HealthCar

Privacy Policy of application HealthCar

Last updated: 1 January 2026

This Privacy Policy (“Policy”) explains how the HealthCar mobile application (“Application”) processes personal data of its users.

The operator of the Application is Andrej Mikoláš (“Operator”, “we”, “us”).

By using the Application, you agree to this Policy.

This Privacy Policy applies not only to the HealthCar mobile application, but also to the official website and landing page of the HealthCar project (hereinafter referred to as the “Website”), which is used primarily to present the application and redirect users to the Google Play Store.

1. Data We Collect

1.1 Data provided by the user

We collect only the data necessary for using the Application, including:

  • email address (email registration or Google Login),
  • password (when registering via email),
  • vehicle information: brand, model, year of production, engine type, VIN number (if the user provides it), license plate number, current odometer status (ODO status),
  • evidence items (services, documents, inspections, their validity and notifications),
  • photos (documents, ODO meter, service-related photos),
  • notes for individual records,
  • user settings (language, preferred notification time, analytics preferences).

1.2 Automatically collected data

  • basic device information (model, OS version, platform),
  • IP address and server logs,
  • push notification token (FCM),
  • AI OCR data (odometer value extracted from images),
  • application error and crash data (Crashlytics),
  • anonymized analytics data (only if the user enables analytics).

1.3 Google Login data

When logging in via Google, we receive:

  • email address,
  • display name (if available),
  • profile photo (if available).

2. Crashlytics (diagnostic data)

The Application uses Firebase Crashlytics, a diagnostic tool from Google that collects:

  • crash reports,
  • error messages and stack traces,
  • application and OS version,
  • last events before a crash,
  • application state at the moment of failure.

These data are used exclusively for error fixing and improving application stability.

2.1 Can Crashlytics be disabled?

No.

Crashlytics is a functional diagnostic tool essential for application stability and cannot be turned off.

Crashlytics:

  • does not store personal identifiers such as names or email addresses,
  • is not used for marketing or user profiling,
  • operates in anonymized or pseudonymized form.

3. Analytics (optional)

The Application may use:

  • Firebase Analytics,

    or

  • Google Analytics for Firebase.

These tools collect anonymized information about how the Application is used.

3.1 What analytics data we collect

  • screen views,
  • user interface interactions,
  • navigation patterns within the Application,
  • technical device parameters,
  • anonymized event tracking.

3.2 Enabling or disabling analytics

Analytics are optional (opt-in).

The user may:

  • enable analytics during the first app launch,
  • later change the preference in Settings → Privacy.

If analytics are disabled, no analytics data are sent.

3.3 Analytics on the Website (landing page)

On the HealthCar Website, we use Google Analytics 4 via Google Tag Manager for basic statistical measurement of website traffic and user interactions.

These analytics tools are used exclusively for:

  • measuring Website traffic,
  • tracking anonymous events (e.g. clicks on buttons leading to the Google Play Store),
  • evaluating the effectiveness of Website content.

The collected data are:

  • anonymized,
  • aggregated,
  • not used to identify individual persons,
  • not used for marketing or advertising purposes,
  • not linked to user accounts within the Application.

On the Website, we:

  • do not use personalized advertising,
  • do not use remarketing,
  • do not use Google Signals,
  • do not use User-ID or other user identifiers.

Analytics cookies used on the Website are strictly statistical in nature and do not require active user consent under applicable legal regulations.

4. How We Use the Data

4.1 Operating the Application

  • managing user accounts,
  • storing vehicle data and evidence items,
  • calculating reminders and notifications.

4.2 Notifications

  • reminders about upcoming expirations,
  • reminders based on odometer readings.

4.3 Technical diagnostics

  • identifying crashes and errors (Crashlytics),
  • performance and stability monitoring.

4.4 Analysis and improvement

Only if analytics are enabled:

  • improving the interface,
  • optimizing features and usability,
  • understanding how the Application is used.

5. Legal Basis for Processing

Personal data is processed based on:

  • contract performance (providing Application functionality),
  • legitimate interest of the Operator (security and diagnostics – Crashlytics),
  • user consent (analytics, uploaded photos).

6. How We Protect the Data

Data are stored within Google Cloud infrastructure:

  • Google Cloud Run (backend),
  • Google Cloud SQL (MySQL database),
  • Google Cloud Storage (files and images).

We use:

  • encrypted HTTPS connections,
  • secure password hashing (bcrypt),
  • IAM access control,
  • firewall and security rules,
  • monitoring and audit logs.

7. Sharing Data with Third Parties

We use these services:

  • Firebase Crashlytics – crash reporting and diagnostics,
  • Firebase Analytics – only if the user enables analytics,
  • Firebase Cloud Messaging – push notifications,
  • Google Identity Services – Google Login,
  • Google Cloud Storage / SQL – data hosting and storage.

We do not sell or provide personal data to third parties for marketing or advertising.

8. Data Retention

  • Data are retained as long as the user’s account exists.
  • Technical logs are retained temporarily (typically 30–90 days).
  • Photos remain stored until deleted by the user.
  • After deleting the account, personal data are removed or anonymized.

9. User Rights

Users have the right to:

  • access their personal data,
  • correct inaccurate data,
  • delete their account,
  • restrict processing,
  • data portability,
  • revoke consent (analytics),
  • file a complaint with the data protection authority.

10. Children and Minors

The Application is intended for users aged 16 and older.

We do not knowingly process data of children.

11. Deletion of User Account

Users can delete their HealthCar account at any time. Account deletion can be performed directly within the mobile application, and once confirmed, the account will be permanently removed from the system.

How to delete your account

  1. Open the HealthCar application.
  2. Go to Menu → Account → Delete Account.
  3. Confirm the deletion.
  4. Once confirmed, the account deletion process will begin and data removal will proceed.

Data that will be deleted

Deleting the account will permanently erase all personal and operational data associated with the user, including:

  • user profile (email, preferences, settings),
  • all vehicles linked to the account,
  • all documents, service records, and inspections,
  • complete ODO logs and history,
  • images and files uploaded by the user,
  • notification tokens and associated devices.

Once deleted, the data cannot be restored.

Support and contact

If the user is unable to delete the account or encounters any issues, they may contact us at:

support@healthcarapp.com

12. Data Transfer Outside the EU

Google may process data outside the EU.

Such transfers are carried out in compliance with GDPR using Standard Contractual Clauses (SCC).

13. Changes to This Policy

We may update this Policy.

Users will be notified of significant changes.

Continued use of the Application constitutes acceptance of the updated Policy.

14. Contact

Operator: Andrej Mikoláš

Email: support@healthcarapp.com

Country: Slovak Republic