← All Legal Documents

Privacy Policy

Effective: March 25, 2026

Introduction

Fixty Inc. ("Fixty," "we," "us," or "our") is a Delaware corporation that provides a mobile-first customer relationship management (CRM) platform designed for independent mobile mechanics. Our platform helps mechanics manage customers, vehicles, jobs, quotes, invoices, and payments from a single integrated application.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at fixty.com, use our mobile application, or interact with any of our services (collectively, the "Platform"). It applies to all users of the Platform, including mechanics who subscribe to our services and their customers who interact with features such as digital quotes, booking pages, and SMS notifications.

By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use our Platform.

Information We Collect

We collect several categories of information depending on how you interact with the Platform.

Personal Information

When you sign up for a Fixty account or join our waitlist, we collect information that identifies you as an individual. This includes your first name, last name, email address, and phone number.

During our six-step onboarding process, we also collect your business name, city, state, services offered, years of experience, team size, service radius, service model (mobile, shop, or both), labor rate, parts markup percentage, and common services you provide.

Business Information

As you use the Platform, you may enter information about your business operations, including customer records (names, phone numbers, email addresses, and physical addresses), vehicle data (VIN numbers, license plates, mileage, make, model, and year), job details, quotes, invoices, and payment records.

Vehicle Data

Mechanics using the Platform may enter vehicle information on behalf of their customers, including Vehicle Identification Numbers (VINs), license plate numbers, mileage readings, and vehicle make, model, and year. This data is stored to facilitate job tracking, service history, and quote generation.

Payment Metadata

We store references to your payment accounts, specifically your Stripe customer ID and Stripe subscription ID. We do not store credit card numbers, bank account numbers, or other sensitive financial credentials on our servers. All payment processing is handled directly by Stripe.

Usage Data

We automatically collect information about how you interact with the Platform, including pages visited, features used, time spent on pages, click patterns, device type, browser type, operating system, IP address, and referring URLs. We also collect UTM parameters from marketing campaigns to understand how users discover Fixty.

Cookies and Tracking Technologies

We use cookies, pixel tags, and similar technologies to collect usage data, remember your preferences, authenticate your sessions, and deliver targeted advertising. For detailed information about the specific cookies we use, please refer to our Cookie Policy.

How We Collect Information

We collect information through three primary channels.

Directly From You

We collect information you provide directly when you join our waitlist, create an account, complete onboarding, enter customer or vehicle data, submit support requests, or communicate with us via email or SMS.

Automatically Through Technology

When you use the Platform, we automatically collect usage data through cookies, Google Analytics (via Google Tag Manager), Meta Pixel, and server logs. Our authentication system powered by Supabase sets session cookies to keep you logged in securely.

From Third Parties

We may receive information from third-party services that integrate with the Platform. For example, Stripe may provide us with payment confirmation details, subscription status updates, and fraud screening results associated with your account.

How We Use Your Information

We use the information we collect for the following purposes.

To Provide and Maintain Our Services

We use your information to create and manage your account, deliver the features of the Platform (including customer management, job tracking, invoicing, and appointment scheduling), and provide customer support.

To Process Payments

We use payment-related information to process your subscription payments through Stripe, manage your billing cycle, and handle refunds or disputes. All payment transactions are conducted through our secure web-based checkout to ensure the highest level of payment security.

To Send Notifications

We use your contact information to send transactional notifications, including appointment reminders, quote approvals, invoice receipts, and account-related alerts. These communications are sent via SMS (through Twilio) and email (through Resend).

To Improve the Platform

We analyze usage patterns and feedback to identify bugs, optimize performance, develop new features, and improve the overall user experience.

For Marketing Purposes

With your consent, we may use your email address to send promotional communications about new features, special offers, or product updates. You can opt out of marketing emails at any time by clicking the unsubscribe link included in every marketing message or by contacting us directly.

How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances.

Third-Party Service Providers

We engage trusted third-party companies to perform services on our behalf. Each processor only receives the minimum information necessary to perform its designated function:

Supabase provides our database hosting, user authentication, and real-time data services. Your account data, customer records, and business information are stored in Supabase servers located in the United States.

Stripe processes all subscription payments and handles billing. Stripe receives your payment details directly and provides us with transaction confirmations and subscription status.

Twilio powers our SMS notification system. Twilio receives phone numbers and message content to deliver appointment reminders, quote notifications, and other transactional messages on your behalf.

Google Maps Platform provides location and geocoding services. When you set a service radius or use location features, your city and state information may be sent to Google.

