Last Updated: February 2026
Your dashboard photos and VIN go directly to Groq AI. We never see your vehicle data. DashOrNOT uses a Bring Your Own Key (BYOK) architecture. Your phone talks directly to the AI provider (Groq). There is no DashOrNOT server — just static code hosted on Cloudflare's CDN. We have no database, no user accounts, and no way to see what you scan.
Understanding our architecture is the best way to understand our privacy. Here's exactly what happens when you use DashOrNOT:
api.groq.com using your personal API key to identify the warning lightsThere is no DashOrNOT server. The website is a static page hosted on Cloudflare's CDN — it delivers the code that runs in your browser, and that's it. No backend, no API, no database.
| Data Type | Collected? | Details |
|---|---|---|
| Dashboard photos | No | Sent directly from your browser to Groq. We never receive them. |
| VIN numbers | No | Sent directly from your browser to Groq. We never see them. |
| Diagnosis results | No | Returned from Groq directly to your browser. We never see them. |
| API keys | No | Stored in your browser's local storage only. Sent only to Groq. |
| Vehicle information | No | All vehicle data stays between your browser and Groq. |
| User accounts | No | There are no accounts. No login, no registration, no email. |
| Usage analytics | No | No tracking pixels, no analytics scripts, no cookies. |
Your Groq API key is stored exclusively in your browser's local storage — the same mechanism websites use to remember your preferences. It is:
api.groq.comWhen you scan your dashboard or run a diagnosis, your browser sends data directly to Groq's API. This is governed by your own relationship with Groq — you signed up for your own API key and agreed to their terms. Groq's privacy policy applies to how they handle your API requests.
DashOrNOT has no partnership, data-sharing agreement, or business relationship with Groq. You use their API independently.
DashOrNOT is hosted on Cloudflare Pages. When you load the site, Cloudflare's CDN serves the static files. Like any CDN, Cloudflare may log basic access data (IP address, page requested, timestamp) as part of normal operations. This is standard web infrastructure — Cloudflare does not receive any dashboard photos, VINs, API keys, or diagnosis results. Those go directly from your browser to Groq.
We use Google Fonts for typography. Google may collect basic connection data (IP address) when fonts are loaded. No personal information is shared.
We encourage you to verify our privacy claims independently. Here's how:
api.groq.com and fonts.googleapis.comIf you see any request going to a DashOrNOT server with scan data, please report it — because that would be a bug, not a feature.
In the event of a data breach, your scan data would not be affected because we don't have it. There is no database to breach, no dashboard photos to leak, and no user records to expose. The only thing hosted is the static website code itself — on Cloudflare's CDN, not a private server.
DashOrNOT does not knowingly collect any data from anyone, including children. Since no personal data is collected or stored anywhere, COPPA compliance is inherent to our architecture.
If we change our architecture in a way that affects data flow (for example, if we ever add a backend server or route data through any server we control), we will update this policy prominently and clearly explain what changed and why.
Questions about privacy? Reach out:
We can't sell what we don't have. We can't leak what we don't store. We can't share what we never see. That's not a promise — it's our architecture.