Privacy Policy

PRIVACY POLICY

Last updated: January 19, 2026

1. INTRODUCTION

This Privacy Policy explains how MindDrive AI-OBD & Performance ("the App", "we", "us", "our") collects, uses, and protects information when you use the application.

Your privacy is important to us, and we are committed to being transparent about how data is handled.

Data Controller: MindDrive AI-OBD & Performance (tuneaiobd@gmail.com)

2. DATA COLLECTED FROM THE VEHICLE (OBD)

The App communicates with a vehicle via an OBD (On-Board Diagnostics) interface to retrieve publicly available vehicle diagnostic and sensor information, such as:

• Vehicle Identification Number (VIN)

• OBD standard type

• Engine type and specifications

• Fuel type

• Sensor readings (voltage, speed, temperature, RPM, etc.)

• Diagnostic Trouble Codes (DTCs)

• Other non-personal diagnostic data supported by the vehicle

Legal Basis: Legitimate interest in providing diagnostic functionality

Important:

• No live sensor or diagnostic data is stored permanently

• OBD data is processed only in memory to display information to the user

• OBD data is not shared with third parties

• No personal data is collected from the vehicle

3. VEHICLE INFORMATION STORAGE

The App may store basic vehicle information locally on your device, such as:

• VIN

• Decoded vehicle make, model, and year

• Custom vehicle labels or notes (if provided by you)

Legal Basis: Legitimate interest in improving user experience

This data:

• Is stored locally on your device only

• Is used to improve user experience (e.g., faster loading, avoiding repeated VIN decoding)

• Can be cleared by uninstalling the app or clearing app data

• Is never transmitted to our servers

4. ANALYTICS & CRASH REPORTING

The App uses Firebase services (provided by Google LLC) to improve stability and user experience:

Firebase Analytics

• Collects anonymous usage statistics (e.g., screen views, feature usage, session duration)

• Collects device information (model, OS version, language)

• Does not collect personal identity information

• Does not collect vehicle-specific data or OBD readings

Legal Basis: Legitimate interest in improving app quality and user experience

Firebase Crashlytics

• Collects crash reports and diagnostic information

• Helps identify and fix application errors

• Includes technical data (stack traces, device state)

• Does not include vehicle data, OBD sensor values, or personal information

Legal Basis: Legitimate interest in maintaining app stability

Firebase services operate under Google's Privacy Policy:

https://policies.google.com/privacy

Your Rights: You can opt out of analytics by contacting us.

5. AI & DATA PROCESSING

The App uses Gemma language models (developed by Google) for locally processed AI-powered vehicle diagnostic interpretation.

Important:

• AI processing is performed entirely locally on your device

• Gemma models are downloaded and stored on your device

• No vehicle data, OBD readings, or sensor data is sent to external AI servers

• No personal data is used for AI training or improvement

• AI models operate completely offline after initial download

Legal Basis: Legitimate interest in providing enhanced diagnostic features

Third-Party Models: Gemma models are subject to Google's terms and policies. We do not control or have access to any data processed by these local models.

6. NETWORK REQUESTS

The App may perform public API requests to retrieve vehicle metadata:

VIN Decoding Services

• NHTSA VIN Decoder API (https://vpic.nhtsa.dot.gov/api/)

• Only the VIN is transmitted when decoding is required

• No personal user information is included

• Requests are made securely over HTTPS

Legal Basis: Necessary for providing VIN decoding functionality

Firebase Remote Config

• Retrieves app configuration settings

• No personal or vehicle data is transmitted

• Used to manage feature availability and app updates

7. DATA SHARING

The App does not sell, rent, or share personal or vehicle data with third parties.

Limited Data Sharing:

• Firebase Analytics & Crashlytics: Anonymous technical data (processed by Google)

• VIN Decoding APIs: VIN only, when explicitly required for functionality

We do not share data with:

• Advertisers

• Marketing companies

• Data brokers

• Any other third parties for commercial purposes

8. DATA RETENTION

Vehicle Sensor Data: Not retained (processed in memory only, discarded immediately)

Vehicle Identity Data (VIN, make, model):

• Stored locally on your device until you delete it

• Retention period: Until user deletion or app uninstallation

Analytics Data:

• Retained according to Firebase's default policies (typically 2-14 months)

• Automatically deleted after retention period

Crash Reports:

• Retained according to Firebase Crashlytics policies (typically 90 days)

• Used only for debugging and app improvement

9. YOUR RIGHTS (GDPR & DATA PROTECTION)

You have the following rights regarding your data:

Right to Access: Request information about data we process

Right to Rectification: Correct inaccurate data

Right to Erasure*: Delete your data (clear app data or uninstall)

Right to Restriction: Limit how we process your data

Right to Data Portability: Receive your data in a portable format

Right to Object: Object to data processing based on legitimate interests

Right to Withdraw Consent: Where processing is based on consent

How to Exercise Your Rights:

• Clear vehicle data through app settings

• Uninstall the app to remove all local data

• Contact us at tuneaiobd@gmail.com for assistance

Response Time: We will respond to requests within 30 days.

