ScanGo Privacy Policy

Last Updated: January 13, 2025

1. Introduction

ScanGo ("we", "our", "us") is a delivery driver tracking application that respects your privacy. This Privacy Policy explains how we collect, use, protect, and handle your personal information when you use the ScanGo mobile application.

By using ScanGo, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Email address and password (encrypted) for authentication via Firebase Auth
Delivery Data: Information you manually enter including:
- Shift start and end times
- Delivery earnings and amounts
- Customer delivery addresses (user-entered, NOT collected via GPS)
- Receipt images captured via camera
- Expense records and categories
App Settings: Your preferences including theme mode, language selection, daily wage, and notification settings

2.2 Information Collected Automatically

Device Information: Android version, device model, app version (for crash reporting and compatibility)
Usage Data: Features used, crashes, and errors (via Firebase Analytics and Crashlytics)

2.3 Information We Do NOT Collect

Real-time GPS location tracking
Contacts from your device
SMS or call logs
Other apps installed on your device

3. How We Use Your Information

Your data is used exclusively for providing and improving ScanGo's functionality:

Core App Functionality: Tracking shifts, calculating earnings, storing delivery records
Cloud Sync: Syncing your data across devices (Cloud+ subscribers only) via Firebase Firestore
Tax Reports: Generating HMRC-compliant tax reports from your delivery data
Authentication: Managing your account and secure access via Firebase Authentication
App Improvement: Analyzing crashes and usage patterns to fix bugs and improve features
Customer Support: Responding to your inquiries and troubleshooting issues

We do NOT:

Sell your personal data to third parties
Use your data for advertising purposes
Share your delivery information with other users or delivery platforms

4. Data Storage & Security

4.1 Where Your Data is Stored

Local Storage (Free & Pro tiers): All data stored on your device using Room database (SQLite)
Cloud Storage (Cloud+ tier only): Data synced to Firebase Cloud Firestore (Google Cloud, servers in EU/US)
Authentication: Account credentials managed by Firebase Authentication (Google-owned, GDPR compliant)

4.2 How We Protect Your Data

Encryption in Transit: All data transmitted to/from Firebase uses HTTPS (TLS 1.2+)
Encryption at Rest: Firebase Firestore encrypts data at rest by default
Secure Authentication: Passwords hashed and managed by Firebase Auth (never stored in plaintext)
Access Control: Cloud data accessible only to authenticated account owner via security rules

4.3 Data Retention

Active Accounts: Your data is retained for as long as your account is active
Account Deletion: When you delete your account, all data is permanently deleted within 30 days
Backups: Backup copies purged within 30 days of account deletion

5. Data Sharing & Third Parties

We do NOT sell or rent your personal data. Your data is only shared with the following service providers necessary for app functionality:

5.1 Firebase (Google LLC)

Services Used: Authentication, Cloud Firestore (database), Analytics, Crashlytics
Purpose: User authentication, cloud sync, crash reporting, usage analytics
Data Shared: Email, user ID, app usage data, crash logs
Privacy Policy: https://firebase.google.com/support/privacy
GDPR Compliant: Yes

5.2 Google Play Billing

Purpose: Processing in-app purchases and subscriptions
Data Shared: Purchase transaction data (anonymized, managed by Google)
Privacy Policy: https://policies.google.com/privacy

5.3 Legal Disclosures

We may disclose your information if required by law, court order, or to:

Comply with legal obligations
Protect our rights, property, or safety
Prevent fraud or illegal activities

6. Your Rights (GDPR & Data Protection)

Under GDPR and UK data protection laws, you have the following rights:

6.1 Right to Access

Request a copy of all personal data we hold about you
How to exercise: Email us at the contact address below

6.2 Right to Rectification

Correct inaccurate or incomplete data
How to exercise: Edit your data directly in the app (Settings → Edit profile, or edit individual delivery records)

6.3 Right to Erasure ("Right to be Forgotten")

Delete your account and all associated data
How to exercise: Settings → Account → Delete Account (or email us)
Timeline: Immediate deletion from active systems, backup purge within 30 days

6.4 Right to Data Portability

Export your data in a machine-readable format
How to exercise: Ledger → Export CSV (exports all delivery records)

6.5 Right to Restrict Processing

Request limitation on how we process your data
How to exercise: Email us with your request

6.6 Right to Object

Object to processing of your personal data
How to exercise: Email us or delete your account

7. Children's Privacy

ScanGo is NOT intended for users under the age of 18. The app is designed for delivery drivers who must be 18+ to work. We do not knowingly collect personal information from children under 18.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including:

United States: Firebase servers operated by Google (Privacy Shield framework participant)
European Union: Firebase servers in EU regions

We ensure appropriate safeguards are in place through Firebase's compliance with GDPR, Privacy Shield, and standard contractual clauses.

9. Cookies & Tracking Technologies

ScanGo does NOT use cookies. We use Firebase Analytics for app usage tracking, which may collect:

Device identifiers (anonymized)
App screens visited
Features used
Crash events

You can opt out of analytics tracking in: Settings → Privacy → Disable Analytics (if implemented in future version).

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

Material Changes: If we make significant changes affecting your rights, we will notify you via:

In-app notification
Email (if you have an account)

Continued use of ScanGo after changes constitutes acceptance of the updated policy.

11. Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

Notify affected users within 72 hours of discovery
Report to relevant data protection authorities as required by law
Provide information on steps taken to mitigate harm

12. Your California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected
Right to know if personal information is sold or disclosed
Right to opt-out of sale of personal information (we do NOT sell data)
Right to non-discrimination for exercising CCPA rights

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: privacy@scango.app

Developer: Blue42 Studios

Response Time: We aim to respond to all inquiries within 14 days

14. Supervisory Authority

If you are in the UK or EU, you have the right to lodge a complaint with your local data protection authority:

UK: Information Commissioner's Office (ICO) - https://ico.org.uk
EU: Your national data protection authority