Effective date: 5 May 2026 · Data controller: FLXCode (sole developer, Italy) · Contact: flxcodelab@gmail.com

Plain-English summary

Pronto Pass stores the QR codes and barcodes you save only on your device. Nothing about which codes you save is ever sent to us or to anyone else. We do show third-party ads inside the app, and ad networks see your IP address, advertising ID and approximate location for that purpose; you can opt out of personalised advertising at any time from the Settings screen.

What the app stores on your phone

• The raw text payload of every QR or barcode you save.
• A label and an optional emoji that you choose for each code.
• Timestamps for sorting (created, last viewed).
• App preferences (theme, language, whether flight reminders are on).

This data lives in a private SQLite database inside the app's sandbox. Other apps cannot read it. If Auto Backup is enabled on your Google account (it usually is by default), Android encrypts this database and stores it in your own Google Drive backup quota — we do not have access to it. You can disable auto backup in your phone's Android Settings → Google → Backup.

What we never collect

• The contents of your saved codes (Pronto Pass does not transmit them).
• Your contacts, photos, files, calendar, microphone, or location.
• Any account or login — Pronto Pass works with no sign-up.
• Health data — boarding passes and loyalty codes are stored as plain text; we do not parse or interpret medical or vaccination payloads.

Permissions the app may ask for

• Camera — only when you open the scanner screen, used live to detect codes; nothing is recorded.
• Photos / media — only when you tap "Import", to read a single image you select.
• Notifications — only if you turn on flight reminders in Settings.
• Internet — to load the ad banner and (if you have consented) anonymised analytics and crash reports.

Third-party services

The app uses three Google services. You can read their full privacy policies via the links below.

• Google AdMob — serves the banner ad shown on the code-display screen. AdMob receives your device advertising ID, your IP address, and your approximate location to choose what to show. policies.google.com/privacy
• Firebase Analytics — anonymised usage events (which screens are opened, which code types are saved). Off by default. Switched on only after you accept consent on the screen presented when you open the scanner or the settings.
• Firebase Crashlytics — automatic crash reports so we can fix bugs. Off by default. Same consent gate as Analytics. Crash reports include the type of device and a stack trace; they do not include any of your saved codes.

Personalised advertising and your consent

If you are in the European Economic Area, the United Kingdom, or Switzerland, Pronto Pass shows you Google's User Messaging Platform (UMP) consent screen the first time you open the scanner or the settings. You can change your choice any time from Settings → Manage ad preferences. Choosing to refuse personalised ads still lets you use the app — you will see non-personalised ads instead.

Children

Pronto Pass is not directed at children under 13 and does not knowingly collect any data from them.

Your rights under GDPR

Because the app keeps your saved codes only on your device, you remain in control of that data at all times.

• Access — open the app to see every code you've saved.
• Erasure — delete a single code from its detail screen, or wipe everything from Settings → Clear all data. Uninstalling the app also removes the database from your device.
• Rectification — edit any code's label inline.
• Portability — every saved payload can be copied as plain text via the share menu on the display screen.
• Object / restrict — for analytics, crash reports and personalised advertising, use Settings → Manage ad preferences.
• Lodge a complaint — your local Data Protection Authority (in Italy, the Garante per la protezione dei dati personali, garanteprivacy.it).

How we delete your data

You can do this yourself, instantly, with no email back-and-forth:

1. Open Pronto Pass → Settings → Clear all data → confirm.
2. Optionally uninstall the app.
3. If Android Auto Backup ran while the app was installed, the encrypted backup is stored in your own Google Drive — manage it under drive.google.com → Settings → Manage apps.

If you would still like a written confirmation that no data of yours sits anywhere on our side (the answer is "none, we don't have a server"), email flxcodelab@gmail.com and we'll reply within 30 days.

Changes to this policy

If we update this policy in a way that affects what data is collected or who it's shared with, the new version will be linked from inside the app the next time you open Settings, and the effective date at the top of this page will change.