Back to Home

Privacy Policy

Last updated: October 20, 2025

This Privacy Policy should be read alongside our Terms of Service, which govern your use of AutoRelay.

Introduction

Welcome to AutoRelay ("we," "our," or "us"). AutoRelay is a communication platform that helps car dealerships acquire vehicles through their service lanes. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and related services (the "Service").

We are committed to protecting your privacy and maintaining the confidentiality of your personal information. By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, including:

  • Account Information: Name, email, phone number, company name, and password.
  • Business Information: Company or dealership details, CRM credentials, business address, and tax ID.
  • Customer Data: Names, phone numbers, vehicle information, and service history you upload or sync through your CRM.
  • Communications: Support requests, surveys, or messages you send us.

1.2 Information Collected Automatically

We automatically collect:

  • Usage Data: Pages viewed, features used, session duration, and performance metrics.
  • Device Information: IP address, browser type, OS, device identifiers, and network information.
  • Security Logs: Login times, authentication events, and access attempts.

1.3 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for authentication, security, and basic platform functionality.
  • Analytics Cookies: Help us understand how users interact with our platform to improve performance and user experience.

We do not use third-party advertising cookies or cross-site tracking. You can manage your cookie preferences through your browser settings or our cookie consent banner.

1.4 Information from Third Parties

We may receive information from:

  • Integrations: Your CRM or DMS systems.
  • Marketing and Analytics Partners.
  • Authentication Providers (e.g., SSO services).

2. How We Use Information

We use information to:

  • Provide and operate the Service;
  • Authenticate users and secure accounts;
  • Deliver SMS and email communications on your behalf;
  • Analyze usage and improve performance;
  • Detect, prevent, and respond to fraud or abuse;
  • Comply with legal obligations; and
  • Send optional marketing or product communications (you may opt out anytime).

Your Role and Responsibilities: When you use AutoRelay to communicate with your customers, you are responsible for obtaining all necessary consents and providing required notices to those individuals under applicable laws (including TCPA, CAN-SPAM, and state privacy laws).

3. SMS and Communication Practices

AutoRelay enables two-way SMS and email communications between you and your customers.

  • Consent: You must ensure your customers have consented to receive messages as required by the TCPA and other laws.
  • Opt-Out: AutoRelay automatically honors "STOP" and similar requests.
  • Content: You control message content and compliance.
  • Data Use: Message content and phone numbers are used only to provide the Service and are not shared for third-party marketing.

4. Information Sharing and Disclosure

We share information only as necessary to operate and secure the Service:

  • Service Providers: SMS gateways (Twilio), email (SendGrid), cloud hosting (Railway, Vercel, AWS S3), analytics, and support tools.
  • Business Transfers: If AutoRelay undergoes a merger or acquisition, we will notify you before data is transferred.
  • Legal Obligations and Security: To comply with law or protect rights, property, or safety.
  • With Your Consent: When you explicitly authorize sharing.

5. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information from unauthorized access, use, or disclosure. These measures include:

  • Encryption of data in transit and at rest;
  • Access controls and authentication mechanisms;
  • Regular security assessments and monitoring;
  • Employee training on data protection.

While no system is completely secure, we continuously work to improve our security practices.

6. Data Retention

We retain data only as long as necessary for the purposes described:

  • Account Data: While your account is active + a short retention for backups.
  • Customer Data: As directed by you or deleted upon request.
  • Campaign Logs: For compliance and analytics purposes, we may retain campaign activity logs for up to 7 years as required by telecommunications regulations and business record-keeping requirements.
  • Support Records: For quality assurance and legal obligations.

Inactive data is periodically anonymized or deleted per our internal data handling procedures.

7. Your Rights and Choices

Depending on your state of residence, you may have rights to: access, correct, delete, or export your data, and opt out of certain processing.

To exercise these rights:

We verify identity before fulfilling requests and respond within the time required by applicable law (typically 45 days).

8. U.S. State Privacy Laws

We comply with comprehensive privacy laws in California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.

We do not sell personal information or use it for targeted advertising.

California residents: Learn more about your CCPA rights on our Do Not Sell My Personal Information page.

Sensitive data (such as login credentials) is used only to provide the Service.

9. Children's Privacy

Our Service is not directed to individuals under 16 years of age, and we do not knowingly collect their personal information.

10. International Data Transfers

All data is hosted and processed in the United States. We do not transfer personal information outside the U.S.

11. Third-Party Links and Integrations

Our Service may link to or integrate with third-party platforms (e.g., CRMs and DMS systems). Their privacy practices are governed by their own policies. We encourage you to review them.

12. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will:

  • Update the "Last updated" date;
  • Provide notice of material changes via email or dashboard banner; and
  • Post the new version at getautorelay.com/privacy.

Your continued use of the Service after the effective date constitutes acceptance of the revised policy.

13. Contact Us

AutoRelay Privacy Team

Email: privacy@getautorelay.com

Support: support@getautorelay.com

We respond to privacy inquiries within 30 days.

14. Regulatory Compliance

AutoRelay operates exclusively in the United States and complies with:

  • TCPA: SMS consent and opt-out requirements;
  • CAN-SPAM Act: For account-related and marketing emails;
  • FTC Act: Consumer protection and fair practices.

© 2025 AutoRelay LLC • Privacy Policy v1.0 • Effective October 20, 2025

Return to AutoRelay Home