Privacy Policy
RustToRoad ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights. By using RustToRoad, you agree to the practices described here.
1. Data We Collect
We collect the following categories of data:
| Category | Data Collected | When Collected |
|---|---|---|
| Account Data | Name, email address, hashed password | When you create an account |
| Listing Data | Vehicle details, description, price, photos, contact email/phone, location | When you post a car listing |
| Payment Data | Transaction records, payment amounts, billing dates (no card numbers) | When you purchase a featured listing or membership |
| Newsletter Data | Email address, name (optional), signup source | When you subscribe to the newsletter |
| Usage Data | Pages visited, affiliate link clicks, search queries | Automatically during your visit |
| Comments | Text content of guide comments | When you comment on a repair guide |
2. Payment Data Handling
When you make a payment, you are submitting your card information directly to Stripe's secure servers. Stripe's privacy policy applies to that data: stripe.com/privacy
3. Cookies & Tracking
We use the following types of cookies and tracking:
- Authentication Cookies: To keep you logged in to your account (essential, cannot be opted out while logged in).
- Analytics: We use Polsia analytics to track page views and user interactions. This data is aggregated and used to improve the Platform.
- Affiliate Click Tracking: When you click an Amazon Associates or eBay Partner Network affiliate link, we log the click event for attribution purposes. This helps us track which affiliate links drive purchases so we can improve our recommendations.
We do not use third-party advertising cookies or sell your browsing data to advertisers.
4. Newsletter Subscriptions
If you subscribe to the RustToRoad newsletter, we store your email address and optionally your name. We use this information to:
- Send you newsletters, repair tips, and platform updates
- Track open rates and click rates to improve email quality
Unsubscribing: Every newsletter email includes an unsubscribe link. You can also email us at hello@rusttoroad.com to be removed from the list.
We do not sell or share newsletter subscriber lists with third parties.
5. How We Use Your Data
We use your data to:
- Operate and maintain the Platform (authenticate users, display listings)
- Process payments and manage subscriptions
- Send transactional emails (listing confirmations, payment receipts, password resets)
- Send newsletters and marketing emails (only if you've subscribed)
- Track affiliate commissions and improve product recommendations
- Detect and prevent fraud and abuse
- Analyze usage patterns to improve Platform features
- Comply with legal obligations
6. Data Sharing
We do not sell your personal data. We share data only in limited circumstances:
- Stripe: Payment processing (card data goes directly to Stripe, not through our servers)
- Amazon Associates / eBay Partner Network: Affiliate click attribution data is shared with these programs as part of commission tracking
- Infrastructure Providers: Our hosting and database providers process data to operate the Platform (data is not used for their own purposes)
- Legal Requirements: We may disclose data if required by law, court order, or to protect the safety of users or the public
7. Data Retention
We retain your data as long as your account is active or as needed to provide our services:
- Account data: Retained until you delete your account
- Listing data: Retained until you delete the listing or your account (sold listings may be retained in aggregate/anonymized form for analytics)
- Payment records: Retained for 7 years for accounting and tax compliance
- Newsletter subscriptions: Retained until you unsubscribe
- Usage logs: Retained for up to 12 months in identifiable form, then aggregated
8. Your Rights & Data Deletion
You have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Update or correct inaccurate data
- Deletion: Request deletion of your account and associated personal data (subject to retention requirements above)
- Portability: Request your data in a machine-readable format
- Opt-out: Unsubscribe from marketing emails at any time
To exercise any of these rights, contact us at hello@rusttoroad.com. We will respond within 30 days.
9. Security
We take reasonable measures to protect your data including:
- Passwords are hashed using bcrypt before storage — we never store plaintext passwords
- HTTPS encryption for all data transmission
- Restricted database access (production credentials not exposed to frontend)
- Payment card data handled entirely by Stripe's PCI-compliant infrastructure
No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately at hello@rusttoroad.com.
10. Children's Privacy
RustToRoad is not intended for users under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, contact us and we will promptly delete it.
11. Third-Party Links
The Platform contains links to third-party websites (eBay, Amazon, affiliate partners, etc.). This Privacy Policy does not apply to those sites. We encourage you to read the privacy policies of any third-party sites you visit.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Platform. The "Last updated" date at the top reflects when the policy was last revised.
13. Contact Us
For privacy questions, data requests, or to exercise your rights:
- Email: hello@rusttoroad.com
- Website: rusttoroad.com
We aim to respond to all privacy requests within 30 days.