Legal

Privacy Policy

Effective June 14, 2026  ·  Last updated June 14, 2026

DealSync ("we," "our," or "us") operates the DealSync mobile application and web platform for automotive dealerships and their employees. This policy explains what information we collect, how we use it, and your choices.

DealSync is a B2B tool. Access requires an employer-issued invitation. We do not offer public sign-up and do not collect personal data from the general public.
Section 1

Information We Collect

Account & identity information

  • Your name and email address, obtained from your employer-managed Microsoft Azure AD, Google Workspace, or Apple ID account when you authenticate.
  • Your role and position at the dealership, as configured by your employer in DealSync.

Device & notification information

  • Device push notification token (Apple Push Notification service / APNs), used solely to deliver work notifications — deal updates, alerts — to your device.
  • Device platform (iOS or Android), used to route notifications correctly. No device identifiers (IDFA, IDFV) are collected.

Business & usage data

  • Deal activity, sales logs, floor traffic records, leaderboard entries, and goal progress you or your colleagues enter into DealSync. This data belongs to and is controlled by your employer.
  • Basic app activity logs (authentication events, session refresh) for security and troubleshooting. These are not used for advertising or cross-product tracking.
What we do NOT collect
  • Precise or approximate location
  • Camera or microphone data
  • Contact lists or calendar data
  • Health or financial data
  • Browsing history or data from other apps
  • Advertising identifiers (IDFA, IDFV)
Section 2

How We Use Your Information

  • Authentication — Verify your identity via your employer's OAuth provider and maintain a secure session.
  • Push notifications — Send work-relevant alerts (deal status, goals, team updates) that you or your employer have configured.
  • Service operation — Display real-time deal boards, leaderboards, and reports to you and authorized colleagues at your dealership.
  • Security — Detect and respond to unauthorized access attempts.
  • Support — Diagnose bugs and improve reliability.

We do not use your personal data for advertising, sell it to third parties, or use it to train machine-learning models.

Section 3

Data Sharing

  • Within your dealership — Managers and authorized colleagues at your dealership can see data you enter, consistent with the permissions your employer has set.
  • Apple Push Notification service (APNs) — Your device token is passed to APNs by Expo's push notification infrastructure to deliver notifications. Apple's privacy policy governs their handling of this data.
  • Expo (EAS) — We use Expo Application Services to build and deliver the app. See expo.dev/privacy.
  • Legal requirements — We may disclose information if required by law, court order, or to protect the rights and safety of our users.
Section 4

Data Retention

We retain your account data for as long as your employer maintains an active DealSync subscription and your account is active. Authentication session tokens are short-lived (JWT, refreshed on app open). Push notification tokens are deleted from our servers when you log out or uninstall the app.

Your employer may request deletion of all data associated with their dealership by contacting us at support@dealsync.org.

Section 5

Security

All data is transmitted over HTTPS/TLS. Authentication tokens are stored in the iOS Keychain via Expo SecureStore (hardware-backed encrypted storage). We enforce rate limiting, JWT expiry, and per-tenant database isolation — no two dealerships share a database or can access each other's data.

Section 6

Children's Privacy

DealSync is a workplace tool intended for adults (18+) employed at automotive dealerships. We do not knowingly collect information from anyone under 18. If we learn that a minor has provided data, we will delete it promptly.

Section 7

Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data. Because DealSync is employer-administered, many of these requests should be directed to your employer first. You may also contact us directly at support@dealsync.org.

To opt out of push notifications, go to Settings > Notifications > DealSync on your iPhone at any time. Logging out of the app also deregisters your device token from our servers immediately.

Section 8

Changes to This Policy

We may update this policy to reflect changes in our practices or applicable law. We will post the updated policy at this URL with a new effective date. Continued use of the Service after changes constitutes acceptance.

Section 9

Contact

Questions about this policy?