1. Introduction
License to Deduct is a mileage tracking application designed for freelancers, independent contractors, and self-employed professionals who file Schedule C tax returns. The app automatically tracks business miles driven, classifies trips, and generates IRS-compliant mileage reports to help you claim every deduction you have earned.
License to Deduct is developed and operated by Valley Technologies Group, LLC ("VTG," "we," "us," or "our"). This Privacy Policy explains what data we collect, how we handle it, and the choices you have over your information.
What makes License to Deduct different from other mileage trackers is that we give you meaningful control over where your data lives. We offer three distinct privacy tiers, and you choose the one that matches your comfort level. The default is the most private option available: everything stays on your device.
2. The Privacy Tiers — Your Choice
When you set up License to Deduct, you select one of three privacy tiers. Each tier determines what data, if any, leaves your device and is stored on VTG servers. You can change your tier at any time from within the app.
Local Privacy Shield
Default
This is the most private option and the default for all new users. When you choose Local Privacy Shield, your data never leaves your device:
- All trip data — including GPS coordinates, routes, timestamps, distance, and classifications — is stored exclusively on your device.
- Nothing is transmitted to VTG servers. We have zero access to your trip data, location history, or driving patterns.
- You can create encrypted backups manually from within the app and export them via your device's share sheet.
- You control where those backups are stored: a local hard drive, a USB stick, your own personal cloud storage, or anywhere you choose.
- Because no trip data exists on our servers, VTG cannot produce it in response to any third-party request, legal or otherwise.
IRS Smart Sync
IRS Smart Sync is designed for users who want cloud backup of their tax-relevant data without exposing their location history. Only the minimum fields required for IRS compliance are synced:
- Three fields sync to VTG servers: trip date, distance traveled, and business purpose.
- GPS coordinates, route geometry, location names, start and end addresses, and all other geographic data remain exclusively on your device.
- Synced data is encrypted in transit using TLS 1.3 and encrypted at rest using AES-256 on our servers.
- This tier enables cross-device access to your IRS-required mileage data, so you can view your deduction totals from a second device or the web.
- Because we store only date, distance, and purpose, VTG cannot reconstruct your routes or determine where you drove, where you stopped, or what locations you visited.
Full Cloud Sync
Full Cloud Sync provides the most convenient experience for users who want complete cross-device access and seamless device migration:
- All trip data syncs to VTG servers, including GPS coordinates, route details, start and end locations, timestamps, distances, and classifications.
- All data is encrypted in transit using TLS 1.3 and encrypted at rest using AES-256.
- You can access your full trip history from any device signed into your account, making it easy to switch phones or use multiple devices.
- Even on this tier, VTG will never sell, license, rent, or share your data with any third party for any commercial purpose. Your trip data exists solely to provide the mileage tracking service to you.
3. What We Collect Beyond Trip Data
Regardless of which privacy tier you select, License to Deduct collects a small amount of non-trip information to operate the service:
- Account information: Your email address and name, provided during account creation. This is used for authentication, password recovery, and service communications.
- Device information: Device model, operating system version, and app version. This is collected to ensure compatibility, diagnose issues, and deliver appropriate updates.
- Anonymous usage analytics: Aggregated feature usage counts, crash reports, and session duration. These analytics contain no GPS data, no trip data, no location information, and no personally identifying details. They help us understand which features are used and where the app crashes so we can improve stability.
We do not collect:
- Your contacts, photos, or files
- Your browsing history or search history
- Advertising identifiers or tracking pixels
- Data from other apps on your device
- Any information unrelated to the mileage tracking service
4. How We Use Your Data
The data we collect is used for the following purposes and no others:
- Providing the mileage tracking service based on your selected privacy tier, including trip recording, classification, and report generation.
- Generating IRS-compliant mileage reports that meet Schedule C documentation requirements, exportable as PDF or CSV.
- Improving app stability and performance by analyzing anonymous crash reports and usage patterns to identify and fix bugs.
- Communicating service updates such as important security notices, changes to these terms, or significant new features. We keep these communications infrequent and relevant.
We never use your trip data, location history, or driving patterns for advertising, behavioral profiling, market research, or any purpose beyond providing and improving the mileage tracking service you signed up for.
5. Data Sharing — Our No-Sell Commitment
Valley Technologies Group will never sell, license, rent, or share your personal data, location history, or trip information with any third party for advertising, marketing, data brokerage, or any commercial purpose. This is not a qualified promise. It is absolute.
The only circumstances under which we would disclose user data to a third party are:
- Legal obligation: When compelled by a valid court order, subpoena, or other legal process that we have reviewed and determined to be enforceable. We will notify you before disclosing data unless prohibited by law from doing so.
