Last updated: June 2026

Privacy Policy

1. Information we collect

We collect information you provide directly: your email address when you use Otto, your name and business details when you create an account, and payment information when you subscribe (processed securely by Stripe, so we never store card numbers).

2. How we use your information

We use your information to: deliver Otto diagnostic results and PDF reports to your email, personalize your onboarding setup and recommendations, manage your account and subscriptions, and improve our services.

3. Otto diagnostic data

When you complete the Otto diagnostic, your answers are used to generate a personalized onboarding recommendation. Your email is required to deliver the PDF report. We store diagnostic results to improve recommendation quality. You can request deletion of this data at any time.

4. Otto and data handling

Otto and the AutoStack platform operate within strict data boundaries. Each tenant's data is isolated using row-level security, and Otto only accesses data relevant to the onboarding it is assisting and cannot access other tenants' information. Otto is assistive and human-reviewable; it never grants account access or sends documents on its own.

5. Third-party services

We use the following services to operate AutoStack: Supabase (database and authentication), Stripe (payment processing), Resend (transactional email), Vercel (hosting), and Upstash (rate limiting). Each service processes data in accordance with their own privacy policies.

6. Data security

We implement industry-standard security measures including encrypted connections (HTTPS), secure session management with httpOnly cookies, row-level database security, rate limiting on all API endpoints, and regular security reviews.

7. Your rights

You have the right to: access the personal data we hold about you, request correction of inaccurate data, request deletion of your data, withdraw consent for marketing communications, and export your data in a portable format.

8. Contact us

For privacy-related questions or requests, contact us at privacy@autostack.ca.