BenchKey

BenchKey — Privacy Policy

Effective date: July 4, 2026
Version: 2026-07-04

This Privacy Policy explains how MDrepairs, LLC, a New Jersey limited liability company doing business as BenchKey ("BenchKey," "we," "us"), collects, uses, and shares personal information in connection with the BenchKey repair‑shop management platform at app.benchkey.com and related services (the "Service"). It also describes your privacy rights and how to exercise them.

1. The two roles BenchKey plays (please read first)

BenchKey handles two different kinds of personal information, and our role — and this Policy — differ for each:

The rest of this Policy is primarily about the account information we control, except where it says otherwise.

2. Information we collect

2.1 Information you provide.

2.2 Information we collect automatically.

2.3 Customer Data. The information about your End Customers that you submit to the Service is Customer Data, which we process as your service provider (Section 1). We do not use Customer Data for our own purposes except to provide, secure, and support the Service, as described in the DPA. We do not use Customer Data to train AI models (see the Terms of Service, "AI features").

3. How we use information

We use the account information we control to:

Legal bases (where GDPR/UK GDPR applies). We rely on: performance of a contract (to provide the Service you request); our legitimate interests (to secure, improve, and market the Service, balanced against your rights); your consent (where required, e.g., certain cookies or marketing); and compliance with legal obligations.

4. How we share information

We do not sell your personal information. We share information only as follows:

5. Do we "sell" or "share" personal information? (U.S. state laws)

We do not sell your personal information, and we do not "share" it for cross‑context behavioral advertising, as those terms are defined under the California Consumer Privacy Act (CCPA/CPRA) and similar U.S. state privacy laws. We have not sold or shared personal information in the preceding 12 months. Where required by law, we honor opt‑out preference signals such as the Global Privacy Control (GPC).

6. Cookies and analytics

We use strictly necessary cookies for authentication and security, and, where permitted, functional and analytics cookies to understand and improve usage. We do not use third‑party advertising cookies. You can control cookies through your browser settings; disabling some cookies may affect functionality (in particular, you cannot stay signed in without the authentication cookies).

7. Data retention

We retain account information for as long as your Account is active and as needed to provide the Service, then for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Customer Data is retained and deleted as described in the Terms and the DPA (including the 30‑day post‑termination export window). Residual copies may persist in routine backups for a limited period before being overwritten.

8. How we protect information

We maintain administrative, technical, and organizational measures designed to protect personal information appropriate to the risk, including encryption in transit, access controls, tenant isolation, and logging. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. A summary of our security measures is in the DPA, Annex C.

9. International data transfers

We are based in the United States and process information in the United States, including through the U.S.-based subprocessors listed on our Subprocessors page. If you access the Service from outside the United States, you understand your information may be transferred to and processed in the United States. Where we transfer personal data subject to GDPR/UK GDPR out of the EEA/UK, we use an appropriate transfer mechanism, such as the European Commission's Standard Contractual Clauses (see the DPA).

10. Your privacy rights

Depending on where you live, you may have some or all of the following rights regarding personal information we control about you:

To exercise these rights for information we control, contact us at support@benchkey.com. We will verify your request (for example, by confirming control of your Account email) and respond within the time required by law. If we decline a request, you may appeal by replying to our decision at the same address. If you are in the EEA/UK, you may also lodge a complaint with your supervisory authority.

For information we process on behalf of a shop (Customer Data): please direct your request to the shop (the controller). If we receive such a request directly, we will refer you to the relevant shop or, where required, assist them in responding.

11. Children's privacy

The Service is a business tool for users 18 and older and is not directed to children. We do not knowingly collect personal information from anyone under 18 as an account holder. If you believe a child has provided us personal information, contact us at support@benchkey.com and we will delete it.

12. Third‑party links and services

The Service may link to or integrate with third‑party websites and services that we do not control. Their privacy practices are governed by their own policies. We are not responsible for them.

13. Changes to this Policy

We may update this Policy. If we make material changes, we will notify you (for example, by email or in‑app) and update the "Effective date" and "Version" above; where appropriate we will ask you to re‑accept. Your continued use of the Service after the effective date means you accept the updated Policy.

14. Contact us

MDrepairs, LLC (d/b/a BenchKey)
Privacy inquiries: support@benchkey.com
Mailing address: 644 Newman Springs Road, Suite A, Lincroft, NJ 07738