Privacy Policy — Luhit (לוחית)

Effective date: 26 May 2026 · App: Luhit (לוחית) — Android package com.danielohayon636.luhit · Developer: Daniel Ohayon · Contact: danielohayon636@gmail.com

This policy explains what information the Luhit app ("the app") handles, how it is used, and what control you have over it. It is written to be plain and specific to how the app actually works.

Summary (TL;DR)

• The app has no user accounts and no remote backend. Everything you enter stays on your device.
• The app sends license-plate numbers you choose to look up to the public Israeli government open-data API at data.gov.il to retrieve information about that vehicle (registry data, recalls, accessibility status, etc.).
• For some recall checks, the app may send a vehicle's make, model, and model year (no license plate) to the U.S. NHTSA recall API at api.nhtsa.gov as a secondary source.
• We do not use any analytics, advertising, crash-reporting, or tracking SDKs.
• The app requests two permissions: Camera (to scan license plates) and Notifications (for local reminders such as insurance/MOT/service due dates).

1. Information the App Handles

1.1 Information you provide

• License-plate numbers of vehicles you want to track.
• A nickname for each vehicle.
• Service-log entries (date, mileage, description, cost).
• Mileage readings.
• Insurance and test (MOT) expiry dates.
• Photos or PDF documents of receipts, insurance, registration, etc. (added voluntarily through the in-app document vault).
• Reminders and notes.

1.2 Information generated by your use of the app

• License-plate search history (so the app can re-display previous lookups).
• Cached registry/recall results retrieved from data.gov.il and api.nhtsa.gov (so the app does not need to refetch on every open).
• Theme and language preferences.
• Local notification schedules.

1.3 Camera-captured images

When you use the license-plate scanner, the camera image is processed on-device using on-device text recognition. The image itself is not uploaded anywhere and is not retained after the scan completes. Only the recognized plate text is used — and only when you confirm a search.

2. Where Your Information Is Stored

All information described in Section 1 is stored only on your device, in one of three places:

1. Standard app storage (AsyncStorage) — non-sensitive items such as vehicle list, service logs, mileage, nicknames, search history, cached lookup results, and preferences.
2. Operating-system secure storage (Android Keystore via expo-secure-store) — more sensitive items such as insurance expiry dates, service costs, reminder notes, and text extracted from your uploaded documents.
3. App-private file directory — original document files (photos/PDFs) you upload to the document vault. These files are visible only to the Luhit app and are removed when you delete the document or uninstall the app.

There is no cloud sync, no server-side database, and no remote backup operated by us. We never see, store, or have access to your data.

3. Information Sent to Third Parties

The app makes outbound network calls only to the following two destinations, and only in response to actions you take:

3.1 data.gov.il (Israeli Government Open Data)

• What is sent: the license-plate number you choose to look up, plus the public dataset identifiers required by the API.
• When it is sent: when you search for a plate or refresh vehicle data inside the app.
• Why: to retrieve official registry information (model, year, fuel type, accessibility status), recall campaigns, and historical kilometer/test records published by the Israeli government.
• What we get back: publicly available registry data for that vehicle.
• Authentication: the API is public and requires no account; we send no personal identifier of yours, only the plate number you typed.
• Provider's terms: data.gov.il is operated by the State of Israel. Their use of API request logs is governed by Israeli government policy, not by us.

3.2 api.nhtsa.gov (U.S. National Highway Traffic Safety Administration)

• What is sent: the vehicle's make, model, and model year only. No license plate, no VIN, no personal identifier is sent.
• When it is sent: only when the Israeli recall dataset returns no result for the vehicle, as a secondary recall source.
• Why: to surface relevant U.S.-issued recall campaigns that may apply to the same make/model.
• Authentication: the API is public and requires no account.

The app contacts no other servers and shares your information with no other parties.

4. Permissions the App Requests

The app does not request location, contacts, microphone, calendar, or background activity permissions.

5. Analytics, Advertising, and Tracking

The app contains:

• No analytics SDKs (no Google Analytics, Firebase Analytics, Mixpanel, Amplitude, PostHog, Segment, etc.).
• No crash-reporting SDKs (no Sentry, Crashlytics, Bugsnag, etc.).
• No advertising or ad-attribution SDKs (no AdMob, Meta Audience Network, etc.).
• No tracking pixels or fingerprinting.

We do not build a profile of you, your device, or your behaviour.

6. Your Rights and Choices

Because all your data lives on your device, you control it directly:

• Access: open the app to view any data you have entered.
• Edit / delete individual items: use the app's editing controls (e.g. delete a service entry, remove a vehicle, delete a document).
• Delete everything: uninstall the app — this removes all AsyncStorage data, all secure-storage entries, and all files in the app-private directory.
• Camera / notifications consent: revoke at any time through Android Settings → Apps → Luhit → Permissions.

We have nothing to delete on our side because we never receive your data.

7. Children's Privacy

The app is a vehicle-ownership utility intended for adult drivers. It is not directed to children under 13 (or the equivalent age in your jurisdiction), and we do not knowingly collect information from children. If you believe a child has used the app, simply uninstall it to remove all data from the device.

8. Security

Sensitive items (Section 2.2) are stored using the Android Keystore, which provides hardware-backed encryption on supported devices and excludes those items from cleartext app backups. Other on-device data is protected by Android's standard app-sandbox isolation.

No on-device storage is invulnerable to a determined attacker with physical access to an unlocked device. You should protect your device with a screen lock and keep your operating system up to date.

9. Changes to This Policy

If the app's data behaviour changes (for example, a new third-party endpoint is added), we will update this policy and revise the "Effective date" above. We do not have a mailing list, so material changes will be reflected here.

10. Contact

Email: danielohayon636@gmail.com

This policy describes the version of the app at the effective date above. Older or beta builds may behave differently.