🔒 Short version: 1Route uses your location to optimise delivery routes and stores
route & delivery data in the cloud so your progress is never lost. We collect only what is needed to run the app
and never sell your data. Free tier users may see ads served by Google AdMob — Pro subscribers
never see ads.
1. Introduction
This Privacy Policy explains how 1Route ("we," "our," or "us"), developed by
AshCore Labs, handles information when you use our mobile application (the "App") on
iOS or Android.
1Route is a smart delivery routing app that helps dispatchers build optimised multi-stop routes and
helps drivers navigate them stop-by-stop with live progress tracking. To do this effectively, the App
uses your device location, stores route and delivery data in the cloud, and sends push notifications.
We collect only what is strictly necessary to provide these features.
By using the App you agree to the practices described in this policy.
2. Information We Collect
2.1 Account Information
When you create an account, we collect your email address and a securely hashed version
of your password. Your email is used to identify your account and enable password reset
functionality. Your password is never stored in plain text — it is hashed using industry-standard
encryption (SCRYPT algorithm) via Firebase Authentication. Account data is stored in Firebase
Authentication and used solely to identify your account within the App.
Google Sign-In: You may also sign in using your Google account. In this case, we receive
your name, email address, and profile photo from Google,
which are stored in Firebase Authentication. We do not access your Google Drive, Gmail, or any other
Google services.
Sign in with Apple: You may also sign in using your Apple ID. In this case, Apple shares
your name and email address (or Apple's private relay email) with us,
which are stored in Firebase Authentication. Apple does not share your Apple ID password or any other
Apple account data with us. If you choose to hide your email, Apple provides a unique relay address
that forwards messages to your real inbox.
2.2 Precise Location (GPS)
The App requests access to your device's precise location to:
- Set your current position as the route start point ("Use My Current Location")
- Display your real-time position on the in-app delivery map while on duty
- Enable turn-by-turn handoff to your preferred navigation app (Google Maps, Apple Maps, Waze)
Location is collected only while the App is in use (foreground). We do not collect background location
when the App is closed or in the background.
2.3 Delivery & Route Data
Delivery stops (addresses, customer names, phone numbers, delivery amounts) and route progress
(current stop index, completed/failed stop IDs) are stored in Firebase Firestore and
locally on your device via AsyncStorage. This data is linked to your account so your
progress is preserved across devices and app restarts.
2.4 Route History
Completed route runs — including stop addresses, outcomes (delivered / failed), distance, and duration —
are saved both locally on your device and in Firebase Firestore, linked to your account.
This allows you to access your delivery history across devices and after app reinstallation. You can
delete individual history entries or clear all history from within the App.
2.5 Favorite Addresses
You can save frequently-used delivery addresses as "favorites" for quick access. These addresses
(including custom labels, categories like Home/Work/Delivery, and coordinates) are stored in
Firebase Firestore linked to your account and synced across all your devices.
You can add, edit, or delete favorites at any time from within the App.
2.6 Push Notification Tokens
Firebase Cloud Messaging (FCM) assigns your device a token used to send you push notifications
(e.g., new delivery assignments). This token is stored in Firestore linked to your account and is
refreshed automatically by the FCM SDK.
2.7 Diagnostic Data
Google Firebase and the platform app stores (Apple App Store / Google Play) may provide anonymised
crash reports and usage statistics. This data cannot identify you individually.
2.8 Subscription & Purchase Data
If you purchase a 1Route Pro subscription or lifetime plan, your purchase is processed by
Apple App Store. We do not receive or store your payment card details.
We use RevenueCat to verify your subscription status and entitlements across
devices. RevenueCat may receive your app user ID and purchase receipt for this purpose.
See Section 5 for RevenueCat's privacy policy.
2.9 Advertising Data (Free Tier Only)
Free-tier users of 1Route may see banner advertisements served by Google AdMob.
To serve ads, Google AdMob may collect and process:
- Your device's advertising identifier (IDFA on iOS) — only if you grant App Tracking Transparency (ATT) permission
- General device information (model, OS version) for ad compatibility
- Approximate location (country/region) for regional ad targeting
- Ad interaction events (impressions, clicks)
On iOS 14.5+, you will be shown Apple's App Tracking Transparency (ATT) prompt before any
personalised ad tracking begins. If you decline, only non-personalised ads are shown
(requestNonPersonalizedAdsOnly: true). Pro subscribers never see ads and
AdMob is not initialised for their sessions.
Google Privacy Policy → ·
AdMob Data Usage →
2.10 What We Do Not Collect
- No background location when the App is not in use
- No contacts or microphone access
- No advertising identifiers (IDFA) unless ATT permission is granted for ad personalisation
- No cross-app or cross-website tracking without explicit ATT consent
- No payment card or banking information
3. How We Use Information
- Account information — to authenticate you, enable password reset via email, and associate your routes, deliveries, and favorites with your account.
- Location — to set the route origin, show your position on the map, and hand off navigation to your preferred map app. Never used for advertising or tracking.
- Delivery & route data — to display your stops, track progress, persist an in-progress route across app restarts, and build your delivery history.
- Favorite addresses — to provide quick access to frequently-used addresses and sync them across your devices.
- FCM token — to deliver push notifications (delivery assignments, status updates).
- Subscription data — to verify your Pro entitlement and unlock premium features across devices.
- Advertising data (free tier) — Google AdMob uses device and, if consented, advertising identifiers to serve relevant banner ads to free-tier users. Pro users are never shown ads.
