This Privacy Policy explains how Mainex ("the App", "we", "us", or "our") collects, uses, stores, shares, and protects information when you use our mobile fleet management and workshop dispatch service. It also describes your rights and choices regarding your personal information.
Mainex is operated by Alan Jacinto, an individual sole proprietor based in California, USA. If you have any questions about this policy or wish to exercise your rights, you can contact us at alan98.aj@gmail.com.
The data controller responsible for your personal information under the EU General Data Protection Regulation (GDPR) and the UK GDPR is:
Mainex is a small individual operation. There is no separate legal entity, parent company, or affiliate involved in the processing of your data.
We collect only the information that is necessary to provide and operate the App. We never collect more than we need, and we never collect data for advertising or commercial profiling.
If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with similar laws, we process your personal data on the following legal bases:
| Data Category | Legal Basis | GDPR Article |
|---|---|---|
| Account data (email, name, phone, organization) | Contractual necessity — required to create your account and provide the service | Art. 6(1)(b) |
| Vehicle and operational data | Contractual necessity — core service functionality | Art. 6(1)(b) |
| Photos of issues and repairs | Contractual necessity — documenting issues and repairs is the service's purpose | Art. 6(1)(b) |
| Push notifications | Consent — you explicitly opt in via your device permission prompt | Art. 6(1)(a) |
| Crash and performance data | Legitimate interest — maintaining service quality, security, and reliability | Art. 6(1)(f) |
You may withdraw consent for push notifications at any time through your device settings. Withdrawal does not affect the lawfulness of any processing carried out before the withdrawal.
We never use your data for advertising, profiling, or to make automated decisions that produce legal or significant effects.
We keep your data only for as long as necessary for the purposes described above:
| Data Category | Retention Period |
|---|---|
| Account data (email, name, phone, organization membership) | Retained until you delete your account from within the App. |
| Vehicle and operational data (issues, jobs, notes) | Retained until the associated company deletes the truck or the account is deleted. |
| Photos (issue and repair documentation) | Retained until the associated issue or job is deleted. |
| Crash and performance data | Approximately 90 days (Sentry's default retention period). |
| Push notification tokens | Cleared on sign-out and overwritten when you sign in on a new device. |
When you delete your account through the in-app "Delete my account" option, we run an automated procedure that removes your profile and unlinks you from any organizations.
We use the following carefully selected sub-processors to operate the App. We do not sell or rent your data to any third party.
| Sub-Processor | Purpose | Data Accessed | Location |
|---|---|---|---|
| Supabase Inc. | Database, authentication, and file storage | All account, organization, vehicle, operational data, and photos | USA (US-East region) |
| Functional Software Inc. d/b/a Sentry | Error monitoring and crash reporting | Crash logs, stack traces, device model, OS version | USA |
| 222 Labs Inc. d/b/a Expo | Push notification delivery | Push notification tokens and notification payloads | USA |
Each sub-processor is contractually required to protect your data and use it only to perform the services we ask them to perform.
All data is stored on servers located in the United States. If you access the App from the European Economic Area (EEA), the United Kingdom, Switzerland, or another jurisdiction outside the United States, your personal data will be transferred to and processed in the USA.
To safeguard such transfers, our sub-processors implement Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for cross-border transfers. In particular:
You may request a copy of the relevant transfer mechanism by emailing alan98.aj@gmail.com.
If you are in the EEA, the UK, or another jurisdiction with comparable laws, you have the following rights regarding your personal data:
Email alan98.aj@gmail.com from the email address associated with your account, describing the right you would like to exercise. We will respond within 30 days (this period may be extended by up to two further months for complex or numerous requests, in which case we will inform you).
Exercising your rights is free of charge. We may ask you to provide reasonable information to verify your identity before fulfilling your request.
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you specific rights regarding your personal information.
| CCPA Category | Examples of Data We Collect |
|---|---|
| Identifiers | Name, email address, phone number, account ID |
| Commercial information | Vehicle records, repair jobs, scheduling history (B2B operational data) |
| Internet or other electronic network activity | Crash reports, performance data, push notification tokens |
| Visual or audiovisual information | Photos of vehicle issues and completed repairs |
| Professional or employment-related information | Organization membership, role within your company or workshop |
We do not collect any of the following CCPA categories: biometric information, geolocation data, sensory data (audio/video other than the photos described above), inferences for profiling, or sensitive personal information beyond what is listed above.
We share personal information only with service providers as defined under the CCPA — Supabase, Sentry, and Expo (see Section 6). These service providers are bound by contract to use the data only to perform the services we request.
We do not sell personal information to third parties, and we do not share personal information for cross-context behavioral advertising.
To submit a request, email alan98.aj@gmail.com from the email address associated with your account, and describe the request you would like to make. We verify your identity by confirming the request originates from your account email and may ask you to confirm details about your account. If you use an authorized agent to submit a request on your behalf, we may require written authorization.
We will acknowledge your request within 10 business days and respond substantively within 45 days (extendable by an additional 45 days where reasonably necessary, with notice).
We do not offer financial incentives or price/service differences in exchange for the collection, sale, or retention of personal information.
We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you.
We implement appropriate technical and organizational measures to protect your personal information. These include:
No system can be guaranteed 100% secure. If we become aware of a personal data breach affecting your information, we will notify you and the relevant supervisory authorities as required by law.
Mainex is a B2B service intended for fleet management professionals and is not directed at children. We do not knowingly collect personal information from children under 13 (or the equivalent minimum age in your jurisdiction). If we learn that we have inadvertently collected personal information from a child under 13, we will delete it promptly. Parents or guardians who believe a child has provided personal information to us should contact alan98.aj@gmail.com.
Not applicable. Mainex is a mobile application and does not use cookies, web beacons, pixel tags, or other web-based tracking technologies. We do not use advertising identifiers (IDFA/AAID) and we do not perform cross-app or cross-site tracking.
A formal Data Protection Officer is not required for our operation under GDPR Article 37 because we are a small enterprise that does not perform large-scale systematic monitoring or process special categories of data on a large scale. All privacy-related inquiries can be directed to alan98.aj@gmail.com, where they will be handled directly by the data controller.
If you believe our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with your local supervisory authority (data protection authority). For example:
We would, however, appreciate the chance to address your concerns directly before you contact a regulator — please feel free to email us first.
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will notify users via in-app notification and/or by email to the address associated with their account, at least 14 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was most recently revised.
Your continued use of the App after the effective date of any updated policy constitutes your acceptance of the revised policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at: