Platform Documents

1. Introduction

This Privacy Policy describes how "Smart Point Solutions" LLC ("we", "us", "our") collects, uses, stores, and protects personal data in the SP Route mobile application ("Application").

SP Route is designed for drivers and logistics partners and is used for executing delivery routes and real-time shipment tracking.

By installing or using the Application, you agree to this Privacy Policy. If you do not agree, please uninstall the Application.

2. Information We Collect

We collect only the data necessary to operate logistics functionality.

2.1 Data Provided by the User

• Phone number — used for authentication via one-time verification code (OTP).

2.2 Location Data

The Application requests the following Android permissions related to location:

Background location is only collected during active route execution. This is a core feature of the Application without which route tracking is impossible.

2.3 Camera Data

2.4 Device and Technical Data

• FCM token (Firebase Cloud Messaging) — for push notifications only; does not allow user identification without backend access.
• Device type and OS version
• App version
• IP address — may be recorded server-side as part of standard network communication; it is not explicitly collected or stored by the Application itself
• Session logs — may be generated server-side for security and diagnostics purposes
• Crash and diagnostic data (via Firebase Crashlytics)

Technical data is collected only while the Application is in use or during active route execution.

2.5 Route and Delivery Data

• Route assignments
• Status of delivery points
• Arrival and completion timestamps
• Task execution data

3. Purpose of Data Processing

We use collected data exclusively for:

• Route navigation and optimization
• Real-time tracking of drivers by logistics operators
• Assignment and management of delivery routes
• Confirmation of pickup and delivery operations (QR scanning)
• User authentication via OTP
• Sending push notifications (route updates, task assignments)
• Ensuring service security and fraud prevention
• Improving application performance and crash diagnostics

4. Background Location — Important Disclosure

Background location enables:

• Continuous tracking of driver movement during active routes
• Real-time delivery progress visibility for logistics coordinators
• Accurate estimation of arrival times at delivery points
• Monitoring of route compliance

Background location is collected only during active route execution via a Foreground Service, which is activated when the driver starts a route assignment.

Background location collection STOPS when the route is completed or the driver manually ends the session.

Background location is used exclusively during active work sessions initiated by the user and is not collected outside of active route execution.

Before requesting background location permission, the Application will display an in-app disclosure explaining the purpose of this permission. You must explicitly grant ACCESS_BACKGROUND_LOCATION for the core functionality to work.

You can disable background location at any time:

• Device Settings → Apps → SP Route → Permissions → Location → set to "Only while using the app" or "Deny"

Disabling background location will prevent real-time route tracking and may disable core features of the Application.

5. Data Sharing

We share data only with the following parties and only when necessary:

We do not sell or share personal data for advertising purposes. All service providers process data under strict confidentiality obligations and in accordance with their own privacy policies.

6. Third-Party Services

The Application integrates the following third-party services:

• Google Maps / Navigation SDK — route calculation and in-app navigation
• Firebase Cloud Messaging — push notifications
• Firebase Crashlytics — crash and error diagnostics

Firebase services do not use data for advertising purposes and do not perform cross-app tracking.

These services may process limited technical data according to their own privacy policies.

Google Privacy Policy: https://policies.google.com/privacy

The Application does not collect or use advertising identifiers (such as Google Advertising ID).

7. Data Storage and Security

Storage

• Data is stored on secure servers operated by SmartPoint infrastructure.
• Servers may be located outside the Kyrgyz Republic.

Security Measures

• HTTPS/TLS encryption for all data transmission
• Secure authentication and access control
• Role-based access for logistics operators
• Monitoring and protection against unauthorized access

8. Data Retention

After retention periods expire, data is deleted or anonymized.

9. User Rights

Users have the right to:

• Access their personal data
• Request correction of inaccurate data
• Request deletion of their data
• Withdraw permissions (location, camera) at any time via device settings
• Restrict or object to processing

Users may also request a copy of their data in a structured, machine-readable format where technically feasible.

Requests can be sent to: support@smartpoint.kg

We will respond to requests within 30 days.

10. Account and Data Deletion

Users may request account deletion by contacting support via email at support@smartpoint.kg.

Upon deletion request:

• Personal data (phone number) is deleted
• Route data is anonymized where technically possible
• Data required for legal compliance may be retained for the minimum period required by applicable law

Account deletion is processed within 30 days of the request.

11. Children's Privacy

The Application is intended exclusively for professional use by individuals aged 18 and over. We do not knowingly collect data from individuals under 18 years of age. The Application is not available to minors.

12. Advertising

The Application does not contain advertisements of any kind. We do not use user data for advertising or marketing purposes.

13. Changes to This Policy

We may update this Privacy Policy. Users will be notified of significant changes via an in-app notification. The updated policy will be available at the URL provided in the Application's store listing.

Continued use of the Application after notification of changes constitutes acceptance of the updated Policy.

14. International Data Transfers

Data may be processed outside the Kyrgyz Republic, including by Google services. We ensure appropriate safeguards are applied to protect personal data in accordance with applicable data protection requirements.

15. Google Play Compliance

This Application complies with Google Play Developer Program Policies, including the User Data Policy and Background Location Policy. The Data Safety section in the Application's Google Play listing accurately reflects the data collection and sharing practices described in this Privacy Policy.

All permissions requested by the Application are directly related to core functionality and are the minimum necessary to deliver the service.