Privacy Policy

1. Introduction

Welcome to OtoLog ("we", "our", or "us"). OtoLog is a cloud-based vehicle ownership and maintenance tracking application for Android. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains what data we collect when you register an account and use OtoLog, how we use it, and your choices. By creating an account and using OtoLog, you agree to the practices described in this policy.

ℹ️ OtoLog is an online application. All your data is stored securely in the cloud via Supabase. An internet connection is required to use the app.

2. Data We Collect

Account & Authentication Data

When you register or sign in — including via Google Single Sign-On — we collect:

Email address
Display name (from your Google profile, if using Google SSO)
Profile photo URL (from your Google profile, if using Google SSO)
Encrypted password (if using email/password registration; we never store it in plain text)
Authentication tokens (access token & refresh token) for session management

Vehicle & Maintenance Data

Data you actively enter into the app and is stored in your Supabase account:

Vehicle information (name, type, plate number, year, odometer)
Service and maintenance records (date, category, cost, workshop, notes)
Fuel log entries (date, quantity, price per unit, total cost, odometer)
Maintenance schedules and reminder configurations
App settings and preferences (currency, unit system, theme)
Vehicle photos (uploaded to Supabase Storage)

Advertising Data (via Google AdMob)

Advertising ID (used for personalized or non-personalized ads)
IP address and approximate location (country/region)
Device type, OS version, and language
Ad interaction data (impressions, clicks)

3. How We Use Your Data

We use the data we collect for the following purposes:

Create and manage your user account
Authenticate your identity when you log in (including via Google SSO)
Store and sync your vehicle and maintenance data across devices via Supabase
Calculate fuel efficiency, expense analytics, and maintenance insights
Generate PDF reports of your vehicle history
Deliver personalized or non-personalized advertisements via Google AdMob
Send account-related emails (e.g., email verification, password reset)
Improve app stability through aggregated, anonymous diagnostics

We do not sell, rent, or share your personal or vehicle data with any third party for marketing purposes.

4. Cloud Storage & Supabase

OtoLog uses Supabase as its backend cloud platform. All your vehicle, maintenance, and account data is stored in a Supabase-hosted PostgreSQL database. Supabase provides:

Encrypted data storage at rest
Encrypted data transmission in transit (HTTPS / TLS)
Row Level Security (RLS) — your data is accessible only by your account
Secure file storage for vehicle photos

By using OtoLog, you also agree to Supabase's Privacy Policy. Supabase infrastructure is hosted on AWS servers, primarily in the region selected at project creation.

ℹ️ Because your data is stored in the cloud, it is automatically available if you switch devices or reinstall the app — no manual backup or restore is required.

5. Third-Party Services

OtoLog integrates the following third-party services:

Supabase — Cloud database and authentication backend. Supabase Privacy Policy →
Google Sign-In (OAuth 2.0) — Optional authentication method. When you choose "Sign in with Google", Google shares your email, name, and profile picture with OtoLog. Google Privacy Policy →
Google AdMob — In-app advertisement platform. AdMob may collect device identifiers and usage data to serve ads. Google Privacy Policy →

You may opt out of personalized advertising by adjusting the Ads Personalization setting in your Android device settings under Google → Ads.

6. Data Security

We implement industry-standard security practices to protect your data:

All communication between the app and Supabase is encrypted via HTTPS/TLS
Passwords are hashed and never stored in plain text
Row Level Security (RLS) in the database ensures each user can only access their own data
Authentication sessions use short-lived access tokens with automatic refresh

While we strive to use commercially acceptable means to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention & Deletion

We retain your account and vehicle data for as long as your account is active or as needed to provide the service. If you delete your account, we will delete or anonymize all personal data associated with your account within 30 days.

To request account deletion, please contact us at support@otolog.app. Note that some aggregated, anonymized data may be retained for analytics purposes.

8. Children's Privacy

OtoLog is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has created an account or provided personal information through the app, please contact us and we will delete that information promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of OtoLog after any changes constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or your data, please contact us at:

App: OtoLog – Vehicle Maintenance Tracker
Email: andyapin@gmail.com
Website: https://otolog.handityo.my.id