Privacy Policy
Last updated: April 1, 2026
Section 1 — Introduction
MechLog (the "App") is committed to protecting your privacy. This Privacy Policy explains how information is handled when you use this vehicle maintenance journal app.
By using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.
The App is a standalone mobile application for personal use. All vehicle data is processed and stored locally on your device.
Section 2 — Information We Do Not Collect
The App is designed with privacy in mind. By default, we do not collect, transmit, or store:
- Your name, phone number, or home address
- Vehicle identification numbers (VIN) or license plate information
- Location data or GPS coordinates
- Device identifiers for tracking purposes
- Browsing history or behavioral data
- Contacts or photos
- Biometric data
✓ Your vehicle records are private and stored only on your device. They are never sent to our servers.
Section 3 — Local Data Storage
The following data is stored locally on your device in a SQLite database and SharedPreferences:
- Vehicle information (nickname, type, year, odometer)
- Maintenance records (date, odometer, category, cost, shop name, notes)
- Fuel records (date, odometer, volume, cost, fuel economy)
- Running cost records (date, category, cost, recurrence settings)
- Reminders (title, target odometer, target date)
- App settings (theme, units, currency, language)
The following data is managed externally (not stored solely on your device):
- Authentication state — a Firebase UID is managed by Firebase Authentication (Google LLC) and cached locally. If you sign in with Google or Apple, limited profile information (email, name) may be received from those providers.
- Pro subscription status — subscription entitlements are verified and cached by RevenueCat, Inc. See Section 5 for details.
Your vehicle records are never transmitted outside your device unless you explicitly export or back them up.
Section 4 — Cloud Backup (Pro Feature)
Pro users may enable automatic cloud backup. When enabled:
- Data is encrypted using AES-256 encryption before leaving your device
- Encrypted backups are saved to your own cloud storage account
-
Android: Google Drive (your personal Google account's app-specific folder — not visible to other apps or users)
-
iOS: iCloud (your personal iCloud container — only accessible by MechLog)
- We cannot access your encrypted backup data
- Backup history is managed locally on your device (up to 5 recent backups)
⚠ Important: Cloud backup is processed through your personal Google Drive or iCloud account. The respective provider's privacy policy applies to storage of the encrypted backup file. We do not use Firebase Storage or Firestore for backup.
Section 5 — Third-Party Services
The App integrates with the following third-party services, which may collect information independently:
A. App Stores (Apple App Store / Google Play Store)
- Download and installation data
- App version and update information
- Crash reports (if enabled in device settings)
- Payment processing for Pro subscriptions
- Subject to Apple's and Google's respective privacy policies
B. RevenueCat (Subscription Management)
The App uses RevenueCat, Inc. to manage and validate Pro subscriptions.
Information RevenueCat receives:
- An anonymous or signed-in app user ID (your Firebase UID)
- Purchase receipts from Apple App Store or Google Play for validation
- Subscription status and entitlement data
- Platform and app version information
Information RevenueCat does not receive:
- Credit card numbers, billing address, or payment credentials
- Your vehicle records or any maintenance data
RevenueCat's privacy policy: https://www.revenuecat.com/privacy
C. Firebase Authentication (Google LLC)
The App uses Firebase Authentication for user sign-in.
- Sign-in methods: Email/Password, Google Sign-In, Apple Sign In
- An anonymous UID may be used if no sign-in is performed
- If you sign in with Google, your Google account email and name may be received
- If you sign in with Apple, your Apple ID email (if shared) may be received
Firebase Authentication's privacy policy: https://firebase.google.com/support/privacy
D. Google Drive (Pro Backup — Android)
Pro users on Android may connect Google Drive for automatic backup. The App stores encrypted backup files in your Google Drive's app-specific folder (appDataFolder), which is not visible to you or other apps. Google's privacy policy applies to data stored in Google Drive.
E. Device Operating System
- iOS and Android may collect diagnostic data
- Crash reports may be sent to Apple/Google depending on your device settings
- We do not control OS-level data collection
Section 6 — Data Sharing and Disclosure
We do not sell, rent, or trade your data to third parties.
We do not share data with third parties except:
- When required by law (court order, warrant, regulatory requirement)
- To protect our legal rights or prevent illegal activity
- With your explicit consent
Since we do not collect personal vehicle data on our servers, there is generally no data to share in most situations.
Section 7 — Analytics and Crash Reporting
The App does not include:
- Analytics SDKs (Google Analytics, Firebase Analytics, Crashlytics, etc.)
- User tracking or behavioral monitoring
- Advertising SDKs or ad networks
- Social media integrations
Note on Firebase: The App uses Firebase Authentication only — not Firebase Analytics, Firebase Crashlytics, or any other Firebase product.
Section 8 — Children's Privacy
The App is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided information, please contact us and we will take prompt action.
Section 9 — Data Retention and Deletion
Your vehicle data remains stored locally on your device until you:
- Manually delete records within the App
- Uninstall the App
- Perform a factory reset on your device
⚠ Important: Uninstalling the App permanently deletes all local data. Create a backup before uninstalling if you wish to retain your records.
Account data (if you created an account): Your Firebase Authentication account can be deleted by contacting us via the link in Section 12. Upon request, we will delete your Firebase account and associated RevenueCat data.
Section 10 — Data Security
Security measures in place to protect local data:
- SQLite database stored in an app-specific directory (inaccessible to other apps)
- AES-256 encryption for cloud backup files
- No network transmission of vehicle records
However, no system is completely secure. Risks such as device theft, malware, and OS vulnerabilities exist. You are responsible for maintaining the security of your device.
Section 11 — Changes to This Policy
We may update this Privacy Policy. For material changes, we will notify you through an app update. Continued use after changes constitutes acceptance of the updated policy.
Section 12 — Contact
For privacy-related requests including account deletion, data access, or questions about this policy, please contact us through the Contact page or via the App Store listing.