10. DATA SECURITY

We implement appropriate technical and organizational measures to protect your data:

Technical Measures:

• Local-only data storage (no cloud transmission)

• HTTPS encryption for all network requests

• Secure Firebase SDK implementation

• No permanent storage of sensitive sensor data

Organizational Measures:

• Minimal data collection principles

• Privacy-by-design approach

• Regular security reviews

Limitations: No system is 100% secure. We cannot guarantee absolute security but take reasonable precautions.

11. CHILDREN'S PRIVACY

The App is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children.

If you believe a child has provided us with personal data, please contact us immediately at tuneaiobd@gmail.com.

12. INTERNATIONAL DATA TRANSFERS

Firebase Services: Data processed by Firebase may be transferred to and stored in countries outside your jurisdiction, including the United States. Google provides appropriate safeguards for international transfers.

VIN Decoding: VIN data may be transmitted to NHTSA servers (USA) for decoding purposes.

By using the App, you consent to these international transfers.

13. DATA SOURCES & REFERENCES

To provide accurate vehicle diagnostics and decoding, the App relies on publicly available automotive standards and data sources:

OBD & Vehicle Standards:

• On-Board Diagnostics (OBD-II) - Public technical standard for vehicle diagnostics

  https://en.wikipedia.org/wiki/On-board_diagnostics

• ISO/SAE OBD-II Specifications - Used for interpreting diagnostic modes, PIDs, and responses

  https://en.wikipedia.org/wiki/OBD-II_PIDs

VIN Decoding:

• NHTSA VIN Decoder API (USA – Public Service) - Provided by the National Highway Traffic Safety Administration

  https://vpic.nhtsa.dot.gov/api/

Educational & Reference Material:

• Manufacturer-neutral OBD references

• Open automotive datasets

• Public technical documentation

14. COOKIES AND TRACKING

The App does not use cookies or web tracking technologies. All analytics are handled through Firebase SDK as described in Section 4.

15. DO NOT TRACK SIGNALS

The App does not respond to Do Not Track browser signals as it is a native Android application without web-based tracking.

16. AUTOMATED DECISION-MAKING

The App uses AI models for diagnostic interpretation, but:

• All AI processing occurs locally on your device

• You maintain full control over all actions and decisions

• AI suggestions are informational only, not binding

• No automated decisions are made without your input

17. COMPLIANCE WITH LAWS

We comply with applicable data protection laws, including:

• General Data Protection Regulation (GDPR) - EU

• California Consumer Privacy Act (CCPA) - USA (if applicable)

• Other regional data protection regulations

18. CHANGES TO THIS POLICY

This Privacy Policy may be updated from time to time to reflect changes in:

• App functionality

• Legal requirements

• Data processing practices

Notification of Changes:

• Material changes will be notified through the App or email (if provided)

• Updated policy will be posted with a new "Last updated" date

• Continued use after changes constitutes acceptance

We encourage you to review this policy periodically.

19. SUPERVISORY AUTHORITY

If you are located in the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your privacy rights.

Greek Data Protection Authority (for users in Greece):

Website: https://www.dpa.gr/

Email: contact@dpa.gr

20. CONTACT INFORMATION

For questions, concerns, or requests regarding this Privacy Policy or your data:

📧 Email: tuneaiobd@gmail.com

Response Time: We aim to respond within 5 business days for general inquiries and within 30 days for formal data rights requests.

21. LEGAL BASIS SUMMARY

| Data Type | Legal Basis |

|-----------|-------------|

| OBD sensor data (temporary) | Legitimate interest |

| Vehicle identity data (local) | Legitimate interest |

| Analytics data | Legitimate interest |

| Crash reports | Legitimate interest |

| VIN decoding requests | Necessary for service provision |

---

Effective Date: January 19, 2026

Version: 1.1

By using MindDrive AI-OBD & Performance  you acknowledge that you have read and understood this Privacy Policy.