Privacy Policy
Last Updated: March 9, 2026
This Privacy Policy describes how Steelie Dev Corp. ("Steelie", "we", "our", or "us") collects, uses, and discloses information when you use our website and web application (the "Service").
Steelie is a software-as-a-service platform for automotive repair professionals to create estimates, invoices, work orders, and manage repair documentation.
By using Steelie, you agree to the practices described in this Privacy Policy.
1. Information We Collect
1.1 Account Information
When you register, we collect:
- Full name and email address
- Phone number
- Business name, address, and tax settings
- Login credentials (passwords are hashed and never stored in plaintext)
You may also sign in using Google or Microsoft OAuth. When you do, we receive your name and email from the provider. We do not receive your password.
1.2 Business Data
Data you create in Steelie, including:
- Customer names, contact information, and addresses
- Vehicle information (VIN, make, model, year)
- Estimates, invoices, and work orders
- Photos, files, and supporting documentation
- Digital signatures
- Notes and comments
1.3 Usage and Technical Data
We automatically collect:
- IP address, device type, browser type, and operating system
- Pages viewed and actions taken within the Service
- Error and performance logs
This helps us maintain security and improve performance.
1.4 Cookies and Local Storage
Steelie uses cookies, localStorage, and similar technologies to:
- Authenticate users and maintain login sessions
- Remember trusted devices
- Analyze usage
Disabling cookies may prevent some features from functioning properly.
1.5 Payment Information
Payments are processed by Stripe. Stripe collects your credit card number, expiration date, security code, and billing address directly. Steelie does not store full credit card numbers.
We store limited billing data:
- Subscription plan, status, and payment history
- Last four digits and brand of payment method
- Billing name and email
Stripe's privacy policy: stripe.com/privacy
2. How We Use Information
- Provide, operate, and improve the Service
- Process billing and manage subscriptions
- Send transactional emails (invoices, estimates, account notifications)
- Monitor errors and debug issues
- Analyze usage to improve the product
- Prevent fraud and ensure security
- Comply with legal obligations
3. Data Ownership
You retain ownership of all data you upload to Steelie, including customer data, vehicle data, estimates, invoices, work orders, photos, and files.
Steelie acts as a data processor on your behalf. We do not sell your data.
4. Third-Party Service Providers
We do not sell personal information.
We share data with the following providers as necessary to operate the Service:
| Provider | Purpose |
|---|---|
| Supabase | Database, authentication, and file storage |
| Stripe | Payment processing |
| PostHog | Product analytics |
| Sentry | Error monitoring |
| Resend | Transactional email delivery |
| Google Cloud Vision | VIN image recognition (processed ephemerally, not stored) |
| Cloudflare Turnstile | Bot prevention (CAPTCHA) |
| Vercel | Application hosting |
These providers only access information necessary to perform their services. Each operates under their own privacy policy.
5. Optional Integrations
You may choose to connect Steelie with external services. When connected, data is shared as needed to provide the integration:
- QuickBooks Online -syncs customers, invoices, and payments
- Google Calendar -syncs work order scheduling
- Microsoft Outlook -syncs work order scheduling
You can disconnect integrations at any time from your account settings. These services operate under their own privacy policies.
6. Legal Disclosures
We may disclose information if required by law, court order, or government request. If Steelie is sold, merged, or acquired, information may transfer as part of the business.
7. Data Storage and Security
We use industry-standard safeguards including encryption in transit (SSL/TLS), secure cloud infrastructure, authentication controls, and access restrictions.
Your data may be stored or processed in the United States and Canada. No system is completely secure, but we take reasonable steps to protect your information.
8. Data Retention and Deletion
We retain your data while your account is active and as required by law. You may request deletion at any time by contacting us. Upon request, your data will be removed within 30 days unless retention is legally required.
9. Your Rights
Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal information. To make a request, contact us at privacy@steelie.org.
Canada (PIPEDA)
Steelie complies with the Personal Information Protection and Electronic Documents Act. Canadian users may access, correct, or withdraw consent for their personal data. You may file a complaint with the Office of the Privacy Commissioner of Canada.
In the event of a data breach posing a real risk of significant harm, we will notify affected individuals and the Privacy Commissioner as required.
United States (CCPA and State Laws)
US residents may have the right to:
- Know what personal information we collect and how it is used
- Request deletion of personal information
- Opt out of the sale of personal information (we do not sell personal information)
- Non-discrimination for exercising privacy rights
We will respond to verified requests within 45 days. Steelie does not sell, rent, or share personal information for cross-context behavioral advertising.
10. Children's Privacy
Steelie is not intended for individuals under 16. We do not knowingly collect information from children.
11. Changes to This Policy
We may update this Privacy Policy. If changes are significant, we will notify users. Continued use of Steelie constitutes acceptance.