Legal

Privacy Policy

Effective Date: February 1, 2026  |  Last Updated: February 1, 2026

TestDrive AI, Inc. (“TestDrive AI,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our platform, website, and services.

Contents
1. Information We Collect 2. How We Use Information 3. Sharing Your Information 4. Data Retention 5. Security 6. Your Rights & Choices 7. Cookies 8. Children's Privacy 9. International Transfers 10. Contact Us

1. Information We Collect

1.1 Information You Provide Directly

  • Account data: name, email address, phone number, and password when you register.
  • Vehicle preferences: make, model, budget, financing needs, trade-in details you submit via the TD Engine™ chat interface.
  • Contact form submissions: messages, inquiries, and support requests.
  • Dealer onboarding data: business name, dealership address, DMS credentials (encrypted in transit and at rest).

1.2 Information Collected Automatically

  • Usage data: pages visited, features used, session duration, click paths, and search queries within the platform.
  • Device data: IP address, browser type and version, operating system, device identifiers.
  • Location data: approximate geolocation derived from IP address to surface nearby dealers and inventory. We do not collect precise GPS coordinates unless you explicitly grant permission.
  • Cookies and tracking technologies: see Section 7.

1.3 Information from Third Parties

  • Dealer Management System (DMS) integrations: inventory, pricing, and availability data provided by connected dealers.
  • Publicly available vehicle data: NHTSA recall databases, Kelley Blue Book value APIs, and CARFAX history reports (where licensed).
  • Authentication providers: if you sign in via Google or Apple, we receive your name and email only.

2. How We Use Your Information

We use collected information to:

  • Operate and improve the TestDrive AI platform and the TD Engine™.
  • Match buyers with relevant vehicle inventory using AI-powered recommendations.
  • Process financing pre-qualification inquiries (data shared with lender partners only with your explicit consent).
  • Communicate with you about your account, support requests, and product updates.
  • Train and improve our AI models — using de-identified and aggregated data only; we do not train on your PII without separate consent.
  • Detect fraud, prevent abuse, and comply with legal obligations.
  • Send marketing communications where you have opted in (you may opt out at any time).

We do not sell your personal data to advertisers or data brokers. Ever.

3. Sharing Your Information

We share information only in the following circumstances:

  • Connected Dealers: When you initiate a test drive or financing inquiry, your contact details and vehicle preferences are shared with the specific dealer you selected. You control this action.
  • Service Providers: We work with vetted vendors (hosting, analytics, fraud detection) under strict data processing agreements that prohibit secondary use.
  • Lending Partners: Only when you explicitly click “Check My Rate” or equivalent — with your active consent, not passive consent.
  • Legal Requirements: We may disclose information if required by law, subpoena, or to protect the rights and safety of TestDrive AI and its users.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, user data may be transferred. We will notify you before your data becomes subject to a materially different privacy policy.

4. Data Retention

We retain personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: retained while your account is active, plus 90 days after deletion request.
  • Chat and session data: 24 months in identifiable form; thereafter anonymized for model training.
  • Dealer data: retained for the term of the dealer agreement plus 3 years for audit purposes.
  • Financial inquiry data: 7 years to comply with applicable lending regulations.

5. Security

We apply bank-grade security across the entire platform:

  • AES-256 encryption at rest; TLS 1.3 in transit.
  • SOC 2 Type II audit in progress; PCI DSS compliance maintained for payment flows.
  • Zero-trust network architecture with role-based access controls.
  • Penetration testing conducted quarterly by an independent third party.
  • Incident response plan with 72-hour breach notification window per GDPR/CCPA requirements.

No security system is impenetrable. If you believe your account has been compromised, contact us immediately at security@testdrive.com.

6. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate data.
  • Deletion: Request deletion of your personal data (subject to legal retention obligations).
  • Portability: Receive your data in a machine-readable format.
  • Opt-out of Sale: We do not sell your data. There is nothing to opt out of.
  • Marketing opt-out: Click “Unsubscribe” in any marketing email or email privacy@testdrive.com.

To exercise any right, email privacy@testdrive.com with your request. We respond within 30 days.

7. Cookies

We use the following categories of cookies:

  • Strictly Necessary: Authentication, security, session management. Cannot be disabled.
  • Performance: Anonymous analytics to understand how users navigate the platform (e.g., page load times, error rates).
  • Functional: Remembering your preferences (dark mode, saved filters).
  • Marketing: Only used with explicit opt-in consent. We do not use third-party advertising cookies by default.

Manage your cookie preferences via our Cookie Policy page or by updating your browser settings.

8. Children's Privacy

The TestDrive AI platform is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have inadvertently collected data from a minor, we will delete it promptly. Contact privacy@testdrive.com if you believe we have data from a minor.

9. International Transfers

TestDrive AI is headquartered in Austin, Texas, USA. If you access our platform from outside the United States, your data is transferred to and processed in the US. For EEA/UK users, we rely on Standard Contractual Clauses as the legal mechanism for cross-border transfers.

10. Contact Us

For privacy questions, data requests, or to report a concern:

We may update this Privacy Policy periodically. Material changes will be communicated via email to registered users and posted on this page with an updated “Last Updated” date.