- Diagnostic data — to identify and fix crashes and technical issues.
We do not use any data for advertising, profiling, or any purpose beyond operating the App.
4. App Permissions
1Route requests the following device permissions. Each can be revoked in your device Settings.
📍
Precise Location
Used to set the route start point from your current position and to show your location on the delivery map while on duty.
Required for routing
🔔
Push Notifications
Used to receive delivery assignment alerts and route status updates from dispatchers.
Optional
📷
Camera
Used to scan delivery labels and capture proof of delivery photos. Photos are not stored on our servers.
Optional
🖼️
Photo Library
Used to select a photo from your library to extract a delivery address. Photos are processed on-device and not uploaded.
Optional
🌐
Internet Access
Required to connect to Firebase services and Google Maps for route optimisation and geocoding.
Required
5. Third-Party Services
1Route integrates the following third-party services. Each has its own privacy policy governing their data handling.
🔥 Firebase (Google LLC)
We use Firebase Authentication (email/password account sign-in with password reset functionality),
Cloud Firestore (delivery data, route history, and favorite addresses storage), and Firebase Cloud
Messaging (push notifications). All data is encrypted in transit and at rest. Data is processed by
Google on servers in the United States and other regions.
Firebase Privacy Policy →
🗺 Google Maps Platform (Google LLC)
The App uses the Google Maps Directions API to optimise multi-stop delivery routes and the Google Maps
SDK to render the in-app map. Delivery addresses are sent to Google's servers to compute route
geometry. This is governed by Google's Privacy Policy.
Google Privacy Policy →
🔑 Google Sign-In (Google LLC)
If you sign in with Google, your name, email, and profile photo are shared with us by Google
and stored in Firebase Authentication. We do not access your Google Drive, Gmail, or any other
Google services.
Google Privacy Policy →
� Google AdMob (Google LLC)
Free-tier users may see banner advertisements served by Google AdMob. AdMob may collect device
information and, if App Tracking Transparency (ATT) permission is granted on iOS, your device's
advertising identifier (IDFA) to serve personalised ads. If ATT is declined, only
non-personalised ads are shown.
Pro subscribers never see ads.
Google Privacy Policy →
·
AdMob Data Usage →
�💳 RevenueCat, Inc.
We use RevenueCat to manage in-app subscriptions and verify Pro entitlements. RevenueCat receives
your app user ID and Apple purchase receipts to validate your subscription status. RevenueCat does
not receive your payment card details. Data is processed on servers in the United States.
RevenueCat Privacy Policy →
🍎 Apple App Store / 🤖 Google Play
The platform app stores may provide anonymised crash reports and download analytics to us. This data
cannot identify you individually and is governed by Apple's and Google's respective policies.
No third-party analytics SDKs or data broker integrations are used. Google AdMob is the only advertising SDK and is only active for free-tier users.
6. Information Sharing and Disclosure
We do not sell, rent, or share your personal information with third parties for their own purposes.
Limited disclosure may occur only in these circumstances:
- Compliance with applicable law or a valid legal process (court order, subpoena)
- Protecting the rights, property, or safety of users, AshCore Labs, or others
- As required by the third-party services listed in Section 5 to operate their features (e.g., sending an address to Google Maps to compute a route)
- Anonymised, aggregated data that cannot identify any individual
There are no advertising partners. Your data is never used for ad targeting.
7. Data Security
We take reasonable steps to protect your information:
- Cloud data: Firebase Firestore data (deliveries, route history, favorites) is encrypted at rest and in transit using TLS.
- Local data: Data cached locally via
AsyncStorage is protected by your device's own encryption (iOS Data Protection / Android Keystore).
- Authentication: Passwords are hashed using SCRYPT algorithm. Account access is managed by Firebase Authentication with secure token-based sessions.
- API keys: Google Maps API keys are restricted by platform and bundle ID to prevent unauthorised use.
No security system is impenetrable. If you believe your account has been compromised, please contact us
immediately at hello@ashcorelabs.com.
8. Data Retention
- Account data: Retained while your account is active. Deleted within 30 days of account deletion upon request.
- Delivery & route data in Firestore: Retained while your account is active and synced across devices. You can delete individual deliveries or history entries within the App.
- Favorite addresses in Firestore: Retained while your account is active and synced across devices. You can edit or delete favorites at any time within the App.
- Local cached data: Route and delivery data cached on your device is automatically deleted when you uninstall the App.
- FCM tokens: Retained while your account is active; invalidated when you sign out.
- Location data: Not stored. Location is read from the device sensor in real time and is not persisted on our servers.
9. Your Rights
Depending on your region, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Update your email address or reset your password through the App's account settings.
- Deletion: Request deletion of your account and all associated data (deliveries, history, favorites). Cloud data is deleted within 30 days of your request.
- Revoke permissions: Revoke location, notification, or camera access at any time in your device Settings.
- Portability: Request your delivery history and favorites in a machine-readable format.
To exercise any of these rights, contact us at
hello@ashcorelabs.com.
We will respond within 30 days.
10. Children's Privacy
1Route is designed for professional delivery drivers and dispatchers and is not directed at children
under 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal
information from children. If you believe a child has provided us with personal information, please
contact us at hello@ashcorelabs.com and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy to reflect new features or legal requirements. The "Last Updated"
date at the top of this page will always reflect the most recent revision. For material changes, we
will notify you via a push notification or an in-app banner. Continued use of the App after changes
are posted constitutes acceptance of the updated policy.