How Duewise handles user and vehicle-check data.
This privacy policy explains what data Duewise may collect, why it is used, who may process it and what rights users have.
Duewise uses specialist providers for authentication, database hosting, payments and service delivery so sensitive infrastructure stays protected.
Data collected
What information Duewise may collect.
Duewise collects the data needed to provide accounts, reports, saved garage features, subscriptions, security and support.
Account information
Name, email address, authentication status and account role if you create a Duewise account.
Vehicle check information
Registration, mileage, asking price, advert text and report inputs you provide.
Garage and saved reports
Vehicles, reports, notes, reminders and buyer actions saved to your account.
Billing information
Subscription status, plan type, payment provider customer ID and billing events. Raw card details should not be stored by Duewise.
Technical information
Device, browser, IP address, usage logs, security logs and analytics needed to run and protect the service.
Support messages
Messages, requests or feedback you send to Duewise, including unsupported vehicle requests.
Why the data is used.
Duewise uses data to provide the service, protect accounts, generate buyer reports, manage payments and improve vehicle model coverage.
Create and manage user accounts.
Generate vehicle buyer reports.
Save vehicles and reports to a user garage.
Manage subscriptions and premium access.
Improve report quality and unsupported vehicle coverage.
Protect the service against abuse, fraud and technical issues.
Send account, verification, password reset and service emails.
Comply with legal, tax, accounting and security obligations.
Third-party processors
Services that may process data.
Duewise should avoid building sensitive infrastructure itself where specialist providers are safer and more reliable.
Authentication, database, storage and account-related infrastructure.
Secure checkout, subscriptions, invoices, payment status and billing portal.
Website hosting, deployment and serverless infrastructure.
Email confirmation, password reset and service notifications.
Optional product analytics if enabled later.
How long data is kept.
Account, report, garage and billing records should be kept only for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse and maintain accurate business records.
Users should be able to request deletion of their account and associated data where deletion is legally and technically possible. Some billing, tax, fraud-prevention or security records may need to be retained for longer.
How data should be protected.
Duewise should use secure authentication, encrypted transport, strong database permissions, protected environment variables and server-side access checks. Admin access must be restricted to authorised users only.
Raw payment card details should not be stored by Duewise. Payment processing should be handled by a payment provider such as Stripe.
Your data rights.
Depending on applicable law, users may have rights over their personal data. These rights should be handled through a clear support/contact process.
Request access to personal data held about you.
Request correction of inaccurate personal data.
Request deletion of personal data where legally possible.
Object to or restrict certain processing.
Request a copy of your data in a portable format where applicable.
Withdraw consent where processing is based on consent.
Cookies and analytics.
Duewise may use essential cookies for login and security. Analytics or marketing cookies should only be enabled with the correct notice and consent where required.
Service emails.
Duewise may send account verification, password reset, billing, report, support and important service emails. Marketing emails should be opt-in where required.
Data processors may operate globally.
Infrastructure providers may process data in different regions. Duewise should use appropriate processor agreements, safeguards and retention controls where required.
Privacy details should stay current.
Duewise should keep this policy aligned with the live service, support routes, processors, cookie tools, retention periods and applicable legal requirements.