Privacy Policy
Last updated: January 2026
1. Who I Am
AutoFeedback (auto-feedback.com) is a personal side project — a European car review platform built and maintained by a single independent developer. It allows vehicle owners across Europe to share and read authentic car reviews. For the purposes of data protection law, I am the data controller of your personal data.
Contact: [email protected]
2. Data I Collect
2.1 Account Data
When you register, I collect:
- Email address
- Username (chosen by you)
- Password (stored securely with bcrypt hashing — plain-text passwords are never stored)
- If you use Google Sign-In: your Google account name and email
2.2 Review Data
When you submit a car review, I store the content of that review, including ratings, pros/cons, and your ownership details.
2.3 Usage Data
I use Google Analytics to understand how visitors use the site. This includes pages visited, time spent, device type, and approximate geographic region. This data is anonymised and aggregated.
2.4 Advertising
I use Google AdSense to display advertisements. Google may use cookies to show personalised ads based on your browsing behaviour. You can opt out at adssettings.google.com.
2.5 Security (Cloudflare Turnstile)
I use Cloudflare Turnstile for bot protection on forms. Cloudflare may process technical data (IP address, browser fingerprint) for this purpose.
3. Legal Basis for Processing (GDPR)
- Contract performance: Processing your account data to provide you with the service.
- Legitimate interests: Analytics to improve the platform; security to protect against fraud.
- Consent: Personalised advertising cookies (you can withdraw consent via the cookie banner).
4. Cookies
The following types of cookies are used:
| Cookie | Purpose | Duration |
|---|---|---|
| session | Keeps you logged in | 7–30 days |
| cookie_consent | Saves your cookie preference | 1 year |
| _ga, _gid | Google Analytics tracking | Up to 2 years |
| Google AdSense | Personalised advertising | Varies |
You can manage cookies via your browser settings or the cookie consent banner.
5. Data Sharing
I do not sell your personal data. Data may be shared with:
- Google LLC — for Analytics and AdSense (subject to Google's privacy policy)
- Cloudflare, Inc. — for hosting, security, and bot protection
- Law enforcement agencies, if required by law
6. Data Retention
- Account data: retained as long as your account is active, or up to 3 years after last activity
- Reviews: retained indefinitely unless you request deletion
- Session data: deleted after expiry (7 or 30 days)
7. Your Rights Under GDPR
If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights:
- Right of access — request a copy of your personal data
- Right to rectification — correct inaccurate data
- Right to erasure — request deletion of your data ("right to be forgotten")
- Right to restrict processing — limit how your data is used
- Right to data portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
- Right to withdraw consent — for cookie-based processing at any time
To exercise any of these rights, reach out at [email protected]. I will respond within 30 days.
You also have the right to lodge a complaint with your national data protection authority.
8. International Transfers
The infrastructure uses Cloudflare and Google services, which may process data in the United States. These transfers are subject to appropriate safeguards (Standard Contractual Clauses) as required by GDPR Article 46.
9. Changes to This Policy
This policy may be updated from time to time. Significant changes will be communicated via email or a notice on the site. The "last updated" date at the top indicates the most recent revision.
10. Contact
For any privacy-related questions or to exercise your rights, feel free to get in touch:
Email: [email protected]
Website: auto-feedback.com