Privacy Policy — T-Driver App
Last updated: July 2026
Only the German version of this privacy policy is legally binding. Translations are provided solely for ease of understanding; in the event of any discrepancy or question of interpretation, the German wording alone shall prevail.
1. Controller
TADMIN GmbH, Marker Dorfstraße 78, 59071 Hamm, Germany.
Phone: +49 2381 9997960 · Email: kontakt@tadmin.de
2. Principles of data processing
T-Driver is designed as a purely on-device application. Personal data, in particular driver card data, is processed exclusively locally on your device and, as a matter of principle, never leaves it. There is no user account in the app, no cloud backup, no central tracking and no transfer of personal data to us or third parties.
3. Data processed and purposes
3.1 Local processing (on-device)
- Reading driver card data via the card reader.
- Local evaluation of working time, driving/rest times, overtime, etc.
- Permanent local storage of the evaluated working-time data in an encrypted database on your device (Android Keystore, AES-256).
This storage is strictly necessary in order to provide the requested service (§ 25 Abs. 2 Nr. 2 TDDDG). The data does not leave your device.
3.2 Technical data
App version, operating system version, device type, language setting — for technical functionality and improvement.
3.3 Voluntary data donation (opt-in)
You may voluntarily donate anonymised data to help improve the app. Both tiers are entirely voluntary, can be activated independently, are off by default and can be revoked at any time.
Tier A – Technical telemetry: anonymised crash reports, app/OS version, device type, aggregated usage statistics; no driver card data, names, locations or times. Legal basis Art. 6 Abs. 1 lit. a DSGVO + § 25 TDDDG. Retention max. 12 months.
Tier B – Improvement of the calculation engine: only heavily aggregated, on-device anonymised metrics; no raw card data, names, card numbers, exact timestamps or position sequences. Legal basis Art. 6 Abs. 1 lit. a DSGVO. Retention max. 24 months.
Anonymisation takes place entirely on your device before any data leaves it. Transmitted data is processed on our own EU servers.
3.4 Web account and purchase (website)
A free web account (email address and password) is required to purchase the premium subscription. It lets you retrieve your activation codes/licences, view invoices and cancel the subscription at any time. On our EU servers (Supabase, Inc.; server location Frankfurt) we store your account email address, the purchase/subscription history and the issued licences.
Payment is processed by the payment service providers Stripe (card payment) and PayPal (PayPal payment). They process the payment data under their own data-protection responsibility and in accordance with their respective privacy policies. To match and handle the purchase we store the transaction details provided by the payment service provider, in particular the transaction or subscription identifier and the payer email address held by the payment service provider; this may differ from your account email address.
Legal bases: performance of a contract (Art. 6 Abs. 1 lit. b DSGVO) and compliance with legal obligations, in particular commercial and tax retention duties (Art. 6 Abs. 1 lit. c DSGVO).
3.5 Email delivery
For sending emails (registration confirmation via double opt-in, purchase and licence information and — where separately consented — the newsletter) we use the service provider Resend as a processor (processing within the EU). We process your email address and the content of the respective message. You receive the newsletter only after explicit, separate consent (double opt-in); you can unsubscribe at any time via the unsubscribe link in every email. Legal bases: performance of a contract (Art. 6 Abs. 1 lit. b DSGVO) for purchase- and account-related emails, consent (Art. 6 Abs. 1 lit. a DSGVO, § 7 UWG) for the newsletter.
3.6 Cookies and local storage
We use no tracking, analytics, advertising or third-party cookies and no tracking pixels. Fonts are also served locally from our own server; no external font or CDN services are called. A cookie consent banner is therefore not required.
We use exclusively technically necessary, functional storage on your device:
- Cookie “NEXT_LOCALE” — stores the language you selected.
- Cookie “theme” — stores the view you selected (light/dark).
- Local storage (localStorage) — only if you log into a web account: keeps your login session so that you stay signed in.
This storage contains no identifiers for cross-site recognition and serves solely the function you requested. Legal basis: § 25 Abs. 2 Nr. 2 TDDDG (strictly necessary); no consent is required for this.
3.7 Referral programme and promoter statistics
We operate a voluntary referral programme. If you are referred via a personal referral/promoter code, or act as a promoter referring others, we link the code used to the referred purchase or enquiry and to your web account in order to correctly attribute and grant rewards and bonus periods.
As a promoter, you receive an evaluation of your own referrals in your account (in particular the number of successful referrals and the resulting bonuses). This evaluation is limited to your own referrals and does not disclose any personal data of the referred persons.
Legal bases: performance of a contract (Art. 6 Abs. 1 lit. b DSGVO) for processing rewards and bonus periods, and our legitimate interest in evaluating and preventing abuse of the referral programme (Art. 6 Abs. 1 lit. f DSGVO). Participation is voluntary; without the use of a referral code no such linkage takes place.
4. Legal bases
- Performance of a contract/pre-contractual measures (Art. 6 Abs. 1 lit. b DSGVO)
- Consent for the optional data donation and for the newsletter (Art. 6 Abs. 1 lit. a DSGVO, § 7 UWG)
- Compliance with legal obligations, in particular commercial/tax retention (Art. 6 Abs. 1 lit. c DSGVO)
- Safeguarding legitimate interests (including evaluation and abuse prevention of the referral programme) (Art. 6 Abs. 1 lit. f DSGVO)
- Technically necessary storage (§ 25 TDDDG)
5. Retention period
- Local app data: until you delete it yourself (“Delete all data”).
- Donated data: Tier A max. 12 months, Tier B max. 24 months.
- Account/subscription data: until the account is deleted.
- Invoices and tax-relevant records: statutory retention of up to 10 years (§ 147 AO, § 257 HGB).
- Proof of consent (e.g. newsletter): until withdrawal plus limitation periods.
6. Your rights (DSGVO)
Access, rectification, erasure, restriction, withdrawal of consent (with effect for the future), objection, data portability. You can delete local app data directly in the app. Further requests: kontakt@tadmin.de. Right to lodge a complaint with a supervisory authority (e.g. the LDI North Rhine-Westphalia).
7. Recipients
As a matter of principle, no disclosure of personal data. For individual functions we use carefully selected service providers:
- Payment processing: Stripe (Stripe Payments Europe, Ltd., Ireland) for card payment and PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg) for PayPal payments — each under their own data-protection responsibility and privacy policies.
- Email delivery: Resend (processing within the EU) as a processor (Art. 28 DSGVO).
- Hosting and database: Supabase (operator: Supabase, Inc.; processing within the EU, server location Frankfurt) as a processor (Art. 28 DSGVO).
Where the data donation is active, only anonymised/aggregated data is sent to our own EU servers. No transfer of personal data to third countries for our own purposes takes place.
8. No automated decision-making
No profiling within the meaning of Art. 22 DSGVO takes place.
9. Changes
You will always find the current version on this page.
10. Contact
TADMIN GmbH, Marker Dorfstraße 78, 59071 Hamm, Email: kontakt@tadmin.de

