Back to home
DE · EN

Privacy Policy

Last updated: June 2026

This policy explains how the mobile app TourDex (the “App”) processes personal data, in line with the EU GDPR.

1. Controller

Alexander Pfalz
Hofsatz 29
7082 Donnerskirchen, Austria
Email: 2easy4trash@gmail.com

2. Core principle: local-first

TourDex is built local-first: your trips, places, vehicles and settings are stored locally on your device by default. Data is only transmitted to servers (a) if you create an account for cloud synchronization (section 3) and (b) for the optional AI categorization (section 5). Without an account and with AI turned off, your data stays solely on your device.

3. User account and cloud synchronization (optional)

You can use TourDex entirely locally without an account. If you create an account to back up your data and make it available across devices, we process:

4. Location data (GPS)

Purpose

To record trips automatically, the App processes location data, including in the background (“Always allow”), to determine each trip’s start, destination, distance and time.

Legal basis

Art. 6(1)(a) GDPR (consent, via granting the location permission) and Art. 6(1)(b) GDPR (performance of the logbook feature).

Storage

Location and trip data remain on your device and — if you use an account — are synchronized to the cloud as described in section 3. You can disable background tracking at any time in the App settings or your device settings.

5. AI categorization (optional server communication)

To classify a trip as business, commute or private, the App may send selected trip information to our backend, which uses an AI model (Anthropic Claude).

You may leave the AI feature off; the App then categorizes locally using simple rules.

6. Subscriptions / in-app purchases

Subscriptions (“TourDex Pro”) are handled by the Google Play Store. Payment and contract data are processed by that provider under its privacy terms. We only receive your subscription status, never payment details.

7. No ads, no third-party tracking

TourDex contains no advertising SDKs and no third-party analytics tracking.

8. Your rights

You have the right of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and objection (Art. 21), and to withdraw consent at any time (Art. 7(3)). You can delete or export locally stored data yourself via “Settings → Erase all data”. If you use an account, you can remove it together with all data stored in the cloud via “Settings → Delete account”.

You may also lodge a complaint with a supervisory authority (Art. 77 GDPR), e.g. the Austrian Data Protection Authority (Datenschutzbehörde, DSB), Barichgasse 40–42, 1030 Vienna, dsb@dsb.gv.at.

9. Security

Transmission to our servers (cloud synchronization and backend) is encrypted (TLS/HTTPS). Local data are protected by your operating system’s security mechanisms.

10. Changes

We may update this policy. The version published in the App applies.

This document is not legal advice.