← Back to Byouma
Privacy Policy
Last updated: April 14, 2026
This Privacy Policy describes how Byouma ("we", "us", or "our") collects, uses, and protects your information when you use the Byouma mobile application (the "App").
By using the App, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Information You Provide Directly
When you create an account and use the App, we may collect:
- Email address — used to identify your account and for authentication
- Name — your first and last name, obtained from your Google or Apple sign-in
- Profile photo — your avatar, if provided via your linked sign-in account
- Location — your city or region, to provide localised repair pricing, nearby events, and mechanic recommendations
- Vehicle information — make, model, year, mileage, engine variant (code, fuel type, horsepower, displacement), drivetrain, colour, and photos of your vehicle(s)
- Driving profile — driving style (city/highway/mixed), weekly kilometres driven, and commute percentage — used to personalise AI predictions and maintenance forecasts
- Mileage history — recorded mileage entries over time to track vehicle usage
- Repair logs — repair type, cost, shop name, mileage at repair, date, and notes you choose to enter
- Vehicle modifications — category, name, brand, cost, install date, and photos of modifications you add
- Community posts — public posts, comments, and likes you create (visible to other users within the same vehicle community)
- AI chat messages — questions and conversations you have with the AI assistant, stored locally on your device and sent to our AI provider for processing
1.2 Information Collected Automatically
- Device information — device type, operating system version
- Device identifier — iOS
identifierForVendor, Android androidId, or a generated UUID stored locally. Used for AI request rate limiting and abuse prevention
- Region code — detected from your device locale to provide region-appropriate eBay marketplace results and currency
- Usage data — features used, screens visited, and interactions within the App
- Cache data — vehicle intelligence and product listings cached locally on your device (AsyncStorage) to improve performance and enable offline viewing
1.3 Information from Third Parties
- Google Sign-In — if you sign in with Google, we receive your name, email address, and profile photo from Google
- Apple Sign-In — if you sign in with Apple, we receive your name and email address from Apple (iOS only)
- RevenueCat — subscription status, entitlements, and purchase history are managed by RevenueCat and synchronised with our backend
2. How We Use Your Information
- Create and manage your account
- Power AI vehicle insights, repair cost estimates, and failure predictions via xAI Grok
- Generate vehicle-specific repair cost estimates using your vehicle specs, mileage, driving profile, and location
- Provide modification recommendations tailored to your specific vehicle configuration
- Answer vehicle diagnostic questions via our AI chat assistant
- Search eBay for compatible parts and deals based on your vehicle specifications and region
- Find YouTube tutorial videos for mod installations and repairs
- Discover nearby car events and trusted mechanics via AI-powered internet search
- Compute vehicle reputation scores, leaderboard rankings, and achievement badges
- Display your vehicle garage, repair history, and health scores
- Personalise repair pricing and deals based on your location and region
- Enable community features, public profiles, and shared vehicle insights
- Enforce fair usage limits — free tier accounts are limited to 7 lifetime AI requests per device; Pro subscribers receive 25 AI requests per calendar month
- Process in-app purchases and manage subscriptions (via Apple App Store and RevenueCat)
- Send push notifications for maintenance reminders, health alerts, price drops, events, and achievement unlocks
- Improve the accuracy and relevance of the App's features
- Respond to your support requests
- Comply with legal obligations
3. In-App Purchases and Subscriptions
The App offers auto-renewable subscriptions (weekly, monthly, and yearly) via the Apple App Store, managed by RevenueCat.
We do not directly collect or store your payment information. All payment transactions are processed by Apple and are subject to Apple's Privacy Policy. RevenueCat receives anonymised purchase events to manage entitlements and is subject to RevenueCat's Privacy Policy.
4. Data Sharing and Disclosure
We do not sell your personal data to third parties. We may share your information in the following limited circumstances:
- Supabase — we use Supabase to store and manage your data securely. Supabase processes data on our behalf and is bound by confidentiality obligations
- xAI (Grok) — vehicle intelligence queries (specs, repair estimates, mod suggestions, diagnostics, event/mechanic discovery) are processed by Grok via Supabase Edge Functions. Data sent to xAI includes vehicle make, model, year, mileage, engine details, driving profile, and your location/region. It does not include your name, email address, or account information
- eBay Browse API — when searching for parts deals, we query eBay's API on your behalf. Search queries include vehicle specifications (make, model, year) and your region code for localised results, but not your personal information
- YouTube Data API — we query YouTube's API server-side to find modification installation tutorials relevant to your vehicle. Queries include vehicle make/model and modification type but not your personal information
- RevenueCat — your Supabase user ID is shared with RevenueCat to manage subscription entitlements. RevenueCat does not receive your email, name, or vehicle data
- Legal requirements — we may disclose your information if required by law, court order, or government authority
- Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction
4.1 Community and Public Features
Certain features make some of your data publicly visible to enhance community engagement:
- Public Vehicle Profiles — if you enable public profile visibility, your vehicle make/model/year, nickname, health score, reputation score, installed mods (if shared), and repair history (if shared) may be visible to other users via shareable links
- Community Posts — when you post to the community, your post content, vehicle make/model/year, and profile name/avatar are visible to other app users within the same vehicle community
- Leaderboards — if you opt in to leaderboard visibility, your vehicle's rank, nickname, scores, and owner initial appear on model-specific leaderboards
- Shareable Cards — when you share achievement unlocks, health scores, or milestones via the share feature, the generated image includes your vehicle details and is shared outside the app via your device's share sheet
You can control these settings at any time in Profile → Public Profile → Visibility Settings.
