VehKeep

Privacy policy

This page explains what data the application processes, why it is processed, who may receive it, and what rights users have.

VehKeep
Last updated: 2026-05-29

Data controller

Controller
KP IT
Address
ul.Romańska 1/71, 01-451 Warszawa
Privacy contact
[email protected]
Service address
https://vehkeep.com

Data we process

  • Account data: email address, user identifier, account creation date, and technical sign-in data handled by ASP.NET Core Identity.
  • Vehicle data: name, brand, model, year, VIN, mileage, and notes provided by the user.
  • Vehicle maintenance history: service records, reminders, expenses, dates, mileage values, descriptions, and categories.
  • Attachments uploaded by the user, such as invoices, photos, or documents. They may contain personal data if the user includes it.
  • Technical data needed to run the service, including authentication cookies, language cookie, session identifiers, server logs, and appearance preferences in localStorage.

Purposes and legal bases

  • Creating and operating the account and providing application features: performance of a contract or steps before entering into one.
  • Maintaining vehicle history, expenses, reminders, and data export: performance of the service requested by the user.
  • Security, abuse prevention, and error diagnostics: the operator's legitimate interest.
  • Handling claims, accounting, or legal duties where applicable: legal obligation or legitimate interest.
  • Sending technical messages and reminders if configured: performance of the service or consent where required.

Recipients and processors

Data may be processed by providers that help operate hosting, the database, file storage, and email delivery. The exact scope depends on the deployment configuration.

Hosting
Coolify on Hostinger VPS
Attachment storage
Cloudflare R2
Email provider
Zoho Mail

If an infrastructure provider processes data outside the European Economic Area, the operator should ensure an appropriate transfer basis, such as an adequacy decision or standard contractual clauses.

Cloudflare R2 may use automatic data location; if the deployment requires guaranteed data residency, the R2 bucket should be created with an appropriate jurisdiction such as EU.

Retention period

Account and vehicle data is retained while the user uses the service. After account or data deletion, it is removed within a reasonable time except where data is needed for legal obligations, security, backups, or claims.

User rights

  • Right of access to data and information about processing.
  • Right to rectify inaccurate data.
  • Right to erasure where permitted by law.
  • Right to restriction of processing.
  • Right to data portability.
  • Right to object to processing based on legitimate interest.
  • Right to withdraw consent if processing is based on consent.

The user has the right to lodge a complaint with the competent supervisory authority. In Poland this is the President of the Personal Data Protection Office: UODO.

Cookies and localStorage

The application uses essential cookies for sign-in and language persistence. Appearance preferences, such as theme, side panel, and accent color, are stored in localStorage. By default, the application does not include analytics or advertising tools.

Profiling and automated decisions

The application does not make decisions producing legal effects for users and does not perform marketing profiling. Reminders are generated from data entered by the user.

An unexpected error has occurred. Reload x

Rejoining the server...

Rejoin failed. Trying again in seconds.

Failed to rejoin. Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session. Please retry or reload the page.