Privacy Policy

folder_open1. Information We Collect

Personal Information You Provide

When you book a repair, contact us, or use our services, we may collect:

• Full name
• Phone number
• Email address
• Device type, model, and repair details
• Photos of device damage (if uploaded)
• Payment information (processed in-store only; we do not store card numbers)

Information Collected Automatically

When you visit our website, we may automatically collect:

• IP address and approximate geolocation
• Browser type and version
• Device type (mobile, desktop, tablet)
• Pages visited, time spent, and referring URL
• Cookies and similar tracking identifiers

settings2. How We Use Your Information

We use the information we collect for the following purposes:

• To process and manage your repair bookings and appointments
• To communicate with you about your repair status, estimates, and reminders
• To send booking confirmations and follow-up emails (e.g., review requests). You may opt out of non-essential emails at any time by clicking the unsubscribe link in the email or by contacting us directly.
• To improve our website, services, and customer experience
• To analyze website traffic and usage patterns
• To comply with legal obligations and resolve disputes
• To prevent fraud and protect the security of our services

cookie3. Cookies & Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience. Below are the types of cookies we use:

You can manage your cookie preferences at any time by clearing your browser's cookies and local storage. Most browsers also allow you to block or delete cookies through their settings.

hub4. Third-Party Services

We use the following third-party services that may collect information as described in their respective privacy policies:

• Google Analytics — website traffic analysis (Privacy Policy)
• Google Maps — embedded maps and directions (Privacy Policy)
• Cloudflare — website security and performance (Privacy Policy)

We do not control the data practices of these third-party services. We encourage you to review their privacy policies.

share5. Data Sharing & Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

• Service providers: Trusted third parties who assist in operating our website and services (e.g., email delivery, hosting), subject to confidentiality agreements
• Legal requirements: When required by law, subpoena, court order, or government request
• Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users
• Safety: To protect the rights, safety, or property of FIXSTORY, our customers, or others

schedule6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy:

• Booking & repair records: Retained for up to 3 years for warranty and service history purposes
• Communication records: Retained for up to 1 year
• Website analytics data: Retained for up to 26 months (Google Analytics default)
• Cookie consent preferences: Stored in your browser until you clear local storage

After the retention period, data is securely deleted or anonymized.

lock7. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your personal information, including:

• SSL/TLS encryption for all data transmitted through our website
• Secure server infrastructure with access controls
• Regular security reviews and updates
• In-store payment processing only (no online card storage)

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

gavel8. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You may request that we disclose what personal information we have collected, used, disclosed, or sold about you in the past 12 months.
• Right to Delete: You may request the deletion of your personal information, subject to certain legal exceptions.
• Right to Opt-Out of Sale: We do not sell your personal information. Therefore, there is no need to opt out.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
• Right to Correct: You may request that we correct inaccurate personal information we hold about you.
• Right to Limit Use of Sensitive Information: You may request that we limit the use and disclosure of your sensitive personal information.

public9. GDPR Rights for EU Residents

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws grant you the following rights with respect to your personal data:

Your Rights Under GDPR

• Right to be Informed: You have the right to know what personal data we collect, why we collect it, and how it is used.
• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request that we correct inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You may request that we delete your personal data in certain circumstances.
• Right to Restrict Processing: You may request that we limit how we use your personal data.
• Right to Data Portability: You may request to receive your personal data in a structured, machine-readable format, or to transfer it to another service provider.
• Right to Object: You may object to the processing of your personal data for direct marketing or based on legitimate interests.
• Rights related to Automated Decision-Making: We do not use your personal data for solely automated decision-making or profiling.

Legal Basis for Processing

We process your personal data on the following legal bases under GDPR Article 6: (a) Consent — when you provide explicit consent (e.g., cookie acceptance); (b) Contract — to fulfill repair services and bookings you request; (c) Legal Obligation — to comply with applicable laws; (d) Legitimate Interests — to improve our services, prevent fraud, and ensure security.

International Data Transfers

FIXSTORY is based in the United States. If you access our services from the EEA, UK, or Switzerland, your personal data may be transferred to and processed in the United States. We rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) where applicable to ensure your data receives an adequate level of protection.

child_care10. Children's Privacy

Our website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us immediately.

update11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page and, where feasible, notify you by email. We encourage you to review this policy periodically. Your continued use of our website or services after any changes constitutes your acceptance of the updated policy.

mail12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: