Privacy Policy for the Android Application

This privacy policy describes how AstraCRM ("we", "our", or "us") collects, uses, and protects your personal information when you use our Android mobile application (the "App"). By using our App, you agree to the collection and use of information in accordance with this policy. Our App is designed for field workers and service businesses to manage orders, client information, and communication efficiently.

We collect the following types of information: • Personal Information: Name, email address, phone number, and other contact details when you register or use our services • Device Information: Android device model, operating system version, and mobile network information for app optimization • Authentication Data: Login credentials and session tokens for secure access • Photos and Images: When you attach photos to orders or update your profile picture using the camera or photo library • Usage Data: How you interact with our App, including navigation patterns and feature usage for improving user experience • Push Notification Tokens: Firebase Cloud Messaging tokens for sending notifications about orders and important updates (only if you opt-in) • App Performance Data: Crash reports and performance metrics through self-hosted Sentry (deployed in our infrastructure) for debugging purposes

We use the collected information for: • Providing core App services: order management, client communication, and task coordination • User authentication and account security • Sending relevant notifications about orders, schedule changes, and important updates • Processing and storing photos attached to orders for documentation purposes • Improving App performance and fixing technical issues • Providing customer support and resolving technical problems • Ensuring compliance with business requirements and legal obligations

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following circumstances: • Within Your Organization: Order data, photos, and communication are shared with other authorized users in your organization as part of normal business operations • Service Providers: We share technical data with trusted service providers: • Self-hosted Sentry (deployed in our Timeweb Cloud infrastructure) for error monitoring and crash reporting • Timeweb S3 for secure file and image storage • Firebase for push notification delivery and analytics • Legal Requirements: When required by law, court order, or legal process • Business Transfers: In connection with a merger, acquisition, or sale of business assets • Safety and Protection: To protect the rights, property, or safety of our users or others

We implement appropriate technical and organizational measures to protect your personal information: • All data transmission is encrypted using industry-standard protocols • Images and files are stored securely on Timeweb S3 with access controls • User authentication uses secure token-based systems • Regular security assessments and updates • Access controls limit data access to authorized personnel only • Secure data storage practices following industry standards However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

You have the following rights regarding your personal information: • Access: Request access to your personal information stored in our systems • Correction: Request correction of inaccurate or incomplete information through the App settings • Deletion: Request deletion of your account and associated data • Notification Control: Manage push notification preferences in Android Settings or within the App • Photo Management: Delete or modify photos you have uploaded to orders • Data Export: Request a copy of your data in a structured format To exercise these rights, contact us using the details below or use the in-app settings where available.

Our App respects Android privacy features and requirements: • Runtime Permissions: We request permissions only when needed and explain why they are required • Camera Access: You can control camera access through Android Settings > Apps > AstraCRM Mobile > Permissions • Storage Access: Permission requests are made when these features are needed with clear explanations • Push Notifications: You can manage notification preferences through Android Settings > Apps > AstraCRM Mobile > Notifications • App Permissions: You can review and modify all granted permissions in Android Settings • Background Activity: We minimize background data usage and respect Android's battery optimization features • No Location Tracking: Our App does not currently use or request location services • Dynamic Code Delivery (Expo OTA): The App may download code and assets from AstraCRM servers to fix bugs or add features. No personal data is transmitted during these downloads

Our Android App integrates with the following services: • Self-hosted Sentry (in our Timeweb Cloud infrastructure): For error monitoring and crash reporting to improve App stability • Timeweb S3: For secure cloud storage of images and files • Firebase: For push notifications and basic analytics • Google Play Services: For app distribution and security features Each third-party service (for example Firebase / Google Play Services) has its own privacy policy, which you should review. We only share the minimum necessary data with these services.

We retain your personal information for as long as necessary to provide our services and comply with legal obligations: • Account information: Retained while your account is active • Order data and photos: Retained according to your organization's data retention policies • Technical logs: Retained for up to 30 days for debugging purposes • Crash reports: Retained for up to 90 days for App improvement When data is deleted, it is permanently removed from our systems within 30 days.

Our App is designed for business use and is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us immediately.

We may update our Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will notify you of any material changes by: • Posting the updated policy in the App • Updating the "Last updated" date • Sending a notification through the App if required You are advised to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy or our data practices, contact us: Email: privacy@astracrm.pro Support: support@astracrm.pro Website: https://astracrm.pro For Google Play Store related privacy inquiries, you can also contact us through the Google Play Console developer support or use the contact information above.