Privacy Policy

Last updated: April 5, 2025

Who We Are

myTesla.io is a Tesla Fleet API key hosting service. Contact us at support@mytesla.io.

Data We Collect

Account Data

  • Email address — collected at checkout, used for authentication (OTP), welcome emails, and service notifications
  • Subscription status — plan type, start date, expiry date
  • Public key hash — SHA256 fingerprint of your hosted public key (not the key itself)

Private Key

Your private key is generated on our server, emailed to you, and immediately deleted. We do not store your private key. If you lose it, you must regenerate a new key pair.

Usage Data

  • IP addresses — used for rate limiting, not stored long-term (deleted within 24 hours)
  • Page views — collected via Microsoft Application Insights for service monitoring
  • Analytics — collected via Google Analytics (with your consent) for understanding how the site is used

Payment Data

Payments are processed by LemonSqueezy, a Stripe company, acting as Merchant of Record. We do not see or store your credit card information. LemonSqueezy handles all payment processing, invoicing, tax collection, and refunds through Stripe's secure infrastructure.

How We Use Your Data

  • Authenticate you via email OTP
  • Host your Tesla Fleet API public key
  • Send you service emails (welcome, key regeneration, expiry warnings)
  • Monitor service health and performance
  • Prevent abuse (rate limiting)

We do not sell your data. We do not use your data for advertising.

Data Processors

Service Purpose Data
Microsoft Azure Hosting, email, monitoring Email, key data, usage
LemonSqueezy (Stripe) Payment processing Email, payment info
Google Analytics Website analytics Page views, device info (with consent)

Data Retention

  • Active accounts — data retained while subscription is active
  • Cancelled accounts — limited grace period, then key URL deactivated and data deleted
  • Deleted accounts — all data deleted 90 days after cancellation
  • Rate limit data — deleted within 24 hours
  • OTP codes — expire after 10 minutes, overwritten on next request

Your Rights

Under GDPR (EU) and CCPA (California), you have the right to:

  • Access — request a copy of your data
  • Delete — request deletion of your account and all associated data
  • Export — receive your data in a portable format
  • Opt out — decline non-essential cookies and analytics
  • Correct — update your information

To exercise any of these rights, email support@mytesla.io. We will respond within 30 days.

Cookies

We use the following cookies and tracking technologies:

  • Essential — session storage for authentication (JWT token). Required for the dashboard to function.
  • Analytics (optional) — Google Analytics and Google Tag Manager. Only loaded with your consent. Used to understand how the site is used.
  • Performance — Microsoft Application Insights. Used for service monitoring and error tracking. Processed under legitimate interest.

Children

myTesla.io is not intended for use by anyone under the age of 16. We do not knowingly collect data from children.

Changes

We may update this policy from time to time. Significant changes will be communicated via email to active subscribers.

Contact

For privacy questions or data requests: support@mytesla.io