Strion Privacy Policy

Last updated: June 7th, 2026


Plain-English summary

We built Strion to help you understand your car. To do that, the app reads data from your vehicle through an OBD2 adapter and lets you keep a history of your trips, diagnostics, and engine health. Here is the short version of how we treat your data:

  • We do not collect your location. Strion has no GPS or location tracking.
  • Your vehicle data is yours. Trips and detailed sensor logs are stored on your device; summaries and reports are backed up to your private account so you can access them across sessions.
  • We use AI to answer questions about your car. When you use the in-app assistant, DTC explanations, or engine-health insights, the relevant vehicle details are sent to Google's Gemini AI to generate a response.
  • We use analytics to understand how the app is used, and we may show ads in the future. This can involve an advertising identifier.
  • You are in control. You can edit your profile, delete trips, sign out, and permanently delete your account and associated data at any time from the Profile screen.

The full details are below.


1. Who we are

This Privacy Policy explains how Strion ("we", "us", or "our") collects, uses, stores, and shares information when you use the Strion mobile application (the "App") and related services.

If you have any questions, contact us at founder@strion.dev.

This policy applies to the Strion mobile app published under the package identifier app.strion.mobile. It does not cover third-party services or websites that we link to but do not operate.

2. The information we collect

2.1 Account information

When you create an account, we collect and store:

  • Email address (used as your login identifier).
  • Password — handled and stored securely by Google Firebase Authentication. We never see or store your raw password.
  • Display name (optional, if provided).
  • A unique account identifier (Firebase UID).
  • Account timestamps — when your account was created and when you last signed in.
  • Account status — e.g. whether your account is on a premium tier.

2.2 Vehicle profile

To tailor diagnostics and AI answers to your car, we collect the vehicle details you enter:

  • Year, make, and model.
  • Fuel type (e.g. gasoline, diesel, hybrid, electric).

2.3 Vehicle data from your OBD2 adapter

When you connect a compatible OBD2 Bluetooth adapter, the App reads data directly from your vehicle, including:

  • Live engine and sensor parameters (such as RPM, vehicle speed, coolant temperature, and other OBD2 PIDs).
  • Diagnostic Trouble Codes (DTCs) and associated freeze-frame data.
  • Driving events, such as hard braking, hard acceleration, and excessive idling.
  • Trip information computed from the above — distance, duration, average and maximum speed, timestamps, and a driving score.
  • Engine health metrics, calibration data, and baselines derived from sensor readings over time.

We do not collect GPS or location data. Trip detection and start/stop are based purely on vehicle signals (such as RPM and speed) from the OBD2 adapter, not on your physical location.

2.4 AI assistant interactions

The App includes AI features: an in-app vehicle assistant (chat), DTC explanations, and engine-health insights. When you use these features, we send the information needed to generate a response to our AI provider (see Section 5), which may include:

  • The text of your questions and messages to the assistant.
  • Your vehicle details (year/make/model, fuel type).
  • The diagnostic codes and engine-health data relevant to your request.

Your AI chat conversations may be stored in your account so your history is available across sessions.

2.5 Usage and analytics data

We use Google Analytics for Firebase to understand how the App is used. This automatically collects standard, largely aggregated information such as:

  • App opens, session starts, session duration, app updates, and uninstall events (used to measure active users, sessions, and retention).
  • Device and app information — device model, operating system version, app version, language, and general region/country (derived from your IP address).
  • A Firebase installation identifier and, where available, a mobile advertising identifier (see Section 6).

2.6 Technical and security data

  • Firebase App Check validates that requests to our backend come from a genuine, untampered instance of the App. This involves device/app integrity attestation.
  • We retain server-side logs of backend requests (including your account identifier and rate-limiting counters) to operate the service, prevent abuse, and control costs.

2.7 Information stored only on your device

Some data stays on your device and is not, by itself, sent to us:

  • Detailed trip and event records in a local database.
  • App preferences, such as your saved OBD2 device and auto-connect setting.
  • PDF reports you generate and choose to export or share.

3. How we use your information

We use the information described above to:

  • Create and manage your account and authenticate you.
  • Connect to your OBD2 adapter and read, display, and store your vehicle data.
  • Detect trips and driving events and produce analytics, reports, and engine health checks.
  • Provide AI-generated explanations, insights, and assistant responses.
  • Sync your trips, analytics, reports, diagnostics, and health data to your account so they are available across sessions and devices.
  • Maintain, secure, and improve the App, including troubleshooting, preventing abuse, and enforcing usage limits.
  • Understand overall usage and retention through analytics.
  • Communicate with you about your account or important service changes.
  • Comply with legal obligations.

4. How your information is stored

  • On your device: detailed trip and sensor logs and app preferences are stored locally using on-device storage (SQLite and local key-value storage).
  • In the cloud: your account profile, trips, trip analytics, driving events, driving reports, engine-health reports, health baselines, calibration data, diagnostic code history, and AI conversations are stored in Google Firebase (Firestore) under your account.

