Privacy Policy
RallyTrax is an Android app for recording drives, generating pace notes, and replaying routes with a synthetic co-driver. This page describes what data the app collects, how it is used, and the choices you have. It applies to the RallyTrax app distributed via Google Play and via the GitHub Releases sideload channel.
Summary
- RallyTrax records GPS data on your device while you are recording a drive. By default that data stays on your device.
- If you sign in with Google, your name, email, and profile photo are used to enable cloud sync across your devices. Cloud sync is optional and can be turned off.
- RallyTrax uses Firebase Analytics and Crashlytics to understand which features are used and to diagnose crashes. These are anonymous and tied to an install ID, not to you personally.
- RallyTrax does not sell your data, does not show ads, and does not share your data with advertisers or data brokers.
1. Information we collect
1.1 Information you provide
- Account information. When you sign in with Google, RallyTrax receives your Google account name, email address, profile photo, and a stable Google user ID. This is provided by Google Sign-In; RallyTrax never sees your password.
- Vehicle and content you create. Vehicles you add to your garage, fuel logs, service records, modifications, parts, pace notes, named stints, trips, and friend connections you create in the app.
- Receipt images and PDFs. When you use the "Scan receipt" feature, the file you pick is processed on your device by Google ML Kit. The image itself is never uploaded. The parsed text is stored locally (and synced to your cloud account if cloud sync is on), and a subset of the parsed text — line-item descriptions, shop name, totals — is sent to Google's Gemini API to generate a short summary note. See section 3 for details on the AI step.
1.2 Information collected automatically
- Precise location (GPS). Only collected while you are actively recording a drive. RallyTrax uses a foreground service so recording continues when the app is in the background and your screen is off — for example, while the phone is in a cradle. Location data is stored locally as a track on your device.
- Sensor data. During recording, RallyTrax reads device motion (accelerometer, gyroscope, barometer where available) to improve pace-note accuracy. This data stays on your device.
- Diagnostics and app activity. Anonymous app usage and crash data via Firebase Analytics and Firebase Crashlytics. This includes which screens you view, which features you interact with, device model, OS version, and crash stack traces. It is keyed to an anonymous install ID, not to your account or email.
1.3 Information we do not collect
- Contacts, messages, photos outside of the explicit receipt-import flow, microphone, calendar, or browser history.
- Advertising identifiers — RallyTrax does not show ads.
- Payment or financial information — RallyTrax is free.
2. How we use your information
| Purpose | Data used |
|---|---|
| Record and replay your drives | GPS location, sensor data — on-device only |
| Generate pace notes and replay audio | GPS location, sensor data — on-device only |
| Sync your garage, drives, and logs across devices | Google account ID, vehicle and drive data — only when cloud sync is enabled |
| Extract values from receipts you pick | The selected image / PDF — processed on-device by ML Kit, never uploaded |
| Suggest a short natural-language summary or name (receipt notes, named drives, route descriptions) | Parsed text and a few headline numbers (no images, no precise location) — sent to Google's Gemini API via Firebase AI Logic. Falls back to a local heuristic when the AI call fails or you decline AI features. |
| Understand which features are used; diagnose crashes | Anonymous diagnostics and app-activity events |
| Display map tiles and route previews | Your current viewport — sent to Google Maps to fetch tiles |
| Show in-app update notifications | Your current app version — checked against the public GitHub Releases manifest |
3. Sharing and disclosure
RallyTrax does not sell your data and does not share it with advertisers or data brokers. Data is shared only with the third-party service providers below, and only as needed to deliver the corresponding feature:
- Google Firebase (Authentication, Firestore, Storage, Analytics, Crashlytics, App Check) — backs the optional cloud-sync, sign-in, anonymous diagnostics, and crash-reporting features. See Firebase Privacy Notice.
- Firebase AI Logic (Gemini) — generates short summaries and names for receipts, drives, and routes. Receives parsed text (e.g. line-item descriptions, shop name, totals) and a few headline numbers per request. Receives no images and no precise GPS coordinates. See Firebase AI Logic Policies.
- Google Maps — fetches map tiles for the in-app maps. See Google Privacy Policy.
- OpenStreetMap (OSMDroid) — fallback map provider when Google Maps is unavailable. See OpenStreetMap Privacy Policy.
- Google ML Kit — on-device text recognition for receipt scanning. Runs entirely on your device; receipts are not uploaded.
We may also disclose information if required by law, to enforce our terms, or to protect the rights, safety, or property of users or the public.
4. Data retention
- On-device data (drives, garage, logs) — kept until you delete the entry or uninstall the app.
- Cloud-synced data — kept in Firebase while your account exists. You can delete it any time from within the app or by deleting your account (see below).
- Anonymous diagnostics — Firebase Analytics retains event-level data for up to 14 months. Crashlytics retains crash records for up to 90 days.
5. Your choices and rights
- Decline location. RallyTrax requests precise location only to record drives. You can decline at install or revoke it later in Android Settings. Drive recording will be unavailable, but the rest of the app continues to work.
- Disable cloud sync. Sign out from Settings → Account. Your local data stays on your device.
- Export your drives. Each drive can be exported as a GPX file from the share menu on its detail screen. You can also enable Google Drive backup of your GPX files from Settings.
- Delete your data. Uninstalling the app removes all local data. To delete cloud-synced data tied to your account, email the address below and we will remove it within 30 days. An in-app "Delete account" action is on the roadmap.
- Opt out of analytics. Email the address below to opt out of anonymous diagnostics and crash reporting tied to your install. An in-app toggle is on the roadmap.
- GDPR / CCPA. If you are in the European Economic Area, the UK, or California, you have the rights of access, correction, deletion, restriction, and portability over your personal data. To exercise these rights, email the address below.
6. Children
RallyTrax is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children under that age. If you believe a child has provided us personal information, please contact us and we will delete it.
7. Security
Cloud-synced data is transmitted over HTTPS and stored in Firebase using Google's standard encryption at rest and in transit. Authentication tokens are stored in Android's encrypted keystore. No method of transmission or storage is perfectly secure; we make commercially reasonable efforts to protect your information.
8. International transfers
Firebase and Google Maps are operated by Google LLC and may process data on servers located outside your country of residence, including in the United States. By using the app you consent to this transfer.
9. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be announced in-app or in the GitHub Release notes.
10. Contact
Questions about this policy or your data? Open an issue at github.com/arnavsacheti/RallyTrax/issues or email arnavsacheti@outlook.com.