FlyerTrack

Privacy policy

Last updated: 29 April 2026

FlyerTrack helps you record flyer delivery routes. To do this, the app uses location only while you are actively recording a route.

1. Who we are

FlyerTrack is operated by Desatec Systems GmbH (the “Controller” under Art. 4 (7) GDPR). For any data protection question, including requests to exercise the rights listed in section 9, you can reach us at:

Desatec Systems GmbH
E-mail: info@desatec.eu

2. Location data — at a glance

Because FlyerTrack requests background location permission, we want to state up-front — in plain language — how that works in practice. The detailed version follows in later sections.

  • You start and stop tracking. Route recording begins only when you tap Start route inside the app, and ends when you tap Stop route. No other action causes location collection.
  • No continuous tracking. FlyerTrack does not track your location continuously, and never outside an active route session that you initiated yourself. When no route is running, the app collects no location data at all.
  • Background access is scoped to an active route. If the screen turns off or you switch to another app while a route is running, recording continues so the route stays complete and accurate. As soon as you stop the route, background collection also stops — immediately.
  • No silent resume. If the app is closed or the device restarts while a route is still open, tracking does not resume by itself. You must explicitly tap Resume route. While a route is recording, an ongoing system notification is displayed for the entire duration of route recording (required by Android for background location use), so tracking is never hidden.
  • Purpose-limited. Location data is used only to record delivery routes and to verify coverage for the carrier’s own reports and, where applicable, a dispatcher’s reports. It is not used for advertising, profiling, or continuous workforce monitoring, and it is never sold or shared with third parties for their own purposes.

Location tracking is always visible to you within the app interface and in the system indicators while active.

3. Scope

This policy covers the FlyerTrack mobile app (iOS and Android), the FlyerTrack dispatcher website, and the FlyerTrack backend server that both talk to. It does not cover third-party websites or apps you may reach from our links.

4. What we collect and why

4.1 Mobile app — information you provide

  • Carrier name you enter during first launch. Stored locally, included in routes you optionally sync to a dispatcher.
  • Drop counts and optional notes you record while distributing flyers. Stored locally. Synced to the dispatcher server only if you connect the app to a dispatcher account.
  • Dispatcher registration code you enter to link the app to a dispatcher account. Exchanged once with our server and discarded.

4.2 Mobile app — collected automatically

  • Precise location (GPS). Recorded only while a route you explicitly started in the app is active — including in the background when the screen is off or the app is not in use — so the route stays complete and accurate. Tracking starts only after you grant location permission and tap Start route; it stops the moment you tap Stop route. Outside an active route, FlyerTrack does not collect your location at any time. An ongoing system notification is displayed for the entire duration of route recording (required by Android for background location use), so tracking is never hidden. Sharing with a dispatcher: if you have linked the app to a dispatcher account, the recorded route track (the sequence of GPS points making up the route) and the GPS coordinates of each drop are synced to that dispatcher’s server — for every route you start, whether it was issued as a request by the dispatcher or started by you ad hoc. The app shows an explicit notice when you register a dispatcher. If no dispatcher is linked, route data stays on your device.
  • Device identifier. A random UUID generated on the device and stored locally. Sent with requests to our map-tile relay so we can rate-limit abuse. It is not linked to your name, e-mail, or any advertising identifier, and it never leaves our own server.
  • Push notification token. When your dispatcher assigns a route, we deliver the notification via Firebase Cloud Messaging (Android) or the Apple Push Notification service (iOS). Only the opaque token is stored on our server.
  • Diagnostic logs. Crash and error logs may contain technical context such as device model, operating-system version, and stack traces, which we use to reproduce and fix bugs. These logs do not contain location data, route content, drop entries, or identity-linked personal information.

4.3 Dispatcher website

  • Account data: e-mail address, password (hashed), business name.
  • Billing data: Stripe customer ID and subscription status. Card numbers are handled by Stripe directly and never reach our server.
  • Operational data you create: carriers you invite, clients you manage, route requests you issue.
  • Server logs: IP address, request path, timestamp. Kept for up to 30 days for security and debugging.

5. Purposes and legal bases

  • Provide the service (deliver routes, record distribution, generate reports) — performance of a contract (Art. 6 (1)(b) GDPR).
  • Precise location collection during active routes — performance of a contract (Art. 6 (1)(b)). Collected only after an explicit in-app permission grant and an explicit Start route action; stops immediately on Stop route; never collected outside an active, user-initiated route session.
  • Billing — performance of a contract and legal obligation (Art. 6 (1)(b) and (c)).
  • Abuse prevention and rate limiting on our map-tile relay — legitimate interest (Art. 6 (1)(f)).
  • Push notifications to deliver dispatcher assignments — performance of a contract (Art. 6 (1)(b)).
  • Sharing route and drop data (including GPS tracks) with a linked dispatcher — performance of a contract between the carrier and the dispatcher (Art. 6 (1)(b) GDPR), triggered by your voluntary registration of a dispatcher code in the app. Applies to every route you start while the app is linked to a dispatcher account, not only routes assigned through a dispatcher request.

6. Third parties (processors and recipients)

We share data with the following processors strictly for the purposes described. A written data processing agreement is in place where required by Art. 28 GDPR.

  • Stripe Payments Europe, Ltd. (Ireland). Handles subscription billing for dispatcher accounts. Receives e-mail, business name, payment details. Stripe privacy policy.
  • Google Ireland Ltd. (Firebase Cloud Messaging). Delivers push notifications to Android devices. Receives the opaque FCM token and notification payload. Google privacy policy.
  • Apple Distribution International Ltd. (APNs). Delivers push notifications to iOS devices. Receives the opaque APNs token and notification payload. Apple privacy policy.
  • Stadia Maps, Inc. Supplies map tiles shown in the app and in PDF exports. Stadia receives the IP address of our relay server, not your device, and receives no location data of your own. Stadia Maps privacy policy.
  • Your dispatcher, if you have linked the app to a dispatcher account. The dispatcher receives the routes you record, the drops, the GPS tracks, the drop coordinates and the carrier name set on the device — for every route you start while the link is active, not only routes assigned through a dispatcher request. Each dispatcher is an independent controller for the data they receive from their carriers; their own privacy notice applies to that data once it reaches them.
  • Our hosting provider stores server data in data centres located within the European Union.

We do not sell personal data, and we do not use it for advertising.

7. International transfers

Our servers are in the EU. Stripe, Google and Apple may process data in the United States; transfers rely on the EU Commission’s Standard Contractual Clauses (Art. 46 GDPR) and, where applicable, the EU-US Data Privacy Framework.

8. Retention

  • Data on your device (routes, drops, carrier name) remains on the device until you uninstall the app or use the in-app reset.
  • Synced route and drop data, including GPS tracks and drop coordinates, stays on the dispatcher server for the lifetime of the dispatcher account, or until the dispatcher explicitly deletes it.
  • Dispatcher account data is kept while the account is active and deleted within 30 days of account closure, except where tax or accounting law requires longer retention.
  • Server logs: up to 30 days.

9. Your rights

Under GDPR you have the right to:

  • access the personal data we hold about you (Art. 15);
  • have inaccurate data corrected (Art. 16);
  • have your data deleted (Art. 17);
  • restrict processing (Art. 18);
  • receive your data in a portable format (Art. 20);
  • object to processing based on legitimate interest (Art. 21);
  • lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at info@desatec.eu. We will respond within 30 days.

How to delete your data

  • Carrier (mobile app only): uninstall the app and the locally stored routes, drops and carrier name are removed.
  • Carrier linked to a dispatcher: ask your dispatcher to remove your carrier record, or e-mail us directly.
  • Dispatcher account: e-mail info@desatec.eu from the address associated with the account and we will close it and delete the associated data within 30 days.

10. Children

FlyerTrack is intended for adult professional use and is not directed at children under 16.

11. Changes to this policy

We may update this policy as the service evolves. Material changes will be announced in-app and on this page; the “Last updated” date at the top reflects the latest revision.

← Back to home