This page mirrors the Google Play Data Safety form for the VialRun Operator app, category by category. It exists so you can verify what we declare to Play matches what we actually do.
Every request between the app and our servers uses HTTPS/TLS. Payment data goes directly to Stripe over an encrypted channel, and your data is never sold.
Open the app and go to Settings → Account → Delete account, or email privacy@vialrun.com.
Information you provide when you create a VialRun account and request specimen pickups.
Payment information for practice billing. VialRun does not store raw card numbers — payments are processed and tokenized by Stripe.
Card numbers are tokenized by Stripe and never reach VialRun servers in plaintext.
Used to show the live map, calculate pickup fees, and dispatch the courier to your pickup site. In the Operator app, location is only collected while the app is in use (foreground); the Courier app collects location while the courier is on an active route.
Without location permission the Operator app cannot request a pickup. The Operator app does NOT collect background location.
The Courier app collects precise location (including in the background) only while a courier is on an active route, to dispatch pickups and share live ETAs. It stops when the courier goes off-shift.
Only collected if you choose to upload a profile photo. We do not access your photo library outside of an explicit upload.
High-level usage signals — which screens you visit, which buttons you tap — collected via Firebase Analytics.
No clickstream tied to your name. Aggregated to understand which features are used and to detect crashes.
Diagnostics so we can fix bugs and crashes.
Identifiers generated by Firebase, Mapbox, and Stripe SDKs. Required for push notifications, crash reporting, map rendering, and payment fraud prevention.
Includes Firebase Installations ID, FCM device token, Crashlytics installation UUID, Mapbox telemetry token, and Stripe device fingerprint. We do NOT collect Android Advertising ID (AD_ID) — that permission is explicitly removed from the app manifest.
In-app messaging between an operator and a courier during a specimen pickup (e.g., access instructions, handoff coordination).
Stored for pickup-history and chain-of-custody access for the duration of your account, and for compliance or safety review if a concern is filed.
These categories are declared as “not collected” in the Play Data Safety form:
If anything you see the app doing isn't reflected here, that's a bug — email privacy@vialrun.com and we'll fix it.
