Say hello! info@trlln.io

Privacy Policy for Trlln BLE Scanner

Last updated: May 4, 2026

⚠ Background Location Collection Disclosure

Trlln BLE Scanner collects your precise GPS location (latitude and longitude) during scanning sessions.

When Supernode Mode is enabled, the app collects GPS location in the background — even when the app is not in active use — via a persistent foreground service. This background collection is required to associate BLE scan results with geographic coordinates for network mapping.

Location data is transmitted to https://api.trlln.io/* as part of each scan payload, formatted as "latitude,longitude" (to 6 decimal places).

On Android, location permission is also required by the platform to scan for nearby Wi-Fi access points (this is a platform requirement, not solely for GPS).

Introduction

Trlln BLE Scanner ("we", "our", or "us") is a mobile application that scans for nearby Bluetooth Low Energy (BLE) nodes matching configured manufacturer IDs and maps them to geographic locations. This Privacy Policy explains how the app handles information when you use it.

Information We Collect

Location (GPS)

  • What: Precise GPS coordinates — latitude and longitude to 6 decimal places.
  • When (foreground): Collected during active scanning sessions whenever a location fix is available.
  • When (background): Collected continuously in the background when Supernode Mode is enabled, even when the app is not in active use.
  • Transmission: Included in each scan payload sent to https://api.trlln.io/*, formatted as "latitude,longitude".
  • Android note: Location permission is also required by the Android platform to scan for nearby Wi-Fi access points.

Bluetooth and MAC Addresses

  • Purpose: We request Bluetooth access to scan for nearby BLE devices matching configured manufacturer IDs.
  • What: The hardware MAC address (or device UUID on iOS) of each matching BLE device is collected and transmitted as the "id" field in the node object of each scan payload. MAC addresses uniquely identify each detected sensor or device for tracking and reporting purposes.
  • Storage: BLE scan data is stored locally on your device and transmitted automatically to https://api.trlln.io/*.
  • Background scanning: When Supernode Mode is enabled, BLE scanning runs via a persistent foreground service (indicated by a permanent notification) so that scanning continues when the app is in the background.
  • Submission intervals: You can configure how frequently BLE scan data is submitted. This setting is available in the app's configuration.

Wi-Fi Access Points (BSSIDs)

  • What: The hardware MAC address (BSSID) and signal strength (RSSI) of nearby Wi-Fi access points. Only globally administered (non-randomised) BSSIDs are collected; locally administered (randomised) MAC addresses are filtered out.
  • Wi-Fi network names (SSIDs) are not collected.
  • Platform: BSSID collection occurs on Android only. iOS currently returns an empty Wi-Fi list.
  • Purpose: Provides ambient location context (radio-fingerprinting) to complement GPS coordinates in each scan payload.

Device Identifier

  • What: A stable, hardware-derived identifier (device_id) is generated on the device and included in every scan payload sent to api.trlln.io.
  • Format: A truncated SHA-256 hash derived from hardware properties (Android ID / iOS Vendor ID, device model, board), truncated to 12 uppercase hexadecimal characters and prefixed with the platform name — for example, android_XXXXXXXXXXXX or ios_XXXXXXXXXXXX. This identifier is deterministic and persists across app restarts; it is not a randomly generated UUID.
  • Storage: Stored in secure storage on your device.
  • Purpose: Server-side device attribution and observability — allows the server to associate scan events with a specific device across sessions. It cannot be used to identify you personally.

Authentication

  • The app authenticates users via Auth0 (auth0.com), a third-party authentication service.
  • User credentials (email/password or social login) are handled exclusively by Auth0's hosted login page. The app does not process your credentials directly.
  • Auth0 issues a JWT access token that is stored in secure storage on your device and included as a Bearer token in all API requests to api.trlln.io.
  • For details on how Auth0 handles your data, see Auth0's privacy policy: https://auth0.com/privacy.

Local Storage and Offline Queue

  • BLE scan events and Wi-Fi scan data are queued locally in a database on your device when network connectivity is unavailable.
  • Queued data is automatically transmitted to https://api.trlln.io/* when connectivity is restored.
  • The queue uses a retry mechanism with exponential backoff to ensure no scan events are lost during temporary connectivity loss.
  • All locally stored data is removed when you uninstall the app.

Data Storage

  • All scan data is stored locally in a database on your device.
  • BLE scan data matching configured manufacturer IDs is automatically transmitted to api.trlln.io.

Third-Party Services

  • https://api.trlln.io/* — primary data endpoint for BLE scan payloads.
  • Auth0 (auth0.com) — authentication provider.

The app does not include advertising or analytics SDKs.

Your Rights

  • You can delete all locally stored scan data at any time using the clear function in the app.
  • You can uninstall the app to remove all locally stored data from your device.
  • To request access to, correction of, or deletion of any data held on our servers, contact us at the address below.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page.

Contact Us

If you have questions about this Privacy Policy, please contact us at info@trlln.io.

Part of IFCO

Privacy Policy