Drive Buddy

Privacy Policy

Last updated: 18 April 2026

This Privacy Policy describes how D.A. Venus Investments Inc, operating under the brand “Drive Buddy” (“we”, “us”, “our”), collects and processes personal data through our internal customer service platform (the “Platform”), which integrates with Meta Platforms, Inc. services (Facebook, Instagram, and Messenger).

The Platform is used exclusively by Drive Buddy staff to receive, view, and respond to communications that customers and prospective customers initiate with our official Facebook Pages and Instagram Business accounts. The Platform is not a public service; it is an internal tool used to replace manual use of the Facebook and Instagram native inboxes.

1. Who we are

Legal entity:D.A. Venus Investments Inc (“Drive Buddy”)
Registered address: Tzvia VeItzhak 5, Jerusalem, Israel
Contact: yedidyadan33@gmail.com
Data Protection contact: yedidyadan33@gmail.com

2. The Meta assets we operate

We operate the following Facebook Pages and Instagram Business accounts. All are wholly owned and administered by Drive Buddy staff:

  • Facebook Page: DRIVE BUDDY (page id 115540438319821)
  • Facebook Page: הבית של ניצן (page id 731759900027360)
  • Facebook Page: חדשות המרכז (page id 899133233276261)
  • Facebook Page: A2Z Car-Care (page id 779898798530874)
  • Instagram Business account: @drive.buddy

3. What data we receive from Meta

When a customer contacts one of our Pages or comments on our content, Meta provides us with:

  • Messages: the text, attachments (images, videos, audio, stickers, files), reactions, and timestamps of messages sent to or from our Pages on Messenger and Instagram Direct.
  • Comments: the text, author, timestamps, visibility state (hidden / unhidden), and parent post/media IDs for comments posted on our Facebook Page posts and Instagram media.
  • Sender profile information:the display name, profile picture URL, and Meta-assigned user ID (Page-scoped ID) of the person who contacted us. We do not receive the user’s email address, real address, or phone number unless the user voluntarily includes it in the message body.

We do not scrape or collect information about users who have never initiated contact with us. The sole trigger for data collection is a user-initiated inbound message or comment on our owned Pages.

4. How we use this data

  • Respond to customer service inquiries about orders, deliveries, returns, product questions, and complaints.
  • Moderate our Pagesby hiding or deleting spam, impersonation, or abusive comments in accordance with Meta’s Community Standards and our own guidelines.
  • Maintain an internal record of each conversation so that different staff members can see prior context when continuing a conversation.

We do not use this data for advertising, profiling for marketing, sale to third parties, training of machine-learning models, or any purpose other than direct customer service.

5. Legal basis (GDPR)

To the extent GDPR applies, the legal basis for our processing is legitimate interest (Art. 6(1)(f)): the operation of normal customer service in response to a communication the data subject themselves initiated. Where a conversation relates to an order or purchase, processing is also necessary for the performance of a contract (Art. 6(1)(b)).

6. Where we store the data

Messages, comments, and derived metadata are stored in a PostgreSQL database hosted by Supabase, Inc. in their US-East region. Access is restricted to Drive Buddy administrators via server-side service credentials. The database is not exposed to the public internet. Supabase acts solely as an infrastructure processor and cannot access, read, or use the contents of our data.

Our application servers run on a virtual machine hosted by Akamai Technologies, Inc. (Linode) and orchestrated with Coolify. All connections use TLS. Linode/Akamai acts solely as an infrastructure processor and cannot access, read, or use the contents of our data.

7. Data retention

We retain message and comment history for as long as it is useful to provide continuity of customer service, and in any case no longer than 36 months from the date of the last interaction. Records relating to a completed order are retained for the statutory retention period under Israeli tax and consumer-protection law (currently 7 years), after which they are deleted.

You may request early deletion at any time — see Section 9.

8. Who can access the data

  • Drive Buddy customer service staff authorised by D.A. Venus Investments Inc to operate the Platform.
  • Our infrastructure providers (Supabase, Linode) strictly as a technical matter of hosting the data. They definitively cannot access, read, or use the contents of our data; their role is limited to storage and compute.
  • Meta Platforms itself — because the data originatesfrom Meta and is continuously mirrored there; Meta’s own Privacy Policy governs that copy.

We do not share data with advertisers, data brokers, or unrelated third parties.

9. Your rights

Subject to applicable law, you have the right to request: access to the personal data we hold about you; correction of inaccurate data; deletion (“right to be forgotten”); restriction of processing; or a machine-readable export.

To exercise any of these rights, email yedidyadan33@gmail.com from the email address or Meta account you wish the request to cover, or visit our Data Deletion page. We respond within 30 days.

10. Cookies and tracking

The Platform is an internal staff tool and is not accessible to the public. It uses only strictly-necessary session cookies for staff authentication. It does not contain advertising, analytics trackers, or third-party cookies.

These public legal pages at /legal/* likewise do not use analytics or advertising cookies.

11. International transfers

Because our primary hosting region is the United States, personal data may be transferred outside Israel and the European Economic Area. We rely on Supabase’s and Akamai’s Standard Contractual Clauses with their upstream providers to safeguard such transfers.

12. Children

The Platform is an internal business tool. We do not knowingly target or collect data from minors. If a conversation originating from a minor is discovered, we will delete the record upon request or upon discovery.

13. Changes to this Policy

We may update this Policy from time to time. Material changes will be indicated by updating the “Last updated” date at the top of this page. Where a change materially expands the purposes for which we process data, we will seek a new legal basis before applying the change.

14. Complaints

If you believe your data rights have been violated, please contact us first at yedidyadan33@gmail.com. You may also lodge a complaint with the Israeli Privacy Protection Authority or your local data-protection regulator.