Privacy Policy for Boring Order Tracker (App & Website)

1. Controller

The controller for data processing within the meaning of the General Data Protection Regulation (GDPR) is:

Jan Gerster
Hauptstr. 53
79787 Lauchringen
Germany
Email: info@hosting-fox.de

2. Scope and general principle

This policy applies to the website tostviewer.de, the iOS app and the Android app of Boring Order Tracker, and the related backend services. The app processes data only to the extent required for the functions you use. Several community and server-backed features work only after explicit consent.

Some data stays exclusively on your device. Other data is transmitted - depending on the feature you enable - to the app operator's servers or to clearly identified third-party services.

3. Core app data

a) Tesla sign-in, orders and optional existing vehicles

When you sign in with Tesla, the app receives OAuth tokens from Tesla to authenticate subsequent API requests. These tokens are stored locally on the device and are not sent to the app operator's community, blog or comparison servers.

The app retrieves data directly from Tesla, including open orders, status, delivery windows, delivery center, configuration, option codes, VIN status, financing details, registered vehicles and - if you enable it - technical existing-vehicle data such as battery level, range, odometer, charging status, software version and vehicle configuration.

b) Local storage, history and privacy mode

Orders, optional existing vehicles, locally detected change history, caches, settings, documentation drafts and similar app data are stored in the app sandbox on your device. Privacy mode hides references, VIN fragments and similar values in the user interface, but does not change Tesla processing or the local device storage itself.

c) Background refresh and local notices

If you enable background refresh, the app periodically tries to load updated Tesla data and can announce detected changes locally or via push. The exact timing depends on iOS or Android system policies.

4. Community, comparison and server-backed features

a) Statistics and comparison data (opt-in)

With your explicit consent, the app transmits pseudonymous comparison data to the app operator's server. Depending on the feature, this can include model, configuration, option codes, order date, delivery window, delivery center, status, technical timestamps and - for existing vehicles - technical vehicle fields only. A pseudonymous device/client ID is used for deduplication and assignment.

Not included in this statistics upload are, in particular, your real name, postal address, phone number, real VIN values, Tesla login tokens, cookies, authorization headers or full financing details.

b) Ideas, support and community blog (opt-in)

If you use ideas, support or blog features, the content you submit is sent to the app operator's server. Depending on the feature, this may include username, pseudonymous device/client ID, optional linked community identity, posts, comments, likes, votes, support tickets, images and related metadata. As with normal web requests, technical transport data such as IP address, timestamp and user agent is also processed.

c) Optional community identity

To map a community identity across devices, the app can optionally send a hashed identity key to the server. On iOS this key is based on optional Sign in with Apple. On Android it is based on optional Google sign-in. The app and backend use a pseudonymous mapping rather than your plain Apple or Google password.

5. AI features and OpenAI

a) In-app AI chat

If you use the AI chat, the app operator's server processes your request together with a pseudonymous device/client identifier, platform and version data, your selected language, relevant visible order or vehicle data from your current app context and condensed Boring-OT statistics. The backend may also store prompts, answers, timestamps, the model used, token usage, cost estimates and technical quality signals. This is used in particular for conversation continuity, rate limiting, abuse prevention, quality assurance and improving server-side response logic.

For AI processing, the server may forward relevant parts of this compact context to OpenAI. Tesla login tokens, cookies, authorization headers and full raw Tesla responses are not sent to OpenAI. The server is designed to send only the visible data and aggregated statistics needed for the specific question.

b) AI-assisted translations and server-side AI helpers

The server may also use OpenAI for blog translations, editorial assistance or internal categorization helpers. In each case only the required text or data excerpt is processed.

6. Notifications, push and crash diagnostics

To deliver notifications, the app processes platform-specific push tokens and your selected notification preferences. On iOS delivery is handled through Apple Push Notification Service (APNs). On Android delivery is handled through Firebase Cloud Messaging (FCM). The app can transmit these tokens together with technical app metadata to the app operator's backend so that notifications and silent refresh triggers can be delivered.

