Privacy Policy

Effective date: April 18, 2026

This Privacy Policy explains how RepairHub (“we”, “our”, “us”), operator of repairhub.it.com, collects and uses personal data when you visit the site, create an account, post questions or answers, or purchase a subscription. By using the site, you agree to this Policy.

1. Who is the data controller?

The data controller is the RepairHub team. To reach us about privacy or data subject requests (access, deletion, correction, portability, objection), email [email protected].

2. What we collect

• Account data — name, email address, hashed password, avatar, bio, expertise tags, reputation score, and profile info you provide.
• Content you post — questions, answers, comments, tutorial submissions, uploaded images, and votes.
• Expert-session data — session messages and minutes used when you hire or provide expert support.
• Payment data — handled entirely by Stripe. We store only your Stripe customer ID, subscription tier, and the minute balance tied to your account. We never see or store full card numbers or CVCs.
• Technical data — IP address, user agent, device type, pages visited, referral URL, and interactions with the site, logged for security and abuse prevention.
• Cookies and similar technologies — see our Cookie Policy for full details.
• Google sign-in data — if you sign in with Google, we receive your name, email, and profile picture through Google’s OAuth flow.

3. Why we use it (legal bases)

• Provide the service (contract, Art. 6(1)(b) GDPR) — account creation, login, posting, subscriptions, expert sessions, notifications.
• Keep the site safe (legitimate interest, Art. 6(1)(f) GDPR) — spam prevention, abuse reporting, moderation, ban enforcement.
• Improve the site (consent, Art. 6(1)(a)) — analytics through Google Analytics, only after you opt in via our cookie banner.
• Show relevant ads (consent) — Google AdSense, only after you opt in via our cookie banner.
• Process payments & meet legal obligations (legal obligation, Art. 6(1)(c)) — invoicing, tax, accounting.

4. Who we share data with

• Stripe, Inc. — payment processing (privacy policy).
• Google LLC — Google Sign-In, Google Analytics 4, and Google AdSense (privacy policy).
• Amazon Web Services — cloud storage (S3) for user-uploaded images.
• Abacus.AI — application hosting, infrastructure, and language-model APIs used by our device identifier.
• Law enforcement or legal authorities — if required by subpoena, court order, or applicable law.

We do not sell your personal data.

5. International transfers

Our providers (Stripe, Google, AWS, Abacus.AI) may process data in the United States. Transfers outside the EEA/UK rely on Standard Contractual Clauses or equivalent safeguards published by those providers.

6. How long we keep data

• Account data: until you delete your account.
• Posts (questions, answers, comments): retained so that knowledge threads remain useful to others. You can request deletion of specific posts by emailing us.
• Payment records: retained as long as required by tax and accounting laws (typically 5–7 years).
• Server and security logs: up to 12 months.

7. Your rights

Depending on your location (EEA, UK, California, and similar), you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your account and personal data.
• Receive a copy of your data in portable format.
• Object to or restrict processing based on legitimate interest.
• Withdraw consent for analytics and advertising cookies at any time from the footer.
• Lodge a complaint with your local data protection authority. For California residents, this includes the right not to be discriminated against for exercising CCPA rights.

To exercise any right, email [email protected]. We respond within 30 days.

8. Children

RepairHub is not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal data from them. If we learn that we have, we will delete it. Parents or guardians who believe their child has provided us data should contact us immediately.

9. Security

Passwords are hashed with bcrypt. Data in transit is protected with TLS. Access to our databases is restricted to authorized personnel. No system is perfectly secure, but we follow industry practices to reduce risk.

10. Changes to this policy

We may update this Privacy Policy. When we do, we will change the “Effective date” above and, for significant changes, notify active users by email or an in-site notice.

11. Contact

Email [email protected] with any privacy question, data request, or complaint.