Privacy Policy

Last updated: February 2026

1. Introduction

RepairMinder is a repair shop management platform that helps businesses track repairs, manage customers, and streamline their workflow. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services.

This policy applies to the RepairMinder website (repairminder.com), iOS application, web dashboard (app.repairminder.com), customer portal, and associated APIs (collectively, the “Service”).

In this policy, “we”, “us”, and “our” refer to Mendmyi Ltd (trading as RepairMinder), a company registered in England and Wales. “You” and “your” refer to users of the Service, including repair shop staff (“Business Users”) and their end customers (“Customers”).

2. Data Controller

The data controller responsible for your personal data is:

Mendmyi Ltd (trading as RepairMinder)
20-22 Wenlock Road
London, N1 7GU
United Kingdom

For data protection enquiries, contact privacy@repairminder.com.

Where Business Users enter their customers' data into RepairMinder, the Business User is the data controller for that customer data and RepairMinder acts as a data processor on their behalf.

3. Information We Collect

Account Information

Email address, first and last name
Company name, business address, and VAT number (if provided)
Password (stored securely hashed, never in plaintext)

Repair & Device Data

Device details: brand, model, serial number, IMEI, colour, storage capacity
Device condition and grade assessments
Passcode type (PIN, pattern, password, biometric, none) — we store the type only, not the actual passcode
Find My iPhone status
Warranty and insurance information (provider, expiry, claim references)
Diagnostic notes, repair notes, and technician notes
Device images (pre-repair, post-repair, and diagnostic photos)
Accessories received with devices
Parts used in repairs
Signatures (name, consent, and timestamp for authorisations and collections)

Client/Customer Data

Business Users may enter the following data about their customers:

Customer names, email addresses, phone numbers, and addresses
Social media links (if provided)
Marketing consent status and timestamp
Notes and comments

Financial Data

Order totals, line items, and payment amounts
Payment method type (card, cash, etc.) and card brand/last four digits
Card payments are processed directly by the payment provider — we do not store full card numbers
Refund amounts, dates, and reasons

Technical Data

Device tokens for push notifications
iOS device model, operating system version, and app version (collected during push notification registration)
Login timestamps and session information
IP addresses, browser type, operating system, and device name (for security, rate limiting, and audit logging)
Email delivery data: whether transactional emails were delivered, opened, or bounced (for service reliability monitoring)

Biometric Data (iOS App)

If you choose to enable biometric unlock, the iOS app uses Face ID or Touch ID to authenticate you locally on your device. Biometric data is processed entirely by your device's secure enclave — we never receive, store, or have access to your biometric data.

4. Lawful Basis for Processing

Under UK GDPR, we process your personal data on the following lawful bases:

Contract performance (Article 6(1)(b)) — processing necessary to provide the RepairMinder service to you, including account management, repair tracking, payment processing, and transactional communications (emails, SMS, push notifications).
Legitimate interests (Article 6(1)(f)) — processing necessary for our legitimate interests, including: maintaining security (two-factor authentication, rate limiting, audit logging, fraud prevention), monitoring email deliverability to ensure service reliability, and improving the service based on usage patterns. These interests are balanced against your rights and do not override them.
Legal obligation (Article 6(1)(c)) — retaining financial records as required by UK tax and accounting law.
Consent (Article 6(1)(a)) — where you have given specific consent, such as for marketing communications. You may withdraw consent at any time.

5. How We Use Your Information

Provide and operate the RepairMinder service
Send push notifications for repair status updates, device assignments, quote approvals, payment confirmations, and support messages
Send transactional emails (order confirmations, quotes, collection notices, password resets, magic link authentication)
Send SMS notifications for repair status updates (where enabled by the Business User)
Process payments via third-party payment providers
Validate email addresses before sending to reduce bounces and protect sender reputation
Provide address autocomplete when entering business or customer addresses
Maintain security through two-factor authentication, rate limiting, and audit logging
Monitor email deliverability (delivery, bounce, and open rates) to ensure reliable service
Improve the service based on usage patterns

6. Data Storage & Security

Your data is stored on Cloudflare infrastructure:

D1 (SQLite database) for structured data
R2 (object storage) for device images and file uploads
KV (key-value storage) for rate limiting and session data

Cloudflare processes data in its global network of data centres. Data may be processed in data centres outside the United Kingdom — see Section 11 (International Data Transfers) for details on the safeguards in place.

Security measures include:

All data encrypted in transit via TLS/HTTPS
Passwords hashed using bcrypt; sensitive tokens hashed before storage
Mandatory two-factor authentication for all staff accounts
API access controlled via JWT tokens with automatic expiry (15-minute access tokens, rotating refresh tokens)
Comprehensive audit logging of all significant actions
Rate limiting on authentication and API endpoints
On the iOS app: authentication tokens and sensitive data stored in the device Keychain (hardware-encrypted storage)

7. Push Notifications

We use Apple Push Notification service (APNs) to send notifications to iOS devices. Notification types include:

Order status changes
Device assignments to technicians
Quote approvals and rejections
Payment confirmations
New enquiries and support ticket messages

You can control notifications:

Per notification type: in the app via Settings → Notification Preferences
Entirely: via iOS Settings → RepairMinder → Notifications

Device tokens are registered on login and removed on logout. We do not use push notifications for marketing or advertising.

8. Third-Party Services

We use the following third-party services to operate RepairMinder:

Cloudflare (USA) — hosting, CDN, infrastructure, and data storage
Postmark (USA) — primary transactional email delivery
Brevo (France) — fallback transactional email delivery
VoodooSMS (UK) — SMS delivery for repair status notifications
Stripe (USA) — subscription billing and payment processing
Apple (USA) — push notifications via APNs
Google (USA) — address autocomplete via Google Places API

Each third-party service receives only the minimum data necessary to perform its function. For example, Postmark receives recipient email addresses and message content; Google Places receives address search queries. We may also use third-party services to validate email addresses before sending, in which case only the email address is shared.

We do not use third-party analytics, advertising, or tracking services. We do not sell your data to any third party.

9. Artificial Intelligence & Automated Processing

RepairMinder uses artificial intelligence (AI) services to provide certain features. The following AI providers may process data as part of the Service:

Anthropic (Claude) — generating responses to support tickets and enquiries, and assisting with content generation
Mistral — optical character recognition (OCR) for extracting data from uploaded invoice images and PDFs
Google (Gemini) — image analysis for device condition assessment
OpenAI — alternative language model provider for text generation
Deepseek — alternative language model provider for text generation
Groq — alternative language model provider for text generation
PiAPI — video generation for social media content creation

When your data is processed by AI services, the following safeguards apply:

Only the minimum data necessary for the specific feature is sent to the AI provider
We do not allow AI providers to use your data for training their models
AI-generated outputs (such as draft replies or extracted invoice data) are always subject to human review before being actioned
AI processing is governed by the same data protection standards described in this policy

For further details about how specific AI features process your data, contact privacy@repairminder.com.

10. Data Retention & Deletion

Account data is retained while your account is active
Business data (orders, repair records, customer records) is retained for up to 365 days by default. Business Users can configure retention periods in their company settings.
Audit logs are retained for the duration of the account to maintain a complete security and compliance record
You may request deletion of your account and personal data at any time by emailing support@repairminder.com
On account deletion: personal data (name, email, contact details) is permanently removed; repair records are anonymised; device images are deleted from storage
Backup data is purged within 30 days of a deletion request
Financial records may be retained beyond account deletion where required by UK law (e.g., HMRC requires records to be kept for at least 6 years)

11. International Data Transfers

Some of our third-party service providers are based outside the United Kingdom (primarily in the United States). When your data is transferred outside the UK, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office, incorporated into our agreements with third-party processors
Ensuring that recipients maintain appropriate technical and organisational security measures

You can request further details about the safeguards in place by contacting privacy@repairminder.com.

12. Your Rights

Under the UK Data Protection Act 2018 and UK GDPR, you have the right to:

Access — request a copy of the personal data we hold about you
Rectification — request correction of inaccurate personal data
Erasure — request deletion of your personal data
Restrict processing — request that we limit how we use your data
Data portability — request your data in a structured, machine-readable format
Object — object to processing based on legitimate interests
Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, contact privacy@repairminder.com. We will respond within one month. This period may be extended by a further two months for complex requests, in which case we will notify you within the first month.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

13. Cookies

The marketing website (repairminder.com) does not use cookies
The web dashboard (app.repairminder.com) uses essential cookies only for authentication session management
We do not use analytics cookies, advertising cookies, or third-party tracking cookies

14. Children's Privacy

RepairMinder is a business tool not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.

15. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated “Last updated” date. For significant changes, we will notify users via email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

16. Contact Us

Mendmyi Ltd (trading as RepairMinder)
20-22 Wenlock Road, London, N1 7GU

Privacy inquiries: privacy@repairminder.com
General support: support@repairminder.com