Privacy Policy

Last updated: May 2, 2026

Hexpendi is built privacy-first. Your walking history stays on your device. We do not sell your data, do not share it with advertisers, and do not require an account.

Who we are

Hexpendi is built and operated by an individual developer based in Lithuania. For privacy questions, email support@hexpendi.com.

This Privacy Policy applies to both the Hexpendi mobile application (Android) and the website at hexpendi.com.

What we collect — and what we don't

Hexpendi has no user accounts. We never ask for your name, email, address, phone number, age, or any identifying information. We do not collect contacts, photos, files, or browsing history.

The app collects only what's needed to function:

Location data (GPS coordinates) - Recorded only while you use the app to track a walk. Stored locally on your device in an on-device database. Never uploaded to our servers.
Region lookups - When the app determines which neighborhood, district, or city you are in, your current coordinates are sent to our region-lookup service (Cloudflare Workers) and to OpenStreetMap's Nominatim service as a fallback. These requests are not logged or associated with you.
Anonymous app analytics - The app uses Firebase Analytics (Google) to collect anonymous usage data: app opens, session length, screen views, app version, device model, OS version, language, and country (derived from IP, then the IP is discarded). This data is pseudonymous (tied to a Firebase app instance ID, not to you personally). See "Analytics opt-out" below.
Crash reports - If you opt in during onboarding, anonymous crash diagnostics are sent via Firebase Crashlytics to help us fix bugs. Crash reports include device model, OS version, and a stack trace. They do not include personal data or location data. You can opt out at any time in Settings.

The website collects nothing. hexpendi.com has no analytics, no cookies, no fingerprinting, no embedded trackers.

What stays on your device

The following data is stored only in your phone's local app database (Room/SQLite). It is never uploaded to our servers or any third party:

Your hex grid history (which hexes you have walked)
Names of regions you have visited
Achievements earned and progress toward them
Walking statistics (total distance, hexes revealed, days active)
Your settings and preferences

Uninstalling the app or clearing app data in Android settings permanently deletes all of this. We have no servers to delete it from.

Permissions explained

Location (foreground) - Required. Used to record your position while you are actively tracking a walk.
Location (background) - Optional. Allows tracking to continue when the screen is off or you switch apps. You can decline this and use the app in foreground-only mode.
Notifications - Optional. Used to display the active-tracking notification (required by Android for background services) and unlock alerts when you complete an achievement.
Disable battery optimization - Optional. Asked once during onboarding. Recommended on Samsung A-series devices to prevent the OS from killing GPS tracking when the screen is off.

Third-party services

The app relies on these services. Each is listed with what data it processes and why.

OpenStreetMap (OSMF) - Map tile imagery rendered in the app. Tile requests include your viewport coordinates. OSMF Privacy Policy.
Cloudflare Workers - Our region-lookup service that maps your GPS coordinates to neighborhood/district/city names. Receives the coordinates of your current fix; does not log them.
Nominatim (OpenStreetMap) - Fallback region lookup if our service is unavailable. Receives your current coordinates. OSMF Privacy Policy.
Firebase Analytics (Google) - Anonymous usage analytics described above. Data is processed by Google in accordance with the Google Privacy Policy and Firebase Privacy Information.
Firebase Crashlytics (Google) - Anonymous crash diagnostics, opt-in only. Same Google policies apply.

Analytics opt-out

You can disable Firebase Analytics collection at any time:

System-wide opt-out - Android Settings → Google → Ads → "Delete advertising ID" or "Opt out of Ads Personalization". This limits cross-app tracking globally.
App-level opt-out for Crashlytics - In Hexpendi: Settings → Crash reporting → toggle off.

An in-app toggle to disable Analytics specifically is on our roadmap.

Your GDPR rights

If you are in the European Union, the United Kingdom, or another jurisdiction with similar data-protection law, you have the following rights:

Right of access - Because all your data is stored locally on your device, you already have full access to it through the app and through Android's app settings.
Right of erasure - Uninstall the app or use Android Settings → Apps → Hexpendi → Storage → Clear data. Anonymous analytics already collected by Google can be requested for deletion through Google's Analytics data deletion process.
Right to object - You can opt out of analytics as described above and decline optional permissions during onboarding.
Right to lodge a complaint - You can complain to your local data-protection authority. In Lithuania this is the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija): vdai.lrv.lt.

The legal basis for our processing is your consent (location permissions, optional Crashlytics) and our legitimate interest in operating and improving the app (anonymous analytics).

Data retention

On-device data is kept until you delete it. Anonymous analytics are retained by Google for up to 14 months by default. Crash reports are retained by Google for up to 90 days. Region lookup requests are not retained.

International transfers

Firebase Analytics and Crashlytics are operated by Google LLC (United States) and Google Ireland Limited. Data may be transferred outside the European Economic Area. Google participates in the EU-U.S. Data Privacy Framework, which provides a transfer mechanism recognized under GDPR.

Children

Hexpendi is not directed at children under 13 (or under 16 in some EU jurisdictions). We do not knowingly collect data from children. If you believe a child has used the app, please contact us and we will help you clear the local data.

Security

Communication with our region-lookup service uses HTTPS (TLS 1.2+). On-device data is protected by Android's per-app sandbox. Because we hold no servers with your personal data, the most common breach risks (server compromise, credential leak) do not apply.

Changes to this policy

If we change how Hexpendi handles data in any material way, we will update this page, change the "Last updated" date at the top, and note the change in the app's release notes. Continued use of the app after a change indicates acceptance.

Contact

Questions about this Privacy Policy? Email support@hexpendi.com.