Allen Wrench
Log inSign up

Privacy Policy

Last updated: February 13, 2026

1. Introduction

Allen Wrench is a product of Magnetic 28 LLC. Allen Wrench is a customer relationship management (CRM) platform built for auto repair shops. We help shops send Google review requests after service, follow up on declined work to recover revenue, and send service reminders to bring customers back. This Privacy Policy describes how we collect, use, store, and share information when you use our platform.

In this policy, "we," "our," and "us" refer to Magnetic 28 LLC (doing business as Allen Wrench). "You" refers to any shop owner, operator, or authorized user of the Allen Wrench platform. "End customers" refers to the customers of your auto repair shop whose information you manage through our platform.

2. Information We Collect

We collect the following categories of information:

Shop Owner Account Information

  • Name and email address (collected via Kinde authentication)
  • Shop name, phone number, and business details
  • QuickBooks Online connection tokens (for syncing customer and invoice data)

End Customer Data (Synced from QuickBooks)

  • Customer names
  • Phone numbers and email addresses
  • Vehicle information (year, make, model, VIN, mileage), parsed from QuickBooks customer notes
  • Service records and invoice data, including line items and amounts
  • Declined service records from QuickBooks estimates marked as rejected or closed

SMS Message Data

  • Message content, timestamps, and delivery status
  • Workflow type (review request, declined service follow-up, service reminder)
  • Message direction (inbound or outbound) and approval status

Payment and Billing Information

  • Subscription and billing details are processed by Stripe. We do not store full credit card numbers on our servers.

Automatically Collected Information

  • IP address and browser type
  • Device information and operating system
  • Usage data (pages visited, features used, timestamps)

3. How We Use Your Information

We use the information we collect to:

  • Sync customer records, invoices, and estimates from your QuickBooks account
  • Send SMS messages on your shop's behalf, including Google review requests, declined service follow-ups, and service reminders
  • Process your subscription payments
  • Provide customer management features (customer profiles, vehicle tracking, service history)
  • Generate message templates personalized with customer and vehicle information
  • Debug issues and provide technical support
  • Improve our platform and develop new features
  • Comply with legal obligations

4. Third-Party Services

We share data with the following third-party service providers to operate Allen Wrench. We do not sell your personal information.

ProviderPurposeData Shared
KindeAuthentication (login / signup)Name, email address
TwilioSMS messagingPhone numbers, message content
Intuit QuickBooksAccounting data syncOAuth tokens; customer, invoice, and estimate data is read from your QuickBooks account
StripePayment processingName, email, payment method details
VercelApplication hostingIP address, request logs
SupabaseDatabase hostingAll application data (stored encrypted at rest)

5. SMS and TCPA Compliance

Allen Wrench sends text messages to your end customers on your shop's behalf. As the shop owner using our platform, you are responsible for complying with the Telephone Consumer Protection Act (TCPA) and all applicable messaging regulations.

Types of Messages and Consent Requirements

  • Google review requests: These are marketing messages and require prior express written consent (PEWC) from the customer before sending.
  • Declined service follow-ups: These are marketing messages and require prior express written consent (PEWC) from the customer before sending.
  • Service reminders: These are informational messages and require prior express consent (PEC) from the customer.

Opt-Out

End customers can opt out of receiving text messages at any time by replying STOP to any message. We honor all opt-out requests immediately and maintain opt-out records. Once a customer opts out, no further messages will be sent to that number unless the customer re-consents.

Message Logging

We log all SMS messages, including content, timestamps, delivery status, and opt-out requests, for compliance and audit purposes.

6. Data Retention

We retain your data for as long as your account is active and as needed to provide our services. When you delete your account:

  • Your shop profile, customer records, vehicle data, service records, and message history are permanently deleted within 30 days.
  • QuickBooks connection tokens are revoked and deleted immediately.
  • Anonymized transaction records may be retained for up to 7 years for tax and legal compliance.
  • Security and audit logs may be retained for up to 1 year after account deletion.

For more details, see our Data Deletion Policy.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • All data is transmitted over HTTPS/TLS encrypted connections
  • Data is encrypted at rest in our database (hosted on Supabase)
  • Authentication is handled via OAuth 2.0 through Kinde. We never store passwords.
  • QuickBooks integration uses OAuth 2.0 with automatic token refresh. We never access your QuickBooks password.
  • Access to production systems is restricted to authorized personnel

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your account and associated data
  • Export your data in a portable format
  • Object to certain processing of your data

To exercise any of these rights, contact us at hello@magnetic28.com.

9. California Privacy Rights (CCPA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, contact us at hello@magnetic28.com. We will verify your identity before processing your request and respond within 45 days.

10. Children's Privacy

Allen Wrench is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us at hello@magnetic28.com and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email at the address associated with your account. Your continued use of Allen Wrench after such notification constitutes acceptance of the updated policy.

12. Governing Law

This Privacy Policy is governed by the laws of the State of Oklahoma, without regard to its conflict of law provisions.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Magnetic 28 LLC

Email: hello@magnetic28.com

← Back to Home