✅
Short version
Almost all data stays on your device. We do not sell data. The only third-party data processing comes from Google services — Google AdMob (for ads) and Google Analytics for Firebase (for anonymous usage statistics) — both of which only activate after you grant GDPR consent on first launch. If you decline, analytics stays off.
The table below summarises every category of data touched by the App and where it goes.
| Data type | Purpose | Where it goes |
| GPS / location | Route tracking, nearby stations | Local only |
| Personal notes | User-written station notes | Local only |
| Favourite routes | Saved route preferences | Local only |
| App settings & preferences | Theme, language, font size | Local only |
| Crash reports | Debugging (opt-in email only) | Local until you send |
| Advertising ID | Personalised ads (consent required) | Google AdMob |
| Device / OS info | Ad targeting (consent required) | Google AdMob |
| App usage & events | Anonymous usage statistics (consent required) | Google Analytics for Firebase |
| Approximate location (IP-based) | Analytics & ad context (consent required) | Google Analytics for Firebase |
| Health, contacts, messages | — | Never collected |
The following data is created and stored exclusively on your Android device using SharedPreferences and local file storage. None of it is transmitted to our servers:
- Station notes — text notes you write for individual stations
- Favourite routes — routes you have saved for quick access
- App settings — theme (light / dark / system), language, font size, and route-tracking behaviour preference
- Crash reports — stored locally if the app crashes; sent to us only if you explicitly choose to email one from Settings
- Terms & consent state — a flag indicating you accepted the terms on first launch
ℹ️
GPS during route tracking
When you activate route tracking, the App reads your GPS position to highlight your progress on the route. This data is used in real time on your device and is not logged or transmitted anywhere.
The App is free and supported by advertisements delivered by Google AdMob.
GDPR Consent
On first launch (and whenever legally required), a GDPR consent form appears — powered by Google's User Messaging Platform (UMP). You can:
- Accept personalised ads — AdMob may use your Advertising ID and device info to show relevant ads.
- Decline / use non-personalised ads — ads are still shown but without personalisation. AdMob still collects some contextual signals (e.g. approximate location, app context).
You can review or reset your consent at any time via Settings → About → Reset Consent.
What AdMob may collect (if consented)
- Google Advertising ID
- Device model, OS version, mobile network
- Approximate location (IP-based)
- Ad interaction data (impressions, clicks)
For full details see Google's Privacy Policy and AdMob's data practices.
To understand how the App is used and to improve it, we use Google Analytics for Firebase, a service provided by Google. Analytics collects anonymous, aggregated usage data — it does not identify you personally and we do not use it to build advertising profiles.
✅
Consent first — off by default
Analytics collection is disabled by default and is only switched on after you grant consent through the GDPR consent form (Google's UMP) on first launch. If you decline, or while consent has not yet been given, no analytics data is collected. This is enforced both in the app and through Google's consent-mode signals.
What analytics may collect (only if consented)
- App events and screen views (e.g. which features are opened)
- Session count, session duration, and app open/close events
- Device model, OS version, app version, language and country
- Approximate location (derived from IP — city/region level, not precise GPS)
- A non-permanent app-instance identifier generated by Firebase
We do not collect your name, email, precise GPS location, or any of your locally stored content (notes, favourites) through analytics.
Changing your choice
You can withdraw or reset your consent at any time via Settings → About → Reset Consent. When you decline, analytics collection stops.
For Google's data practices see Firebase Privacy & Security and Google's Privacy Policy.
- ACCESS_FINE_LOCATION / ACCESS_COARSE_LOCATION — optional; used for route tracking and finding nearby stations. Granted and revocable by you at any time in Android Settings.
- INTERNET — required to load OSM map tiles, serve AdMob ads, and send analytics events (after consent).
- AD_ID — required by Google Play policy when AdMob is present; used by AdMob and analytics only if you consent.
- POST_NOTIFICATIONS (Android 13+) — optional; requested only for route-tracking foreground service notifications.
- Google AdMob — advertisement delivery and GDPR consent management (after consent).
- Google Analytics for Firebase — anonymous usage analytics (after consent).
- OpenStreetMap (OSM) — map tiles are loaded from OSM tile servers when you use the map view. OSM servers receive a standard HTTP request including your IP address.
- OSRM — open-source routing queries for the map navigation feature.
- External map apps (Google Maps, Waze, etc.) — launched at your explicit request when opening a location externally.
- Email apps — used only if you choose to send a crash report; no data is sent automatically.
We do not sell, trade, or rent your personal information to any third party. The only data leaving your device is:
- Ad-related signals sent to Google AdMob (only after consent)
- Anonymous usage events sent to Google Analytics for Firebase (only after consent)
- HTTP requests to OSM/OSRM tile and routing servers (standard IP logging by those servers)
- Crash report emails — sent only if you initiate them manually
- Access & deletion — all your data is on your device; clear it via Android Settings → Apps → Metrou București → Clear Data, or by uninstalling the app.
- Location — revoke at any time in Android Settings → Apps → Metrou București → Permissions.
- Ad & analytics consent — reset via Settings → About → Reset Consent inside the app. Declining stops both personalised ads and analytics collection.
- Crash reports — stored locally; you decide whether to send each one. Delete them in Settings → Crash Reporting.
The App is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided personal data through the App, please contact us and we will take appropriate action.
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and may notify you via an in-app notification for material changes. Continued use of the App after changes take effect constitutes acceptance of the updated policy.
For any privacy-related questions or requests: