Privacy Policy

Introduction

• Diamond Touch Detailing ("we," "us," or "our") is committed to protecting the privacy of our customers and website visitors.
• This Privacy Policy describes how we collect, use, share, and protect your personal information when you use our website (diamondtouchdetails.com), book a service, or interact with us.
• We comply with the California Consumer Privacy Act (CCPA) and applicable federal privacy laws.
• By using our website or services, you agree to the practices described in this Policy.

Information We Collect

• Contact information: Your full name, email address, phone number, and service address.
• Vehicle information: Make, model, year, and condition of your vehicle for service planning.
• Payment information: We accept payment via Square. We do not store your card numbers — all payment data is processed and stored securely by Square, Inc. We may retain a tokenized reference to your payment method for recurring billing (membership plans).
• Account credentials: If you create a customer portal account, we store your email address and a hashed authentication token via Supabase. We never store your raw password.
• Booking history: Records of past and upcoming appointments, services selected, and pricing.
• Communications: Any messages you send us via email, text, or contact forms.
• Usage data: Pages visited, time on site, browser type, and IP address — collected automatically via Cloudflare analytics (anonymized).
• Address autocomplete data: When you enter a service address, we use Nominatim (OpenStreetMap) for address suggestions. No personally identifiable data is sent — only the partial address string.

How We Use Your Information

• Booking confirmations: To send you appointment details, reminders, and follow-up communication.
• Payment processing: To charge deposits and full-service payments, including recurring membership billing.
• Service reminders: To notify you of upcoming appointments and membership renewals.
• Account management: To authenticate you in our customer portal and manage your profile, vehicles, and booking history.
• Marketing communications: We may send promotional emails about new services or special offers. You can opt out at any time — see Section 6.
• Business operations: To improve our services, detect fraud, and maintain site security.
• Legal compliance: To respond to legal requests or enforce our Terms of Service.

Third-Party Services & Data Sharing

• We do not sell your personal information to third parties.
• Square, Inc. — Processes all payment transactions. Your payment card data is handled solely by Square under their Privacy Policy. We receive only a payment token and confirmation.
• Resend — Delivers transactional and marketing emails on our behalf (booking confirmations, reminders, receipts). Your email address is shared with Resend solely for delivery purposes.
• Cloudflare — Hosts our website and provides CDN and analytics services. Cloudflare may collect anonymized visitor data (IP addresses, page views) subject to their Privacy Policy.
• Meta — Provides advertising measurement through the Meta Pixel. Meta may receive page views and conversion events, such as lead submissions, booking deposits, memberships, or gift card purchases, subject to Meta's privacy terms.
• Supabase — Powers our customer portal backend (authentication, database, and edge functions). Your account data is stored on Supabase's infrastructure in the United States.
• Nominatim / OpenStreetMap — Used for address autocomplete during booking. Only the partial text string you type is transmitted; no name, phone, or payment data is shared.
• We may share your information if required by law or to protect the rights and safety of our business, employees, or customers.

Cookies & Tracking

• We use cookies and browser local storage for the following purposes:
• Authentication: To keep you signed into the customer portal between visits.
• Analytics: We collect first-party site analytics including page views, click locations, scroll depth, device type, browser, operating system, approximate location derived from your IP address (country/region), and any UTM/campaign parameters present in the URL when you arrive. This is stored in our own infrastructure (Supabase + Cloudflare). We also use Meta Pixel for advertising measurement and retargeting. We honor the browser Do Not Track signal — if enabled, we only record page views and skip click/event tracking.
• Visitor + session cookies: dtd_vid (2 years, identifies your browser so we can connect visits to bookings), dtd_sid (session-only, groups views within one visit), and dtd_attr (up to 90 days, remembers which campaign link sent you).
• Advertising cookies: Meta may set or read cookies to measure ad performance and connect website activity to Meta campaigns.
• Preferences: We store your cookie consent preference in local storage so we don't ask again.
• You can clear cookies and local storage at any time via your browser settings. This will sign you out of the portal.

Your Privacy Rights (California Residents)

• As a California resident, you have the following rights under the CCPA:
• Right to Know: You may request a list of the personal information we have collected about you and how it is used or shared.
• Right to Delete: You may request that we delete your personal information, subject to certain exceptions (e.g., completing a transaction, legal obligations).
• Right to Export: You may request a copy of your personal data in a portable format.
• Right to Opt Out of Marketing: You can unsubscribe from marketing emails by clicking "Unsubscribe" in any email we send, or by contacting us directly. This does not affect transactional messages related to your bookings.
• Right to Non-Discrimination: Exercising your privacy rights will not affect the quality of service you receive from us.
• To submit a request, contact us at [email protected] or call (951) 345-3195. We will respond within 45 days.

Data Security

• We use industry-standard security measures to protect your information, including HTTPS encryption, secure authentication tokens, and access controls.
• Payment data is never stored on our servers — it is handled exclusively by Square's PCI-compliant infrastructure.
• Despite our precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

Data Retention

• We retain your information for as long as necessary to provide our services, comply with legal obligations, and resolve disputes.
• Booking and transaction records are kept for a minimum of 3 years for accounting and tax purposes.
• If you request deletion of your account, we will remove your personal information within 30 days, except where retention is legally required.

Children's Privacy

• Our services are not directed to individuals under 18 years of age.
• We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, please contact us immediately.

Changes to This Policy

• We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised "Last Updated" date.
• Continued use of our website or services after changes are posted constitutes acceptance of the updated Policy.
• For significant changes, we will notify you by email or a prominent notice on our website.

Contact Us