of electronic storage or internet transmission is 100% secure. We cannot guarantee absolute security but continuously work to protect your information.

Data Sharing and Third Parties

Third-Party Service Providers

We share limited information with trusted third-party providers who help us deliver our services:

Vehicle Data API Providers:

We use multiple third-party API providers to generate vehicle valuation reports. These providers receive VIN data solely to generate vehicle valuation reports. They operate under their own privacy policies and are contractually obligated to protect your information.

Payment Processors:

  • Lemon Squeezy handles all payment transactions
  • We do not have access to your full payment card details
  • Payment processors maintain PCI-DSS compliance

What We Don't Do

  • We do not sell your personal information to third parties
  • We do not share your VIN data for marketing purposes
  • We do not provide your information to data brokers

Legal Requirements

We may disclose your information if required by law, such as:

  • In response to valid legal processes (subpoenas, court orders)
  • To protect our rights, property, or safety
  • To prevent fraud or security threats

Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

Active Accounts

  • Account information and VIN submissions are retained while your account is active
  • Historical reports remain accessible through your account dashboard

Account Deletion

  • Upon request, we will delete your account and associated personal information
  • Some information may be retained for legal or business purposes (e.g., transaction records for tax compliance)
  • Backups may retain data for up to 90 days before permanent deletion

Automated Deletion

  • We are developing automated data retention and deletion processes
  • Users will have control over their data retention preferences

Your Privacy Rights

You have important rights regarding your personal information:

Right to Access

  • You can request a copy of the personal information we hold about you
  • Contact us through our website contact form to request your data

Right to Correction

  • You can update your account information at any time through your account settings
  • Contact us if you need assistance correcting your information

Right to Deletion

  • You can request deletion of your personal information
  • Account deletion can be initiated through your account settings or by contacting us
  • Note: Some information may be retained for legal compliance purposes

Right to Opt-Out

  • You can opt-out of future marketing communications (when implemented)
  • You can request that we stop processing your data for certain purposes

California Residents (CCPA Rights)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (note: we do not sell personal information)
  • Right to non-discrimination for exercising your CCPA rights

To Exercise Your Rights: Submit a request through our contact form on the website. We will respond to your request within 30 days.

Children's Privacy

Our service is designed for vehicle owners and insurance claimants. We do not knowingly collect personal information from individuals under the age of 16. By using our service, you confirm that you are at least 16 years of age.

If we discover that we have inadvertently collected information from someone under 16, we will promptly delete that information. If you believe we may have collected information from a minor, please contact us immediately through our contact form.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When We Make Changes:

  • We will update the "Effective Date" at the top of this policy
  • We will update the version number
  • For significant changes, we will notify you via email or through a prominent notice on our website
  • Your continued use of our service after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Contact Method: Use the contact form available on our website

We aim to respond to all privacy-related inquiries within 5-7 business days.

Last Updated: January 1st, 2026

This Privacy Policy is designed to comply with applicable privacy laws including CCPA (California Consumer Privacy Act) and general privacy best practices. Users are advised to read this policy carefully and contact us with any questions.