Privacy Policy

01. Who We Are

Batters Technology LLC d/b/a eTX ImpaXt ("eTX ImpaXt," "Company," "we," "us," or "our") is a Texas limited liability company that provides AI-powered software for the automotive collision and repair industry. Our registered address and primary place of business is in Longview, Texas.

This Privacy Policy applies to:

• Our website at etximpaxt.com and related subdomains;
• Our SaaS platform, APIs, and mobile tools; and
• Any communications, marketing, and support interactions with us.

For our business-to-business (B2B) platform customers, this policy should be read alongside your executed Data Processing Agreement (DPA). Contact us at samuel@etximpaxt.com to request or execute a DPA.

02. Data We Collect

We collect information in the following categories depending on how you interact with us:

Information You Provide Directly

• Inquiries and contact: When you contact us by email or through a contact form, you may provide your name, business name, email address, phone number, and the content of your message. Our current marketing website uses direct email contact; any future web forms will present a clear notice at the point of collection.
• Account registration: Business name, contact name, job title, email address, billing address, and payment information (processed by our PCI-compliant payment processor - we do not store raw card numbers).
• Platform data: Vehicle identification numbers (VINs), vehicle make/model/year, damage descriptions, repair cost estimates, insurance carrier information, and claim numbers you enter into the platform.
• Communications: Content of emails, support tickets, or other messages you send us.

Information Collected Automatically

• Usage data: Pages visited, features used, time spent, click paths, and interaction patterns within our website and platform.
• Device and browser data: IP address, browser type and version, operating system, device identifiers, screen resolution, and language settings.
• Log data: Server logs including request timestamps, API call logs, error reports, and diagnostic data.
• Location data: Approximate geographic location derived from your IP address (city/region level). We do not collect precise GPS location without explicit consent.
• Cookies and tracking technologies: See Section 5 (Cookies & Tracking) for full details.

Information from Third Parties

• Integration data from third-party platforms you connect to eTX ImpaXt (e.g., insurance carrier portals, shop management systems, OEM parts databases).
• Business verification data from commercial data providers to validate accounts.

03. AI & Image Data (Computer Vision Processing)

A core feature of eTX ImpaXt is AI-powered damage assessment using photographs of vehicle damage. This section describes how we handle this sensitive data category.

Vehicle Damage Photographs

• Images you upload are processed by our proprietary computer vision models to identify damage, classify severity, and generate repair estimates.
• Images may contain incidental personal information (e.g., license plates, reflections). We apply automated redaction where feasible and do not use incidentally captured personal data for any secondary purpose.
• Uploaded images are stored in encrypted cloud storage and are accessible only to authorized platform personnel and AI processing systems.
• We do not sell, license, or share vehicle damage images with insurers, third-party data brokers, or advertising networks.
• Images are retained for the duration of your subscription plus 90 days, after which they are permanently deleted unless you request earlier deletion. See Section 8 (Data Retention).

AI Model Training

• We may use de-identified, aggregated image data to improve the accuracy and performance of our AI models. No images are used for model training in a form that could identify your business, your customers, or specific vehicles without your explicit written consent.
• You may opt out of contributing to model improvement by contacting samuel@etximpaxt.com. Opting out does not affect platform functionality.

Collision Estimate & Assessment Data

• AI-generated estimates, damage classifications, and supplement recommendations are treated as Customer Data and subject to the same access controls and retention policies as the underlying images.
• Aggregate, de-identified estimate data (e.g., average repair costs by damage type or vehicle class) may be used to generate industry benchmarks. This aggregated data cannot be traced to any individual business or claim.

Contact Form Data

• Information submitted through our website contact forms is used solely to respond to your inquiry and to follow up about our services.
• Contact form submissions are stored in our CRM and retained for up to 24 months or until you request deletion.
• We do not add contact form submitters to marketing lists without separate affirmative consent.

04. How We Use Your Data

We process personal data only for specified, legitimate purposes:

• Service delivery: Providing, maintaining, and improving the eTX ImpaXt platform and its AI features.
• Account management: Creating and managing your account, processing payments, and communicating service updates.
• Customer support: Responding to inquiries, troubleshooting issues, and providing technical assistance.
• Security and fraud prevention: Detecting, investigating, and preventing unauthorized access, abuse, or fraudulent activity.
• Analytics and product improvement: Understanding how the platform is used to guide feature development and performance optimization.
• Legal compliance: Meeting our obligations under applicable laws, regulations, and court orders.
• Marketing communications: Sending you product updates, case studies, or promotional content - only with your consent, and you may opt out at any time.

We do not sell personal data. We do not use personal data to make fully automated decisions with legal or similarly significant effects without human review.

05. Cookies & Tracking Technologies

We use cookies and similar technologies on our website and platform. You can manage your cookie preferences through our consent banner or your browser settings.

Types of Cookies We Use

• Strictly Necessary: Required for the website and platform to function (e.g., session authentication, security tokens, load balancing). These cannot be disabled without breaking core functionality.
• Analytics/Performance: Help us understand how visitors interact with our website (e.g., Google Analytics, page view tracking). These are set only with your consent.
• Functional: Remember your preferences (e.g., language, display settings). Set with your consent.
• Marketing: We do not currently deploy third-party advertising cookies. If this changes, we will update this policy and seek your consent.

Other Tracking Technologies

• Web beacons / pixel tags: May be used in emails to confirm delivery and measure engagement (open rates). You can disable image loading in your email client to prevent this.
• Local storage: Used for session state and performance caching within the platform.

Managing Cookies

You can set your browser to refuse cookies or to alert you when cookies are being sent. Note that disabling cookies may affect the functionality of our website and platform. For more information on managing cookies, visit allaboutcookies.org.