- Safety: To prevent an imminent threat to the life or physical safety of a person, in the rare and extreme circumstance where disclosure is necessary.
- Your explicit consent: If you specifically and affirmatively authorize us to share particular data with a named third party for a stated purpose.
It is important to note: if you use the Local Privacy Shield tier, there is no trip data on our servers. We cannot share, produce, or disclose what we do not have — even under legal compulsion.
6. Data Retention & Deletion
How long your data is retained depends on your chosen privacy tier:
- Local Privacy Shield: All trip data exists only on your device. Uninstalling the app or clearing app data removes it permanently. VTG retains nothing because VTG never receives it.
- IRS Smart Sync and Full Cloud Sync: Cloud-stored trip data is retained for as long as your account remains active and you remain on that tier.
You have the following deletion options:
- Delete cloud data on demand: Go to Settings > Data & Privacy > Delete Cloud Data within the app to remove all cloud-stored trip data at any time.
- Downgrade to Local Privacy Shield: When you downgrade from a cloud tier to Local Privacy Shield, your cloud-stored trip data is scheduled for permanent deletion after a 72-hour grace period. This grace period allows you to change your mind before deletion is irreversible.
- Delete your account: Requesting account deletion will remove all cloud-stored data, account credentials, and associated information from our servers within 30 days.
Anonymous, aggregated analytics data (which contains no personal or trip information) may be retained indefinitely for product improvement purposes.
7. Data Security
We take the security of your data seriously at every layer:
- In transit: All data transmitted between the app and our servers uses TLS 1.3 encryption, the current highest standard for transport security.
- At rest (cloud): Data stored on our servers is encrypted using AES-256, a standard trusted by financial institutions and government agencies.
- On device: On-device trip data is protected using platform-native encryption — iOS Data Protection and Keychain Services on Apple devices, and the Android Keystore system on Android devices.
- Access controls: No VTG employee has routine access to individual user trip data. Access to production data requires explicit authorization, is logged, and is limited to resolving specific technical issues.
- Incident disclosure: In the event of a security incident that affects user data, we will notify affected users within 72 hours of confirming the breach, along with details about the nature of the incident and the steps we are taking to address it.
8. Your Rights
You have the following rights regarding your data:
- Access: You can request a complete copy of your cloud-stored data at any time by contacting us. For Local Privacy Shield users, all data is already on your device and fully accessible to you.
- Deletion: You can delete all cloud-stored trip data from within the app at any time, or request complete account deletion by contacting us.
- Portability: You can export all your trip data as CSV or PDF directly from the app. Your data belongs to you, and you should be able to take it wherever you want.
- Tier change: You can switch between privacy tiers at any time from Settings > Data & Privacy. Upgrading to a cloud tier begins syncing eligible data. Downgrading to Local Privacy Shield triggers cloud data deletion after the 72-hour grace period.
- Account deletion: You can request complete deletion of your account and all associated data. We will fulfill this request within 30 days.
9. Children's Privacy
License to Deduct is a business mileage tracking tool designed for self-employed adults who file tax returns. It is not intended for use by anyone under the age of 16.
We do not knowingly collect personal information from children under 16. If we learn that we have collected data from a child under 16, we will delete that data promptly. If you believe a child has provided us with personal information, please contact us at the email address listed below.
10. Third-Party Services
We use a minimal set of third-party services to operate License to Deduct. We have intentionally kept this list short and avoided services that track users for advertising purposes:
- Cloud infrastructure provider: Hosts the server-side components for IRS Smart Sync and Full Cloud Sync tiers. Data is encrypted at rest and subject to our data processing agreements.
- Crash reporting service: Receives anonymous crash reports and performance data only. No GPS data, trip data, or personally identifying information is included in crash reports.
- Payment processor: For users who subscribe to paid plans, payment is handled by a PCI-compliant third-party processor. VTG does not store your credit card number or payment credentials on our servers.
We do not use:
- Advertising SDKs or ad networks
- Location-tracking analytics platforms
- Social media SDKs or login kits
- Data brokers or audience enrichment services
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, new features, or legal requirements. When we make changes:
- Material changes (those that affect how your data is collected, used, or shared) will be communicated via in-app notification and email to the address on your account at least 14 days before taking effect.
- Non-material changes (clarifications, formatting, or legal language updates) will be posted here with an updated "Last Updated" date.
- Continued use of License to Deduct after changes take effect constitutes acceptance of the updated policy.
- Previous versions of this policy are available upon request by contacting us.
12. Contact Us
If you have questions about this Privacy Policy, want to exercise your data rights, or have concerns about how your information is handled, we want to hear from you.