This Privacy Policy explains how CheckVIN.eu (“CheckVIN”, “we”, “us”) collects, processes, stores, and protects personal data when Users (“you”) access or use our Services, including the purchase and delivery of vehicle information reports (“Reports”).
CheckVIN complies with the General Data Protection Regulation (GDPR) and all applicable EU and Romanian data protection laws.
By using the Website and clicking “Get History Report/s”, you acknowledge that you have read and agree to this Privacy Policy.
We collect and process the following categories of data:
Email address – for delivering the Report, abandoned checkout reminders, review request emails, and (if consented) promotional content.
VIN (Vehicle Identification Number) – used solely to generate the Report.
Billing details – name, address, and postal information collected through Stripe for invoicing and fraud prevention.
IP address – for security, fraud prevention, abuse detection, and rate-limiting.
Device and browser information – collected for analytics and service optimization.
Analytics data – via Google Analytics and Framer Analytics (anonymized or pseudonymized where applicable).
Generated Reports, stored securely for 30 days.
Event logs (email delivery, payment confirmation, abandoned checkout actions).
CheckVIN processes personal data under the following GDPR legal bases:
Required to provide the Service you purchase:
Processing VIN to generate the Report
Delivering the Report via email
Payment confirmation
Billing detail collection via Stripe
Managing support requests related to the order
Used where processing is necessary for CheckVIN’s operational and security interests:
Sending abandoned checkout reminders
Sending review requests after successful delivery
Fraud prevention, rate limiting, and abuse detection via IP logging
Framer Analytics (basic, essential analytics)
Our legitimate interests do not override your fundamental rights and freedoms.
Required for:
Receiving promotional emails and newsletter content
Google Analytics (marketing and performance cookies)
Storing your email in Brevo CRM for marketing
Optional cookies and tracking technologies
Consent is obtained through:
Cookie banner on first website visit
Disclaimer on newsletter fields:
“By providing your email address, you agree to receive promotional content. You can unsubscribe at any time.”User action: Clicking “Get History Report/s” also signifies consent for abandoned cart and transactional follow-up emails.
You can withdraw consent at any time via the unsubscribe link or by contacting us.
Generate Reports using the VIN
4.1.1 Store Report securely for 30 days
4.1.2 Send payment confirmations
4.1.3 Send Report link
4.1.4 Provide support
Report delivery emails (mandatory)
4.2.1 Payment confirmation (mandatory)
4.2.2 Abandoned checkout reminders (after 1 hour)
4.2.3 Review request (after 24 hours)
4.2.4 Newsletter / promotional content (only with consent)
4.3.1 Performance analytics
4.3.2 Usage tracking
4.3.3 Fraud detection
4.3.4 Security monitoring
Where required by law, we may process billing or transaction data for accounting and compliance.
We share data only with trusted service providers essential for delivering our Services:
5.1 Stripe – payment processing, billing details, fraud prevention
5.2 Brevo – email delivery, transactional emails, newsletters
5.3 Independent Automotive Data Providers – Report generation, VIN lookup (anonymized reference)
5.4 Vercel – hosting infrastructure
5.5 Upstash Redis – secure temporary storage and caching
5.6 Framer – frontend and site hosting
5.7 Google Analytics – website analytics (with consent)
All third-party providers operate under GDPR-compliant Data Processing Agreements (DPAs).
6.1.1 VIN, email, and billing address stored temporarily in secure Redis storage.
6.1.2 Automatically deleted after 48 hours.
6.2.1 Reports remain accessible for 30 days.
6.2.2 Permanently deleted after expiry.
Email address and name kept indefinitely for marketing purposes until the User unsubscribes.
Minimal system logs retained for security, rate limiting, and fraud prevention.
Users have the following rights:
You may request details of the personal data we hold about you.
You may request deletion of:
7.2.1 Your email
7.2.2 Billing info
7.2.3 VIN
7.2.4 All personal data
Note:
Because we delete most data automatically after 48 hours, in many cases the data will already be erased.
You may object to:
7.3.1 Analytics tracking
7.3.2 Abandoned cart emails
7.3.3 Review request emails
7.3.4 Newsletter marketing
You may withdraw consent at any time (for newsletter or marketing cookies).
We can restrict data processing when required by law.
You may lodge a complaint with your national Data Protection Authority (ANSPDCP in Romania).
CheckVIN implements strong security measures:
8.1 HTTPS encryption
8.2 Encrypted storage in Redis
8.3 Time-limited tokens for accessing Reports
8.4 Limited internal access (“CheckVIN Team only”)
8.5 Secure hosting (Vercel)
8.6 Strict authentication and access controls
We use:
9.1 Google Analytics (with consent)
9.2 Framer Analytics (legitimate interest, essential)
9.3 Marketing cookies (optional / consent-based)
Visitors may manage cookie choices via the cookie banner or browser settings.
Some providers (e.g., Stripe, Google, Brevo) may store data outside the EU.
All transfers comply with GDPR through:
10.1 Standard Contractual Clauses (SCCs)
10.2 Adequacy decisions
10.3 Data Processing Agreements
CheckVIN does not knowingly collect or process data from individuals under 16.
Use of the Website is restricted to adults.
We may update this Policy to reflect legal, operational, or service changes.
Updates will be posted on this page with a new “Last Updated” date.
For privacy-related inquiries or data requests:
Email: info@checkvin.eu