We honor browser-level "Do Not Track" (DNT) signals on our marketing website. The platform itself uses strictly necessary cookies that are not subject to DNT.

06. Third-Party Sharing

We do not sell your personal data. We share data only as described below:

• Service providers (processors): We engage vetted third-party vendors to support our operations - cloud hosting (AWS/Azure), payment processing, CRM, email delivery, and analytics. These vendors process data only on our behalf under contractual data protection obligations.
• Integration partners: If you connect eTX ImpaXt to third-party platforms (insurance portals, shop management systems), we share only the data necessary to fulfill the integration, under your direction.
• Legal obligations: We may disclose information to law enforcement, government agencies, or courts when required by law, subpoena, or to protect our legal rights or the safety of users.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity. We will provide notice and, where required by law, seek your consent.
• With your consent: We may share data for purposes not listed here when you have given explicit prior consent.

We do not share vehicle damage images, estimate data, or individual customer records with insurers, OEM manufacturers, or data brokers except as strictly necessary to provide a feature you have explicitly enabled.

07. Security & Storage

We implement industry-standard technical and organizational security measures, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256) for all data and uploaded images;
• Role-based access controls limiting data access to personnel with a business need;
• Regular security assessments, penetration testing, and vulnerability management;
• Multi-factor authentication for platform access and administrative systems;
• Incident response procedures and breach notification protocols.

Data is stored on servers located in the United States. If you are accessing our services from outside the U.S., your data will be transferred to and processed in the U.S. We implement appropriate safeguards for international transfers (see Section 11, GDPR).

No method of transmission or storage is 100% secure. If you suspect a security incident affecting your account, contact samuel@etximpaxt.com immediately.

08. Data Retention

We retain data only as long as necessary for the purposes described in this policy:

• Active account data: Retained for the duration of your subscription.
• Vehicle damage images & AI assessments: Retained for your subscription term plus 90 days post-cancellation, then permanently deleted or anonymized.
• Collision estimate data: Same 90-day post-cancellation window; de-identified aggregate data may be retained indefinitely for benchmarking.
• Contact form data: Up to 24 months from submission, or until deletion is requested.
• Financial records: Retained for 7 years as required by U.S. tax and accounting law.
• Security logs: Retained for 12 months for incident investigation purposes.

You may request deletion of your data at any time (see Section 9). Legal hold obligations may require us to retain certain data beyond these standard periods.

09. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data. We respond to all verified requests within 45 days (extendable by 45 additional days with notice).

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Restriction: Request that we limit processing of your data in certain circumstances.
• Objection: Object to processing based on legitimate interests or for direct marketing purposes.
• Opt-out of sale / targeted advertising: We do not sell data. If this changes, you will have the right to opt out.
• Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, submit a request to samuel@etximpaxt.com with sufficient information to verify your identity. We will not discriminate against you for exercising your privacy rights.

10. Texas & U.S. State Privacy Rights

If you are a Texas resident, you are entitled to rights under the Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024:

• Right to know what personal data we process about you and why;
• Right to correct inaccurate personal data;
• Right to delete personal data you have provided to us;
• Right to data portability;
• Right to opt out of the processing of personal data for targeted advertising, sale, or profiling for decisions with significant effects.

We do not process sensitive data categories (as defined under TDPSA) without your explicit consent. We do not sell personal data or use it for targeted advertising as those terms are defined under Texas law.

California Residents (CCPA/CPRA): California residents have additional rights including the right to know categories of data collected and shared, the right to limit use of sensitive personal information, and the right to non-discrimination. We do not sell or share personal information as defined by the CCPA/CPRA. To submit a California privacy request, contact us at samuel@etximpaxt.com.

Residents of other states with enacted privacy laws (Virginia, Colorado, Connecticut, Oregon, Montana, etc.) may also exercise applicable rights. Contact us with the specific rights you wish to invoke and we will respond per applicable law.

11. GDPR - European Economic Area & United Kingdom

If you are located in the EEA or UK and access our services, the following applies in addition to the rights described above:

Legal Bases for Processing

• Contract performance: Processing necessary to deliver the services you have contracted for.
• Legitimate interests: Security, fraud prevention, product improvement, and business analytics - balanced against your rights.
• Legal obligation: Processing required to comply with applicable law.
• Consent: Marketing communications and non-essential analytics cookies - you may withdraw consent at any time.

International Data Transfers

EEA: Personal data from the European Economic Area is transferred to the United States. We rely on the EU-U.S. Data Privacy Framework (DPF) and/or Standard Contractual Clauses (SCCs) as transfer mechanisms. A copy of our SCCs is available upon request.

UK: Personal data from the United Kingdom is transferred to the United States under the UK-U.S. Data Bridge and/or the UK Addendum to the EU SCCs (also known as an International Data Transfer Agreement / IDTA). A copy of our UK Addendum is available upon request.

Right to Lodge a Complaint

EEA residents may lodge a complaint with their local supervisory authority (e.g., the relevant national data protection authority). UK residents may contact the Information Commissioner's Office (ICO) at ico.org.uk.

Data Protection Officer

We have designated a Data Protection contact. See Section 14 for contact details.

12. Children's Privacy

Our Services are designed for and directed exclusively at business users. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has submitted data to us, please contact samuel@etximpaxt.com and we will promptly delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy;
• Notify registered users via email or an in-platform notification at least 30 days before the changes take effect; and
• Where required by law, seek your renewed consent.

Your continued use of our services after the effective date of a revised policy constitutes acceptance of the updated terms. We maintain an archive of prior policy versions available upon written request.

14. Contact & Data Protection

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or want to report a data concern, please contact us: