Privacy Policy

NepTrack ("we", "our", or "us") operates the NepTrack mobile application — Nepal's smart GPS tracker for vehicles and public services. This Privacy Policy explains what information we collect when you use our app, how we use it, and your choices regarding that information.

NepTrack is an independent, third-party application and is not affiliated with, endorsed by, or representing the Government of Nepal or any government ministry, department, municipality, or authority.

Public service information displayed in the app (bus routes, ambulance contacts, garbage collection schedules, highway alerts, weather data) is sourced from publicly available official sources and community contributions. It is provided for reference convenience only. Users should always verify critical information through official government channels.

Official sources referenced:

• Department of Roads: www.dor.gov.np
• Nepal Police: www.nepalpolice.gov.np
• Ministry of Health and Population: www.mohp.gov.np
• Dept. of Hydrology and Meteorology: www.dhm.gov.np
• Kathmandu Metropolitan City: www.kathmandupdo.gov.np

1.1 Information You Provide

• Account registration details: name, mobile number, email address, and password
• Profile information you choose to add (profile photo, display name)
• Emergency contact details you enter
• Google Sign-In — if you sign in with Google, we receive your Google account name, email address, and profile photo URL as provided by Google. We do not receive your Google password.
• Highway obstruction reports — when you submit a road report, we collect your GPS coordinates, selected obstruction type, description, and optionally the highway and nearby alert stations you choose to notify
• SOS / emergency alerts — when you trigger an SOS, we collect your GPS coordinates and alert type at the time of submission

1.2 Location Information

• Your device location — collected while the app is in use (foreground only) to show nearby vehicles, services, calculate distances, and ETA estimates
• Vehicle GPS data — real-time and historical position data from GPS tracking devices registered to your account
• Report location — your GPS coordinates at the time you submit a highway obstruction report or SOS alert are stored as part of that report record

1.3 Camera

The app uses your device camera solely for scanning QR codes (e.g. vehicle QR codes for quick registration or lookup). Camera images are processed on-device and are not uploaded to our servers.

1.4 Biometric Authentication

If you enable biometric login (fingerprint or face ID), your biometric data is processed entirely by your device's operating system (Android Biometric API or iOS Face ID/Touch ID). NepTrack never accesses, stores, or transmits your biometric data.

1.5 Device Information

• Device model, operating system version, and unique device identifiers
• Vehicle IMEI numbers associated with GPS tracking devices on your account
• Push notification tokens (Firebase Cloud Messaging)
• Login metadata: IP address, browser/OS type, login timestamps
• Authentication tokens stored securely on-device using encrypted storage

1.6 Usage & Analytics

• Features you access and actions you take within the app (via Firebase Analytics)
• Crash reports and error logs (for debugging purposes)
• Real-time data is transmitted via an encrypted WebSocket connection (Socket.IO) to deliver live vehicle updates and alerts

We use the information collected for the following purposes:

• Provide and operate the vehicle tracking and public services features
• Authenticate your identity and secure your account (including via Google Sign-In)
• Send you real-time alerts, notifications, and geofence events for your registered vehicles
• Calculate distances and estimated arrival times using your location
• Show nearby public services (buses, ambulances, EV stations, garbage collection)
• Generate trip history, mileage reports, and usage analytics for your vehicles
• Process and share highway obstruction reports with relevant alert stations you select
• Process SOS emergency alerts and notify relevant emergency contacts or stations
• Improve the app through Firebase Analytics crash analysis and usage patterns
• Respond to your support requests

We do not sell, trade, or rent your personal information to third parties. We may share data only in the following limited circumstances:

Service Providers

We use the following third-party services to operate the app. These providers process data only on our behalf and under strict confidentiality obligations:

Legal Requirements

We may disclose information if required by law, court order, or government authority, or to protect the rights, safety, or property of NepTrack, our users, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. You will be notified before your data is transferred and becomes subject to a different privacy policy.

• Account data — retained for as long as your account is active. Deleted within 30 days of account deletion request.
• Vehicle GPS history — stored for up to 90 days by default; configurable per account.
• Highway obstruction reports — retained indefinitely as community safety records. Your name and exact coordinates are only visible to you and relevant alert station operators.
• SOS alert records — retained for 12 months for safety audit purposes, then anonymised.
• Login logs — retained for 12 months for security purposes.
• OTP records — automatically purged after 24 hours.
• Push notification tokens — removed when you log out or uninstall the app.
• Authentication tokens — stored in encrypted on-device secure storage; cleared on logout.

You may request deletion of your account and all associated data at any time by contacting us (see Contact section below) or using the Delete Account option in the app settings.

• Access — request a copy of the personal data we hold about you
• Correction — update inaccurate or incomplete information via app settings
• Deletion — request deletion of your account and associated data
• Location — deny or revoke location permission at any time in your device settings; the app will continue to function with reduced features
• Notifications — disable push notifications from device settings or the in-app notification preferences

We implement industry-standard security measures to protect your data, including HTTPS encryption for all data in transit, bcrypt password hashing, bearer token authentication, and server-side access controls.

However, no method of transmission over the internet or electronic storage is 100% secure. We encourage you to use a strong, unique password and to keep your login credentials confidential.

NepTrack is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will promptly delete it.

The app may contain links to external websites or services (e.g. Google Maps, emergency service websites). This Privacy Policy does not apply to those third-party services. We encourage you to review their respective privacy policies.

We may update this Privacy Policy from time to time. When we do, we will update the "Effective Date" at the bottom of this page and, where appropriate, notify you via push notification or in-app message. Continued use of the app after changes constitutes acceptance of the updated policy.

If you have any questions, requests, or concerns about this Privacy Policy or your data, please contact us: