Controller and contact
Controller: Stich IT, Peter Stich, Jägerweg 6, 35708 Haiger, Germany. App support and privacy requests: android@arxsilex.de. General website requests: info@stich-it.de.
Privacy
Privacy
ArxSilex MapTools is designed for local use: projects, tracks, markers, offline maps, POI and elevation data generally remain on the device until you export, share or use an online feature.
Update
Privacy update from May 27, 2026
This section adds the current privacy details for ArxSilex MapTools, Android package de.arxsilex.maptools. It is part of this privacy policy.
Local first
Projects, tracks, markers, offline maps, POI, elevation data, backups and received radio data generally remain on the device. Android Auto Backup is disabled for the app. Data leaves the device only when you deliberately use online maps, export, sharing, QR/BLE group functions, Remote ID export or another external service.
Remote ID and BLE
Remote ID and airspace data may contain personal data. Received drones are displayed live. A permanent history is not enabled by default. Lost live entries are removed after a short time, currently typically after about 90 seconds. Optional Remote ID history is local, limited to 5,000 entries and kept only for the session or up to 24 hours depending on the setting. It can be deleted in the app. BLE group functions send only the data needed for the active group, such as location, accuracy, group identifier and session token, to nearby devices in the same group.
Data categories and recipients
The app may process location data, sensor and motion data, map and project data, imported files, camera/barcode data, Bluetooth/Nearby/Wi-Fi data, Remote ID and airspace data, online map/network data, backups, exports, support emails and website logs. ArxSilex MapTools does not operate its own app servers for project, location, Remote ID or tracking data. Data may reach Google, OpenStreetMap, selected map providers, target apps, nearby group devices, hosting or email providers only when the selected function requires it or you deliberately share it.
Security and retention
Ongoing location, group, Remote ID and data tasks run as Android foreground services with notification. The app uses a network security configuration with cleartext traffic disabled. Manual backups can be password-protected with AES-256-GCM and PBKDF2WithHmacSHA256. Received BLE MAC addresses from Remote ID are not documented in plain text but processed as shortened SHA-256 hashes. There is no advertising SDK disclosure, no own profiling and no sale of personal or sensitive data.
Legal context and rights
Depending on the feature, processing is based in particular on Art. 6(1)(a), (b), (f) or, where required, (c) GDPR. Under EU Regulation 2019/945, Direct Remote ID may include position, height, course, speed, timestamp, operator or serial identifiers and in some cases pilot or take-off position. Location data and identifiers can be personal data. You may request access, correction, deletion, restriction, portability, objection or withdrawal of consent by contacting android@arxsilex.de.
Deletion and third-party rights
You can request deletion of data held by us. Because ArxSilex MapTools generally stores app data locally on your device and does not operate its own app servers for project, location, Remote ID or tracking data, we cannot delete those local records server-side. Data processed by Google, OpenStreetMap, map providers, target apps, cloud storage, messengers or email providers is controlled by those providers; access, deletion or objection requests must be addressed to them under their privacy processes.
Summary
Local Use First
The current app does not run its own user account system, tracking service, advertising or analytics platform.
Local App Data
Project files, GPS tracks, routes, markers, circles, areas, search grids, offline maps, POI, raster overlays, terrain and app backups are stored locally.
User Action
Export, sharing, QR codes, file imports, backup/restore and BLE group features are deliberate user actions and may pass data to other apps, devices or people.
Online Services
When using online maps or Google maps, IP address, device and map viewport data may be transmitted to the respective provider.
Data Types
Which Data Is Processed
The exact scope depends on used features and granted permissions.
| Category | Examples | Purpose | Storage |
|---|---|---|---|
| Location and sensor data | GPS, accuracy, movement, compass, optionally barometer | Navigation, bearings, tracking, elevation and AR features | Device; inside the project when tracking |
| Map and project data | Markers, routes, tracks, areas, search grids, profiles | Saving and reusing your map work | Device; export only by user action |
| Imported files | .asmaps, GPX, KML/KMZ, GeoJSON/JSON, CSV/TSV/TXT, Mapsforge, MBTiles, GeoPackage, GeoTIFF, HGT, ASC, DTED, LOC | Offline maps, POI, terrain, overlays and geodata | Device |
| Backups | .asmaps.bak files with selected app content, optionally password-protected | Backup and restore by deliberate user action | Device or user-selected storage location |
| Radio data | BLE groups and received Remote ID broadcasts | Nearby live display and documentation of received signals | Device or participating devices |
Remote ID
Remote ID and airspace data
Received Remote ID or airspace data may contain personal data. The app processes this data locally and does not automatically transmit it to cloud or app servers.
Local use
- live display of received drones
- short local history for map display and diagnostics when removable
- export only by deliberate user action
Limits
- no automatic cloud or server transfer
- no permanent history enabled by default
- operator, pilot or take-off positions should be handled with particular care
Legal context
Under EU Regulation 2019/945, Direct Remote ID can include position, height, course, speed, timestamp, operator/serial identifiers and, in some cases, pilot or take-off position. Under GDPR Article 4, location data and identifiers can be personal data when a person is directly or indirectly identifiable.
Sources: EU 2019/945, GDPR Art. 4, EASA privacy code, Dronetag Drone Scanner privacy policy.