No app-operated account
ArxSilex MapTools does not currently provide user accounts or an app-operated cloud sync service.
Bezpieczeństwo danych
Bezpieczeństwo danych
Ta strona podsumowuje obsługę danych w ArxSilex MapTools dla sekcji Bezpieczeństwo danych Google Play.
Ostatnia aktualizacja: 27 maja 2026
Overview
Local-first, with user-controlled transfers
Most project, map and Remote ID data is processed on the device. Data leaves the device only through selected online services, radio features, exports, sharing or support contact.
No advertising or analytics
No AdMob, advertising SDK, Firebase Analytics, Crashlytics or app-owned analytics platform is used in the checked release.
User action matters
Import, export, sharing, backups, Remote ID history and BLE group mode are started or configured by the user.
SDK responsibility
Google Maps, Play services, ML Kit, ARCore and other SDKs must be reflected in the Play Console Data safety form where they transmit data.
Data categories
Google Play Data Safety matrix
The table below is a practical release checklist. Local-only processing is separated from off-device collection or sharing, because the Play Console form focuses on data that is collected or shared.
| Google Play category | Collection / sharing path | Purpose | Control and retention |
|---|---|---|---|
| Location: approximate and precise | Processed locally for map position, navigation, tracking, AR/LiveView, viewrange, Remote ID and BLE group mode. Can be sent to Google Maps, OpenStreetMap tile providers or other selected map providers when online maps are used. In BLE group mode, short live position updates are broadcast to active group participants. | App functionality: maps, navigation, situational awareness, group coordination and drone Remote ID display. Not used for advertising or analytics. | Runtime permission controlled by Android. Tracking and group/Remote ID foreground services are visible and user-started. Local tracks and projects remain until deleted by the user. |
| Personal info | No account, name or email is required in the app. Personal data can appear if users enter it in project names, POI notes, imported files or support emails. | User-generated content, support communication and project organization. | Local project data can be edited or deleted. Support emails are handled outside the app through the selected mail provider and the support/privacy contact process. |
| Files and documents | Imported maps, projects, POI databases, tracks, terrain files, overlays, backups and reports are selected by the user. Exports and Android shares transfer files to the user-selected destination or app. Supported export formats include GPX, KML, KMZ, GeoJSON, CSV, PDF, JSON, ZIP, .asmaps and Remote ID KML/GeoJSON/CSV. | Import/export, backup/restore, reporting and interoperability with GIS/map tools. | Files remain locally or at the selected storage/share target until the user deletes them. No broad all-files permission is declared. |
| Photos, videos and camera frames | Camera frames are used locally for QR/barcode scanning, AR/LiveView and live bearing. Generated images such as QR codes or viewrange images can be shared only by user action. | QR import/export, AR orientation and visual map tools. | Camera permission can be denied or revoked. Frames are not used for advertising or analytics. |
| Device or other IDs | No Advertising ID, IMEI or phone identifier is requested. Remote ID broadcasts may contain drone serial/operator identifiers. BLE/Wi-Fi MAC/BSSID values used for reception diagnostics are shortened with SHA-256 hashing. Google Maps/Play services may process app/device identifiers according to their SDK practices. | Nearby reception, duplicate detection, diagnostics, map services and Remote ID display. | Remote ID history is off by default. Operator details are hidden/anonymized by default and included in exports only if the user enables that option. |
| App activity and diagnostics | No app-owned analytics or crash-reporting upload is used. Local settings, cache status, map state, Remote ID counters and diagnostics may be processed on device; they leave the device only if the user exports or sends them. | Operate features, troubleshoot imports/maps/Remote ID and support user-requested diagnostics. | Settings and cache can be reset or cleared in the app/Android settings. Support messages are user-initiated. |
| Nearby devices / BLE / Wi-Fi | BLE group mode exchanges short encrypted packets with active group members. Remote ID reception reads public BLE, Wi-Fi Aware/NAN and Wi-Fi Beacon broadcasts without connecting to or controlling drones. | Group coordination and drone Remote ID situational awareness. | Group mode and Remote ID are optional. Remote ID live states expire automatically; optional history is session-only or 24 hours and can be exported manually as KML, GeoJSON or CSV. |
| Online map and network request data | When online maps or external links are used, providers can receive technical request data such as IP address, requested map area/tile, user agent, connection metadata and SDK telemetry required for the service. | Display online maps, provider attribution, external map links and service operation. | Online maps can be avoided by using imported/offline maps where available. Provider-side retention follows the selected provider's terms. |
Sharing
What leaves the device
There is no sale of user data and no sharing with advertising SDKs. Relevant off-device paths are feature-based.
Map and SDK providers
Google Maps / Google Play services and OpenStreetMap tile providers may receive technical request and map context data when their services are used.
Android Sharesheet
Exports, reports, QR images, viewrange images and Remote ID files are shared only to destinations selected by the user.
BLE group mode
Group packets are exchanged over local radio with active group participants and are protected with AES-GCM using the group key.
Support contact
If users contact support, the message and any attachments are handled by the selected email provider and ArxSilex support/privacy contact.
Security
Security, retention and deletion
The app relies on Android's permission model, sandboxing and local-first storage. Additional protection is used for backups, group mode and Remote ID diagnostics.
| Area | Implementation |
|---|---|
| Encryption in transit | The production Network Security Configuration disables cleartext traffic. Online services are accessed over HTTPS where provided by the provider. |
| Local storage | Android app sandbox; `android:allowBackup=false`; no automatic app-operated cloud backup. |
| Backups | Manual backups can be password-protected with AES-256-GCM and PBKDF2WithHmacSHA256. Backups remain where the user stores them. |
| BLE group data | Group keys are stored via Android Keystore AES-GCM; group packets use AES-GCM and replay protection. |
| Remote ID | Remote ID data is processed locally. BLE/Wi-Fi identifiers are shortened with SHA-256 hashes. Live entries expire; optional history is session-only or 24 hours and can be cleared. |
| Deletion | Local data can be deleted inside the app, by clearing Android app data/cache or by uninstalling. Exported files, backups and shared copies must be deleted at their destination. |
Play Console
Suggested review points before submission
Before submitting a release, compare the Play Console Data safety form with the actual APK/AAB, dependencies and enabled features.
| Check | Release note |
|---|---|
| Collected data | Declare data that leaves the device through SDKs, online maps, support, exports/shares or group features. Local-only data should be described in the privacy policy even if it is not Play-Console collection. |
| Shared data | Declare user-initiated Android sharing, map/SDK provider transfers and BLE group sharing where applicable. Mark advertising/analytics sharing as not used. |
| Optional vs required | Most transmissions are optional by feature. Online map requests are required only when the selected online map/provider is used. |
| Deletion | No app account exists. Local deletion paths and the public data deletion page should stay consistent with the Data safety form. |