Privacy Policy

This Privacy Policy ("Policy") explains how Auto Buffy Inc., doing business as AutoBuffy ("AutoBuffy," "Company," "we," "us," or "our"), collects, uses, discloses, and protects your personal information when you visit our website at autobuffy.com (the "Site"), use our mobile applications, or engage with our services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

This Policy applies to information we collect on this Site, in email, text, and other electronic messages between you and AutoBuffy, and when you interact with our advertising and applications on third-party websites and services.

Auto Buffy Inc. is a Maryland corporation operating the consumer retail website autobuffy.com. We specialize in aftermarket automotive parts including suspension components, engine mounts, struts, shocks, and related accessories.

Our principal place of business is located at: 8700 Larkin Rd, Savage, MD 20763, United States.

For any privacy-related inquiries, you may contact our Privacy Team at support@autobuffy.com or by mail at the address above, Attention: Privacy Compliance Officer.

We use the information we collect for the following purposes:

• Process and fulfill your orders, including payment processing, shipping, and delivery notifications
• Create and manage your account, authenticate your identity, and provide customer support
• Verify vehicle fitment and provide accurate product recommendations
• Communicate with you about your orders, account, and inquiries
• Process returns, refunds, exchanges, and warranty claims
• Send transactional emails (order confirmations, shipping updates, receipts)
• With your consent, send marketing communications about products, promotions, and company news
• Improve our website, products, and services through analytics and research
• Detect, prevent, and address fraud, security threats, and illegal activities
• Comply with legal obligations and enforce our Terms of Use
• Personalize your shopping experience and show relevant product recommendations
• Administer contests, promotions, and surveys

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

• Contract Performance: Processing necessary to fulfill our contract with you (e.g., processing orders, delivering products)
• Legitimate Interests: Processing for our legitimate business interests that do not override your rights (e.g., fraud prevention, website improvement)
• Consent: Processing based on your explicit consent (e.g., marketing emails, cookies)
• Legal Obligation: Processing required to comply with applicable laws and regulations

You may withdraw your consent at any time by contacting us at privacy@autobuffy.com.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

We use cookies, pixel tags, and similar technologies to enhance your experience on our Site.

We implement industry-standard security measures to protect your personal information:

• 256-bit SSL/TLS encryption for all data transmission
• PCI-DSS compliance for payment card data handling
• Encrypted data storage on secure cloud servers
• Regular security audits and vulnerability assessments
• Access controls limiting employee access to personal data
• Two-factor authentication for administrative accounts
• Secure password hashing and storage
• DDoS protection and web application firewalls

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we commit to promptly notifying affected users in the event of a data breach as required by applicable law.

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law.

• Account information: Retained while your account is active and for 3 years after account closure
• Order history: Retained for 7 years for tax, accounting, and warranty purposes
• Customer service records: Retained for 3 years after resolution
• Marketing preferences: Retained until you unsubscribe or request deletion
• Website analytics: Aggregated and anonymized after 26 months

After the retention period, we securely delete or anonymize your information. You may request earlier deletion subject to our legal and business obligations (see Section 10).

Depending on your location, you may have the following rights regarding your personal information:

We will respond to verifiable requests within 30 days (or 45 days for complex requests, with notice). We may require you to verify your identity before processing your request.

Some web browsers transmit "Do Not Track" (DNT) signals. Because there is no common industry standard for DNT, our Site does not currently respond to DNT signals. However, you can manage your privacy preferences through cookie settings and opt-out mechanisms described in this Policy.

Our Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 16, we will take immediate steps to delete that information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@autobuffy.com so we can delete the information.

Our Services are operated from the United States. If you are located outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.

By using our Services, you consent to the transfer of your information to the United States and other countries that may have different data protection laws than your jurisdiction. We take appropriate safeguards to ensure your data remains protected in accordance with this Policy.

For EEA/UK residents, we rely on Standard Contractual Clauses approved by the European Commission for international data transfers.

Our Site may contain links to third-party websites, plugins, or services that are not operated by us. This Privacy Policy does not apply to those third-party services.

We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party websites or services you visit. AutoBuffy is not liable for any damages or losses arising from your use of third-party services.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes, we will:

• Update the "Last Updated" date at the top of this Policy
• Post the updated Policy on this page
• Notify you by email if we have your email address
• Display a prominent notice on our Site

Your continued use of our Services after any changes constitutes your acceptance of the updated Policy. We encourage you to review this Policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: