Privacy Policy

1. Overview

TesTalk ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our service to connect and control your Tesla vehicle.

2. Information We Collect

2.1 Tesla Account Data

When you sign in via Tesla OAuth, we receive:

• A unique identifier (subject ID) from Tesla's identity service
• Your email address (if granted by Tesla's OAuth response)
• OAuth access and refresh tokens used to communicate with Tesla's Fleet API on your behalf

We never receive or store your Tesla password. Authentication is handled entirely through Tesla's official OAuth 2.0 system.

2.2 Vehicle Data

To display your vehicle list and control your car, we access Tesla's Fleet API. This may include vehicle identification numbers (VINs), vehicle display names, and real-time vehicle state (climate status, temperature settings). We do not store vehicle telemetry data beyond what is necessary to serve your session.

2.3 Usage Data

We may collect anonymized usage statistics (page views, feature interactions) to improve the service. This data does not identify individual users and is not linked to your Tesla account.

2.4 Cookies

We use strictly necessary cookies to maintain your login session. With your consent, we may use analytics cookies to understand how users interact with TesTalk. You can withdraw consent at any time via the cookie banner or your browser settings.

3. How We Use Your Information

• To authenticate you and maintain your session
• To communicate with Tesla's Fleet API on your behalf (sending commands, reading vehicle state)
• To save your paired vehicles and custom command configurations
• To send service-related communications (if you provide an email)
• To improve and secure our service

4. Data Storage and Security

Your data is stored in Turso (a SQLite-based cloud database). OAuth tokens are stored encrypted at rest. We use industry-standard TLS for all data in transit. Access tokens are refreshed automatically and expired tokens are purged.

We do not sell, trade, or rent your personal information to third parties.

5. Data Retention

Your account data is retained for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us. OAuth tokens are automatically invalidated when you sign out.

6. Third-Party Services

• Tesla, Inc. — Vehicle authentication and Fleet API. See Tesla's Privacy Policy for how Tesla handles your data.
• Turso — Cloud database hosting. Data is stored within EU regions where possible.
• Microsoft Azure — Application hosting (Azure App Service, West Europe region).

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Data portability

To exercise any of these rights, contact us at the address below.

8. Children's Privacy

TesTalk is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our homepage and updating the "Last updated" date above. Your continued use of TesTalk after changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions or requests, please contact us through the TesTalk platform or reach out via the contact information listed on our website.