5. Data Retention
We retain your personal data for as long as your account is active or as needed to provide the App's services.
Server-side caches (vehicle intelligence, product listings) are retained for up to 7 days and then automatically refreshed or deleted.
You may delete your account at any time by contacting us at dzbyouma@gmail.com. Upon deletion, your personal data will be removed from our systems within 30 days, except where we are required to retain it by law.
6. Data Security
- Encrypted storage — authentication tokens are stored using iOS Keychain (SecureStore) for values under 2 KB
- SSL/TLS encryption — all data transmitted between the App and our servers is encrypted
- Certificate pinning — the App uses public key pinning to prevent man-in-the-middle attacks
- AI query anonymisation — vehicle intelligence requests sent to xAI include only vehicle specifications, driving profile, and location — not your name, email, or account information
- Server-side API proxying — all eBay and YouTube API calls are proxied through our backend; your device does not communicate directly with these services
- Local caching — vehicle intelligence results are cached on your device for up to 24 hours to reduce API calls, improve performance, and enable offline viewing. Cached data is stored in AsyncStorage and is not transmitted elsewhere
- Row-level security — your data in our database is isolated and accessible only by your account
- Rate limit enforcement — AI request quotas are enforced both locally and server-side (by user ID, device ID, and IP address) to prevent abuse
Despite these measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.
7. International Data Transfers
Your data may be processed on servers located outside the European Economic Area (EEA), including in the United States (Supabase, xAI, eBay, YouTube, RevenueCat). Where personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or the service provider's participation in recognised data protection frameworks.
8. Children's Privacy
The App is not directed at children under the age of 16. We do not knowingly collect personal information from children under 16.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at dzbyouma@gmail.com and we will delete it promptly.
9. Your Rights
9.1 General Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your account and associated data
- Withdraw consent at any time, where processing is based on consent
To exercise any of these rights, please contact us at dzbyouma@gmail.com.
9.2 GDPR Rights (European Union and EEA Users)
If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to data portability — receive your data in a structured, commonly used, machine-readable format
- Right to restriction — restrict the processing of your data in certain circumstances
- Right to object — object to processing based on legitimate interests
- Right to lodge a complaint — with your local data protection supervisory authority
Our legal basis for processing your personal data includes:
- Contractual necessity — to provide the App's features and services (Art. 6(1)(b) GDPR)
- Legitimate interests — to improve our services, ensure security, and prevent abuse (Art. 6(1)(f) GDPR)
- Consent — for location access, push notifications, and optional community features (Art. 6(1)(a) GDPR)
9.3 CCPA / CPRA Rights (California Residents)
- Right to Know — request disclosure of the categories of personal information we collect
- Right to Delete — request that we delete your personal information
- Right to Correct — request correction of inaccurate personal information
- Right to Opt-Out — we do not sell your data
- Right to Non-Discrimination — we will not discriminate against you for exercising your privacy rights
| Category | Examples | Collected |
|---|
| Identifiers | Email, name, device identifier | Yes |
| Personal information | Account profile, vehicle data, repairs, mods, driving profile | Yes |
| Geolocation data | City/region (only when using Discover feature) | Yes |
| Usage data | App interactions, features used | Yes |
| User-generated content | Community posts, AI chat messages, public profiles | Yes |
| Payment data | In-app purchases | No (handled by Apple) |
To exercise your CCPA/CPRA rights, contact us at dzbyouma@gmail.com.
9.4 CalOPPA
- Users can visit our App anonymously until they create an account
- This Privacy Policy is accessible from our website at byouma.store/privacy-policy.html
- We will notify users of any material changes to this Privacy Policy
- Users can update their personal information by accessing their profile settings in the App
10. Location Data
The App requests access to your device's location for the following purposes:
- Find nearby car events and meets in your area
- Locate trusted mechanics and repair shops near you
- Provide localised repair cost estimates based on regional pricing
- Surface region-specific parts deals and shipping options
Location is collected only when you use the Discover feature and you have granted permission through your device's settings. We do not track your location in the background or store location history.
11. Notifications
The App may send push notifications for:
- Vehicle maintenance reminders and health alerts
- Price drop alerts on tracked parts deals
- Nearby car events
- Achievement unlocks and reputation milestones
- Resale value changes
- Community updates (opt-in only)
Notifications respect quiet hours (22:00–07:00 by default). You can opt out at any time through your device's notification settings or within the App's notification preferences.
12. Third-Party Services
13. Governing Law
This Privacy Policy is governed by the laws of the Federal Republic of Germany and the General Data Protection Regulation (GDPR). If you are a consumer residing in the European Union, you also enjoy the protection of the mandatory provisions of the consumer protection laws of your country of residence.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you by updating the "Last updated" date at the top of this page and displaying a notice within the App. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.
15. Contact Us
Byouma
Email: dzbyouma@gmail.com
Website: byouma.store
We will respond to your inquiry within 30 days.
This Privacy Policy was last updated on April 14, 2026.