Android release builds additionally use Firebase Crashlytics to diagnose crashes and severe technical errors on a pseudonymous basis. iOS currently does not use a separate third-party crash-reporting provider. Crashlytics is used for diagnostics only and not for advertising or profiling.

7. Additional optional modules

a) Developer raw data (currently iOS only)

On iOS you can optionally enable encrypted developer raw-data uploads. This can include raw Tesla responses, locally available EPC/parts-catalog payloads and locally stored change history. Tesla tokens, cookies and authorization headers are explicitly excluded. The data is encrypted on the device before upload; the server stores only the encrypted package and technical metadata. Android currently does not provide this separate raw-data pipeline.

b) Vehicle handover and verification

During vehicle handover, the app can store and synchronize inspection reports, photos, notes and checkpoints. For published or completed documents, a verification link or QR code can be generated. This mainly processes model information, partially masked VIN data, inspection status, timestamps and document metadata.

c) In-app purchases / voluntary support

Voluntary support or tip-jar purchases are processed via Apple StoreKit on iOS or Google Play Billing on Android. The app and the app operator's server receive only the data needed for entitlement handling, restoration and optional support attribution, such as product identifier, technical purchase ID and purchase timestamp.

8. Website and web content loaded inside the app

The website tostviewer.de does not use advertising or analytics cookies. At most, an optional language/preference cookie may be set. The web server processes standard technical access logs such as IP address, timestamp, requested URL, referrer and user agent in order to operate the site securely and defend against abuse.

When the app loads the privacy policy or other web content directly from the website, the same web server logging applies as for a normal page request.

9. Recipients and international transfers

• Tesla, Inc.: Authentication, order and vehicle retrieval, vehicle images and optional live vehicle data.
• App operator servers (hosting-fox.de): Comparison data, community features, support, blog, notification logic, documentation and verification services, AI preprocessing and related administration.
• Apple: Sign in with Apple, APNs and in-app purchases via StoreKit.
• Google / Firebase: Google sign-in on Android, Firebase Cloud Messaging for Android push and Firebase Crashlytics for Android crash diagnostics.
• OpenAI: AI chat, translations and selected server-side AI helper features via the app operator's server.
• QR code service (api.qrserver.com): Used only to generate QR codes for verification links in documentation reports.

Where providers outside the EU/EEA are involved, data is transferred only to the extent required for the relevant feature. The applicable privacy and transfer mechanisms of the respective provider apply.

10. Legal bases

• Art. 6(1)(b) GDPR: Processing required to provide core functions you request, such as Tesla sign-in, order display, documentation or purchase handling.
• Art. 6(1)(a) GDPR: Processing that requires your explicit consent, especially statistics uploads, community features, blog, ideas, support, developer raw data and optional identity linking.
• Art. 6(1)(f) GDPR: Legitimate interests in secure operation, abuse prevention, logging, technical notification delivery, crash/error diagnostics and quality assurance for server-side AI and community services.

11. Storage and deletion

• Local app data generally remains on the device until you delete it, reset the app or uninstall it.
• Server-side community, statistics, AI or documentation data is stored until the respective purpose ends, you request deletion or you withdraw your consent, unless legal retention duties apply.
• Developer raw-data uploads are stored only in encrypted form and are automatically deleted again after a limited period.
• Website and server logs are retained only as long as needed for operation, abuse prevention and technical analysis.

12. Data security

• Network communication is generally encrypted via HTTPS/TLS.
• Tesla credentials are stored locally using platform-appropriate secure storage.
• Several server areas use prepared database statements, pseudonymous device identifiers and separate consent levels.
• Particularly sensitive iOS developer raw data is encrypted on the client before upload.

13. Your rights

You have the rights of access, rectification, erasure, restriction, data portability and objection under the GDPR. You may also withdraw any consent you have given with effect for the future.

Contact: info@hosting-fox.de

Several app areas additionally provide direct deletion functions, for example for community data, developer raw data or a full app-account reset.

14. Changes to this policy

This privacy policy is updated whenever functions, data flows or legal requirements change. The current website version is authoritative. The app can load this website version directly so it stays current without requiring an app update.

Last updated: April 2026