VoltMate was built with the principle that your vehicle data belongs to you โ not us. Every architecture decision was made to minimise what we hold and maximise what you control.
How we protect your data
VoltMate uses Supabase with Row Level Security (RLS) policies enforced at the database level. This means even if there were a breach, your records are logically isolated โ no other user can ever access your trips, charging sessions, or Sentry events.
Your Tesla OAuth access tokens are stored in Cloudflare's encrypted KV store with a short expiry window. They are never written to logs, never stored in our main database, and are automatically purged when they expire.
If you connect your own Anthropic or OpenAI API key, it is stored only in the iOS Secure Enclave (expo-secure-store) on your device. Your AI messages go directly from your iPhone to the AI provider โ VoltMate's servers are never in the loop.
Your rights
More tab โ Delete my account permanently removes all your data โ trips, charging, Sentry events, everything โ within 30 days.
Under the Australian Privacy Act 1988, you can request access to, or correction of, any personal data we hold. Email support@voltmate.app and we respond within 30 days.
We do not sell, rent, or share your personal data with advertisers, data brokers, or third parties. Our only data sharing is with infrastructure providers needed to operate the service.
You can revoke VoltMate's access to your Tesla at any time from tesla.com/account under Third-Party Apps โ no need to contact us.
Read our full Privacy Policy to see exactly what we collect and how we protect it.