1 Introduction
Siva Medicals ("we", "our", or "us"), operated by DCubeAI (dcubeai.com), provides a field service management application ("the App") for authorised service engineers and technicians. This Privacy Policy explains what personal data we collect, why we collect it, how it is used, and your rights in relation to that data.
2 Who This App Is For
This App is intended exclusively for authorised employees and field engineers of organisations that have contracted with DCubeAI. It is not available to the general public and is not directed at children under the age of 18.
3 Information We Collect
3.1 Account & Identity Data
- Full name, phone number, and role (collected at account creation by your administrator)
- Authentication credentials (hashed password — we never store plain-text passwords)
- User ID assigned by our system
3.2 Location Data
Precise GPS coordinates are captured at two specific moments during a service visit:
- When an engineer marks a ticket as "On-Site Started"
- When an engineer marks a ticket as "Work Completed"
3.3 Service & Operational Data
- Service ticket details: ticket ID, status, customer name, equipment details, site address
- Call logs, field notes, and work descriptions entered by the engineer
- Spare parts requests and defective return records
- Field Service Reports (FSR) and photos/documents uploaded as evidence
3.4 Device & Technical Data
- Device push notification token (FCM token) — used solely to deliver job alerts to your device
- App crash reports and diagnostic logs (via Firebase Crashlytics)
- Device model and operating system version (included automatically in crash reports)
3.5 Usage Analytics
- In-app events such as screens viewed, actions performed, and features used (via Firebase Analytics)
- Every event is tagged with your user ID, name, and session ID so your organisation's administrators can audit engineer activity within the Firebase Console
4 How We Use Your Information
| Purpose | Legal Basis |
|---|---|
| Authenticate you and maintain your session | Contract performance |
| Assign and manage service tickets | Contract performance |
| Record GPS coordinates to verify on-site attendance | Legitimate interest (operational audit) |
| Send push notifications for new tickets and updates | Contract performance |
| Generate field service reports for customers | Contract performance |
| Analyse app usage to improve performance and UX | Legitimate interest |
| Diagnose crashes and bugs | Legitimate interest |
| Comply with legal obligations | Legal obligation |
5 Location Data — Additional Details
Because location is sensitive we apply the following controls:
- Purpose limitation: GPS coordinates are attached only to the specific service ticket being actioned. They are not shared with marketing or advertising partners.
- Access control: Coordinates are visible only to authorised administrators and the engineer who submitted them.
- No background tracking: The App does not request the "Always On" location permission. Location is requested only when you explicitly perform an on-site or completion action.
- Retention: Location records are retained for the duration required to support audit, warranty, and compliance purposes (see Section 8).
6 Information Sharing
We do not sell, rent, or trade your personal data. We may share data with:
| Recipient | Reason |
|---|---|
| Google Firebase (Crashlytics, Analytics, Cloud Messaging) | Crash reporting, usage analytics, push notifications — governed by Google's Privacy Policy |
| Your employer / contracting organisation | Access to service records, GPS timestamps, and work evidence as part of the service contract |
| Law enforcement / regulatory bodies | When required by applicable law or court order |
All third-party processors are contractually bound to process data only on our documented instructions.
7 Firebase Services
The App uses the following Firebase services provided by Google LLC:
| Service | Data Sent | Purpose |
|---|---|---|
| Firebase Analytics | User ID, device info, in-app events | Usage analysis and performance monitoring |
| Firebase Crashlytics | Stack traces, device state, user ID | Crash detection and bug resolution |
| Firebase Cloud Messaging (FCM) | FCM device token | Push notifications for job assignments and updates |
Firebase data is processed in accordance with Google's Privacy Policy.
8 Data Retention
| Data Type | Retention Period |
|---|---|
| Service tickets and work records | 7 years (audit and warranty compliance) |
| GPS attendance records | 7 years |
| Uploaded photos and FSR documents | 7 years |
| Crash reports and analytics events | 90 days (Firebase default) |
| Push notification tokens | Until the user account is deactivated |
| Account data | Until the service contract ends, then deleted within 90 days |
9 Data Security
- All data in transit is encrypted using TLS 1.2 or higher.
- Passwords are stored as salted hashes — never in plain text.
- Access to production systems is restricted to authorised DCubeAI personnel.
- The App enforces single-device login — signing in on a new device automatically invalidates the previous session.
- We conduct periodic security reviews of our backend infrastructure.
10 Your Rights
Depending on your jurisdiction you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data (subject to legal retention obligations)
- Object to or restrict processing
- Data portability — receive your data in a structured, machine-readable format
11 Children's Privacy
The App is restricted to adult field service professionals. We do not knowingly collect data from anyone under 18. If you believe a minor has accessed the App, please contact us immediately at privacy@dcubeai.com so we can deactivate the account and delete the data.
12 Changes to This Policy
We may update this policy from time to time. When we do, we will:
- Update the "Last Updated" date at the top of this document.
- Notify active users via an in-app message before the changes take effect.
- Publish the updated policy at the URL registered with the App Store and Play Store.
Continued use of the App after the effective date constitutes acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy:
DCubeAI
📱 App: Siva Medicals (com.dcubeai.sms)
For data protection enquiries related to a specific employer contract, please also contact your organisation's data protection officer.