We rely on Google Cloud / Firebase's security infrastructure, and we use authentication, security rules, and App Check to restrict access to your data. No method of transmission or storage is completely secure, but we take reasonable measures to protect your information.

5. AI processing by Google Gemini

Strion's AI features are powered by Google's Generative AI (Gemini) API, used through our secure backend (Google Cloud Functions). When you use an AI feature, the relevant content described in Section 2.4 is transmitted to Google's Generative Language API to generate a response.

This processing is governed by Google's applicable terms and privacy commitments for its AI APIs. We send only the information needed to answer your request, and we apply input controls and per-user limits to these features. Please avoid including sensitive personal information in messages to the AI assistant, as they are processed to produce a response.

6. Analytics and advertising

6.1 Analytics

We use Google Analytics for Firebase for baseline usage and retention metrics. We currently do not implement per-screen tracking or custom behavioral event tracking, though we may add such measurement in the future.

6.2 Advertising (and the advertising identifier)

We do not display advertising in the App at this time. However, we may introduce advertising in the future. To support analytics today and the possibility of advertising later, the App may access a mobile advertising identifier (such as the Google Advertising ID).

If and when we introduce ads, advertising partners (such as Google AdMob) may collect and use the advertising identifier and similar device information to serve and measure ads, including potentially personalized ads. At that time, we will provide appropriate consent controls where required by law (for example, a consent prompt for users in the EU/UK and Apple's App Tracking Transparency prompt on iOS).

6.3 Your choices for analytics and advertising

  • You can reset or limit your advertising identifier in your device's system settings (e.g. "Reset advertising ID" or "Delete advertising ID" on Android).
  • You can opt out of personalized ads through your device's settings.
  • Where required, we will honor consent choices presented within the App.

7. How we share information

We do not sell your personal information. We share information only as follows:

  • Service providers / subprocessors that operate the service on our behalf:
    • Google Firebase / Google Cloud — authentication, database, analytics, App Check, cloud functions, and hosting.
    • Google Generative AI (Gemini) — AI features (see Section 5).
    • Google advertising services (e.g. AdMob) — only if and when advertising is enabled in the future.
  • Legal and safety reasons — when required by law, regulation, legal process, or to protect the rights, property, or safety of our users or others.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this Policy.

8. Data retention

  • We retain your account information and cloud-synced data for as long as your account is active.
  • Locally stored data remains on your device until you delete the relevant records, clear the app's data, or uninstall the App.
  • We retain server-side operational and security logs for up to 90 days, and Firebase Analytics event data for up to 14 months (aggregated, non-identifying reporting metrics may be retained longer), consistent with the purposes described above.
  • When you delete your account, we delete or de-identify your associated personal data within a reasonable period, except where we are required to retain it for legal, security, or fraud-prevention purposes.

9. Your rights and choices

Depending on where you live, you may have some or all of the following rights:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete your account and associated personal information.
  • Object to or restrict certain processing.
  • Data portability.
  • Withdraw consent where processing is based on consent.

You can exercise several of these directly in the App:

  • View and edit your account email and vehicle profile in the Profile screen.
  • Delete individual trips from your trip history.
  • Sign out at any time.
  • Delete your account and all associated data directly in the App: go to the Profile screen and tap Delete Account. After you confirm and re-enter your password, we permanently delete your account login and all data associated with it — both on your device and on our servers (your profile, trips, trip analytics, driving events, reports, diagnostics, engine health checks, and vehicle calibration). This action is immediate and cannot be undone.

To delete your account and associated data, use the in-app Delete Account option described above, or contact us at founder@strion.dev. We will respond within the timeframe required by applicable law.

If you are in the European Economic Area or the UK, our legal bases for processing include performance of our contract with you (providing the App), your consent (for example, for analytics/advertising where required), compliance with legal obligations, and our legitimate interests in operating and improving the service. You also have the right to lodge a complaint with your local data protection authority.

If you are a California resident, you have rights under the CCPA/CPRA, including the right to know, delete, and correct, and the right to opt out of the "sale" or "sharing" of personal information. We do not sell your personal information.

10. Children's privacy

The App is not directed to children under the age of 13, and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us at founder@strion.dev and we will take steps to delete it.

11. International data transfers

We use Google Cloud / Firebase infrastructure, which may process and store data in data centers located outside your country of residence, including in the United States. Where required, we rely on appropriate safeguards for such transfers.

12. Permissions the App requests

The App requests only the device permissions needed for its features, including:

  • Bluetooth (scan and connect) — to communicate with your OBD2 adapter.
  • Foreground service / connected device — to maintain the OBD2 connection while a trip is being recorded.
  • Notifications — to inform you about trip and connection status.
  • Storage — to save and share PDF reports you generate.
  • Network access — to sync data and use AI features.

The App does not request location permissions.

13. Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, provide additional notice. Your continued use of the App after changes take effect constitutes acceptance of the updated Policy.

14. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, contact us at:

Strion Email: founder@strion.dev St. John's, NL, Canada Website: https://strion.dev/