CookieBot manages cookie consent on our website, ensuring compliance with privacy regulations by allowing you to control which cookies are active.

Google Tag Manager orchestrates our analytics tools. It loads Google Analytics scripts that collect anonymized usage data to help us understand how people use the Platform.

Meta Pixel tracks marketing attribution from Facebook and Instagram advertising campaigns. It collects browsing behavior data to measure ad effectiveness.

Resend handles transactional email delivery, including account verification emails, password resets, and invoice notifications.

Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Platform before your information is transferred and becomes subject to a different privacy policy.

Data Retention

We retain your information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Account Data

We retain your account data for as long as your account is active and for 30 days following account deletion. During this 30-day grace period, you may contact us to reactivate your account and recover your data. After 30 days, your account data is permanently deleted from our systems.

Marketing Data

Waitlist entries, email preferences, and marketing consent records are retained for up to 2 years from the date of collection or your last interaction with our marketing communications, whichever is later. You may request deletion of your marketing data at any time.

Server Logs

Automated server logs containing IP addresses, request metadata, and error information are retained for 90 days and then automatically purged.

Payment Records

Payment transaction records and invoices are retained for 7 years in compliance with applicable tax and accounting regulations. This data is maintained in our payment processor (Stripe) and may include transaction amounts, dates, and subscription history.

Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information. We honor all applicable privacy rights regardless of where you reside.

General Rights

Access: You have the right to request a copy of the personal information we hold about you.

Correction: You have the right to request that we correct any inaccurate or incomplete personal information.

Deletion: You have the right to request that we delete your personal information, subject to certain legal exceptions (such as tax record retention requirements).

Portability: You have the right to receive your data in a structured, commonly used, machine-readable format. Fixty provides data export functionality within the Platform.

Opt-Out: You have the right to opt out of marketing communications at any time.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share your data.

Right to Delete: You may request deletion of your personal information, subject to certain exceptions.

Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

Do Not Sell or Share: Fixty does not sell your personal information as defined under the CCPA. We do not share your personal information for cross-context behavioral advertising purposes.

Categories of Personal Information Collected: Identifiers (name, email, phone), commercial information (subscription and payment history), internet activity (usage data, browsing history on our Platform), geolocation data (city, state), and professional information (business name, services offered).

European Economic Area Residents (GDPR)

If you are located in the European Economic Area (EEA), we process your personal information under the following lawful bases as defined by the General Data Protection Regulation (GDPR):

Contractual Necessity: Processing necessary to perform our contract with you (providing Platform services, processing payments).

Legitimate Interests: Processing necessary for our legitimate business interests (improving the Platform, preventing fraud, ensuring security), where those interests are not overridden by your rights.

Consent: Processing based on your explicit consent (marketing communications, non-essential cookies).

Legal Obligation: Processing necessary to comply with applicable laws.

You also have the right to lodge a complaint with your local data protection authority. For privacy inquiries related to GDPR, you may contact our designated privacy point of contact at privacy@fixty.com.

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@fixty.com. We will respond to your request within 30 days (or sooner if required by applicable law). We may ask you to verify your identity before processing your request to protect your privacy and security.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate the Platform, analyze usage, and deliver advertising. Our cookie consent is managed through CookieBot, which presents you with a consent banner on your first visit and allows you to adjust your preferences at any time.

For a comprehensive list of the cookies we use, their purposes, and their durations, please refer to our Cookie Policy.

Data Security

We take the security of your information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction.

Our security measures include Row-Level Security (RLS) policies in our database to ensure that each mechanic can only access their own data, encryption of data at rest and in transit using industry-standard protocols (TLS 1.2+), JSON Web Token (JWT) based authentication through Supabase to verify user sessions, and regular security reviews of our infrastructure and codebase.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

International Data Transfers

Fixty is based in the United States, and our primary data infrastructure is hosted in the United States. If you access the Platform from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

For users in the European Economic Area or other jurisdictions with data transfer restrictions, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and other appropriate safeguards to ensure that your data is protected in accordance with this Privacy Policy when transferred internationally.

Children's Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to promptly delete that information. If you believe we may have inadvertently collected information from a minor, please contact us at privacy@fixty.com.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will provide at least 30 days advance notice by posting the updated policy on the Platform and, where appropriate, notifying you by email.

The "Last Updated" date at the top of this policy indicates when the most recent revisions were made. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@fixty.com

Fixty Inc., a Delaware corporation.

For general legal inquiries, you may also reach us at legal@fixty.com.

Questions about this document? Contact us at legal@fixty.com