Vehix

Last updated: 1 June 2025

Privacy Policy

Vehix (“we”, “us”) is committed to protecting your personal data. This policy explains what we collect, why, and your rights under UK GDPR.

1. Data We Collect

We collect the following categories of personal data:

  • Account data: Your name and email address, provided at registration.
  • Vehicle data: Car details, service records, fuel logs, mileage history, and photos you add.
  • Usage data: Anonymised feature usage events (e.g. screens visited, features used). Never tied to individual identities without consent.
  • Device data: Push notification token for service reminders and alerts.
  • Vehicle lookup data: Registration numbers you enter for MOT history or DVLA plate lookups. These are sent to DVSA/DVLA APIs and are not stored by Vehix beyond the duration of the request.
  • Marketplace data: If you list a car for sale: price, location, contact name, and photos.
  • Community data: Forum posts and replies you create.

2. How We Use Your Data

We use your data to:

  • Provide and improve the Vehix app and website.
  • Send you service reminders and mileage-based alerts (only if enabled).
  • Power AI Mechanic responses tailored to your vehicle history.
  • Display your listings in the Vehix marketplace.
  • Analyse aggregated, anonymised usage patterns to improve the product.
  • Comply with legal obligations.

We do not sell your personal data to third parties or use it for advertising.

3. Third-Party Services

We use the following trusted processors:

  • Supabase — Database and authentication provider. Data stored in EU data centres.Privacy policy
  • OpenAI — Powers AI Mechanic features. Only your vehicle data and service history are sent; no personally identifiable information.Privacy policy
  • Expo (Expo Inc.) — Push notification delivery.Privacy policy
  • PostHog — Anonymised analytics. EU instance only.Privacy policy
  • DVSA (Driver and Vehicle Standards Agency)— When you request MOT history, your vehicle's registration number is sent to the DVSA Trade API to retrieve official MOT test records. No personal account information is shared.Learn more
  • DVLA (Driver and Vehicle Licensing Agency) — When you look up a vehicle by registration plate, that registration number is sent to the DVLA Vehicle Enquiry Service to retrieve vehicle details (make, model, fuel type, tax and MOT status). No personal account information is shared.Learn more

4. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, all personal data — including cars, records, fuel logs, photos, and forum posts — is permanently deleted within 30 days.

Anonymised, aggregated analytics data (which cannot identify you) may be retained indefinitely for product improvement purposes.

5. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of access — Request a copy of the data we hold about you.
  • Right to rectification — Request correction of inaccurate data.
  • Right to erasure — Request deletion of your data (“right to be forgotten”). You can do this directly in the app via Settings → Delete Account.
  • Right to portability — Request your data in a structured, machine-readable format.
  • Right to object — Object to processing based on legitimate interests.
  • Right to restrict processing — Request restriction of how we process your data.

To exercise any of these rights, email us at privacy@vehix.uk. We will respond within 30 days.

6. Cookies

The Vehix mobile app does not use cookies. The Vehix website (vehix.uk) uses only essential cookies required for the site to function (session management, security). We do not use advertising or tracking cookies on the website.

7. Security

We implement industry-standard security measures including encrypted data transmission (TLS), encrypted storage, Row Level Security on all database tables (ensuring users can only access their own data), and hardware-backed secure storage for authentication tokens on mobile devices.

8. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via in-app notification or email. Continued use of Vehix after changes constitutes acceptance of the updated policy.

9. Contact Us

For any privacy-related questions or to exercise your rights, contact our Data Protection contact at:

Email: privacy@vehix.uk

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.