Effective Date: January 1, 2026 — Last Updated: January 1, 2026
Phlite Software LLC ("Carmic," "we," "us," or "our") provides vehicle repair management software through our mobile applications for iOS and Android (the "Mobile App"), our Windows desktop application (the "Desktop App"), and our web portal at carmicai.com (the "Web Portal," and collectively with the Mobile App and Desktop App, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use any part of the Service.
By creating an account or using the Service, you consent to the practices described herein. If you do not agree with this Privacy Policy, do not use the Service.
Important: How Carmic Handles OEM Procedures and Copyrighted Materials.
Carmic's AI features assist technicians in comprehending and executing OEM (Original Equipment Manufacturer) repair procedures and other industry reference materials within the context of a specific repair on a specific vehicle. Carmic does not aggregate, index, compile, redistribute, or create a searchable database of OEM procedures or other copyrighted materials. OEM procedures and third-party reference documents are accessed, referenced, and applied exclusively as work product within individual repair files belonging to your account. These materials are never grouped across accounts, shared between accounts, made publicly accessible, or used to build derivative databases. Each account's use of such materials is isolated to that account's specific repair files for specific repairs.
With your permission, the Mobile App may access your contacts (for customer lookup) and calendar (for scheduling). This data is used only for the feature you initiated and is not transmitted to our servers or shared with third parties.
| Purpose | Data Used |
|---|---|
| Provide and operate the Service across all platforms | Account info, repair file data, photographs, annotations |
| AI-powered analysis (tag suggestions, estimate extraction, document comprehension) | Cropped/resized image regions, document content, capture mode context |
| Transcribe voice notes and annotations | Audio recordings |
| Sync your data across your devices | Repair files, photographs, annotations, settings |
| Generate reports and exports | Repair file data, photographs, annotations, measurements |
| Deliver real-time notifications | Account identifier, device type, notification content |
| Send service communications (email, SMS) | Email address, phone number (when provided) |
| Process payments | Payment tokens, billing address |
| Improve the Service | Anonymized usage analytics, crash reports |
| Respond to support requests | Support communications, account info |
| Comply with legal obligations | As required by applicable law |
We do not:
• Sell your personal information or repair file data to third parties
• Use your photographs, voice recordings, or repair data for advertising purposes
• Train AI models on your content
• Share your repair file data with other Carmic accounts unless you explicitly initiate sharing
• Aggregate or redistribute OEM procedures or other copyrighted reference materials across accounts
• Create searchable databases or compilations of third-party copyrighted content
The Mobile App and Desktop App store photographs, voice recordings, and repair file data locally on your device. Core features function fully offline. Cloud sync is used to back up your data and enable access across devices.
When you use the Service, your synced data is stored on cloud infrastructure hosted in the United States (Amazon Web Services). Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
Each Carmic account's data is logically isolated. Repair files, photographs, documents, and all associated data belong to and are accessible only by the account that created them. We do not aggregate data across accounts or provide cross-account access unless you explicitly share a specific item with a specific recipient.
No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
The Service integrates with the following categories of third-party services to provide its functionality:
| Service Category | What Is Shared | Purpose |
|---|---|---|
| AI/LLM Vision and Language Models (e.g., Google Gemini via OpenRouter) | Cropped, resized image regions; document text; structured prompts | AI tag suggestions, estimate analysis, document comprehension, OEM procedure interpretation for specific repairs |
| Speech-to-Text Services (e.g., ElevenLabs, Deepgram) | Audio stream | Transcribe voice notes and annotations |
| Text-to-Speech Services (e.g., ElevenLabs) | Text content | Voice playback of AI responses |
| Offline Speech Recognition (Vosk, SherpaOnnx) | Audio processed locally on device | On-device transcription without network |
| Cloud Storage (AWS S3) | Photographs, audio files, synced repair data | Cloud storage and cross-device sync |
| Email Delivery (AWS SES) | Recipient email, message content | Transactional and notification emails |
| SMS (Twilio) | Phone number, message content | SMS notifications when configured by your account |
| Payment Processing | Payment method details | Subscription billing |
| Analytics (anonymized) | Anonymized usage events, crash data | App stability and improvement |
Each third-party service is bound by its own privacy policy and, where applicable, data processing agreements with us. We select providers that meet industry-standard privacy and security requirements. We do not permit third-party providers to use your data for purposes other than providing the requested service.
AI inference providers process your submitted data in real time and do not retain images, documents, or text content after returning results. We do not send full-resolution photographs to AI services — only cropped, resized, low-resolution excerpts necessary for the specific analysis task.
We do not sell your personal information. We may share your information only in the following limited circumstances:
Repair file data is never shared across accounts. Each account's repair files, customer information, photographs, and related data are isolated to that account. We do not provide any mechanism for cross-account data access, aggregation, or search.
You can access your data at any time through the Service. You may export repair files, photographs, and reports in standard formats (PDF, JPEG, CSV). We will provide a copy of your personal data upon written request within 30 days.
You may update your account information, repair file data, tags, labels, and annotations at any time through the Service or by contacting us.
You may delete individual photographs, repair files, or your entire account. When you delete your account, we will delete your personal data and repair file data from our active systems within 30 days. Some data may persist in encrypted backups for up to 90 days before being purged.
The Mobile App requests the following device permissions, all of which can be managed in your device settings:
| Permission | Purpose | Required? |
|---|---|---|
| Camera | Photo/video capture, AR markout viewfinder | Required for core features |
| Microphone | Voice notes, voice annotations, real-time transcription | Optional |
| Location | GPS tagging of photos, shop location association | Optional |
| Motion & Sensors | AR tracking (accelerometer, gyroscope) | Required for AR features |
| Contacts | Customer contact lookup | Optional |
| Calendar | Scheduling and event sync | Optional |
| Photo Library | Save/import photos | Optional |
| Bluetooth | Peripheral device connectivity | Optional |
| Notifications | Real-time repair file updates and alerts | Optional |
You may opt out of marketing emails at any time by clicking "unsubscribe" in any marketing email or updating your preferences in settings. Service-related communications (security alerts, billing receipts, critical product notifications) are not subject to opt-out.
If you are a California resident, you have the right to: (a) know what personal information we collect and how it is used, (b) request deletion of your personal information, (c) opt out of the sale or sharing of personal information (we do not sell personal information), (d) correct inaccurate personal information, and (e) not be discriminated against for exercising your rights. To exercise these rights, contact us at the address below.
If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights including access, rectification, erasure, restriction of processing, data portability, and objection. Our legal bases for processing are: performance of a contract (providing the Service), legitimate interests (improving the Service, security), and consent (where applicable). To exercise these rights, contact us at the address below.
The Service is designed for professional use and is not directed to children under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.
We may update this Privacy Policy from time to time. We will notify you of material changes by: (a) posting the updated policy on the Site with a revised "Last Updated" date, (b) sending an in-app notification, and/or (c) sending an email for significant changes. Your continued use of the Service after the effective date constitutes acceptance of the changes.
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:
Phlite Software LLC
Attn: Privacy
Phlite Software LLC
55 Hoffman Road
Monroe Twp., NJ 08831
Email: privacy@carmicai.com