Defencebay
/
  • trop
  • privacy policy
  • mobile
  • data protection
  • gdpr

TROP Mobile Application Privacy Policy

TROP Mobile Application – Privacy Policy

Last updated: 16 November 2025

This Privacy Policy explains how devopsbay spółka z ograniczoną odpowiedzialnością ("Devopsbay", "we", "us", or "our") handles information in connection with your use of the TROP mobile application ("TROP", the "App").

TROP is a tactical awareness and communication application designed for field operations, mission planning, and real-time data exchange. It is built with privacy and security as core principles.

By using the TROP App, you agree to this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the App.

1. Data Controller

The data controller under applicable data protection laws (including the GDPR) for the processing described in this Privacy Policy is:

  • Devopsbay spółka z ograniczoną odpowiedzialnością
  • ul. Leśna 1
  • 81-876 Sopot
  • Poland

For any questions regarding this Privacy Policy or data protection, you can contact us at:

E-mail: privacy@defencebay.com

2. Scope of This Privacy Policy

This Privacy Policy applies only to how information is processed in connection with your use of the TROP iOS App installed on your device.

It does not apply to:

  • TAK servers or other backend services you connect TROP to (including TAK servers operated by Devopsbay);
  • Any websites, other apps, or services operated by Devopsbay;
  • Any third-party servers or services (including TAK servers) that you or your organisation operate or configure for use with TROP.

When you connect TROP to a TAK server (whether operated by Devopsbay or a third party), your data is processed under a separate privacy policy applicable to that service.

3. Key Principle – No Data Collected by Devopsbay via the App Itself

TROP is designed so that:

  • We do not collect or store any personal data on our servers simply because you have installed or are using the App on your device.
  • We do not operate any default backend server that automatically receives data from the App.
  • Any transmission of data from the App occurs only to servers that you or your organisation explicitly configure (for example, a TAK server).
  • If you connect to a Devopsbay-operated TAK server, that connection and any related processing are considered a separate service, governed by a separate TAK server privacy policy.

4. Information Processed by the App

The App may process certain categories of information locally on your device and, if you configure it to do so, transmit them to servers you choose (such as TAK servers). Devopsbay does not automatically receive this information merely because you use the App.

4.1 Location Data

To provide core tactical functionality, the App may request access to your device's location services, including:

  • Real-time position tracking for situational awareness;
  • GPS coordinates for mission planning and navigation;
  • Location sharing with authorised team members;
  • Geospatial data for map overlays and tactical markers.

By default:

  • Location data is processed locally on your device.
  • Location data is transmitted only to servers that you or your organisation explicitly configure in the App.
  • Devopsbay does not collect or store your location data on its own servers solely through your use of the App.

You can disable location access at any time in your iOS Settings. Disabling location may limit or disable certain features.

4.2 Device Information

For technical functionality and security (e.g., when communicating with a server you have configured), the App may process:

  • Device model and operating system version;
  • Device or certificate identifiers used for authentication and security;
  • Network information (such as IP address and connection type);
  • Application version and installation details.

These data are used to:

  • Ensure compatibility of the App with your device;
  • Enable secure communication with servers you configure;
  • Support troubleshooting and stability (e.g., local logs).

Devopsbay does not receive this information by default.

4.3 User-Generated Content

The App allows you to create and handle various operational and tactical data, such as:

  • Tactical markers and annotations on maps;
  • Messages and other communications with team members;
  • Photos, videos, and other media files;
  • Mission plans and operational data.

This content is:

  • Stored locally on your device by default;
  • Transmitted only to servers that you configure (for example, TAK servers of your organisation);
  • Not accessible to Devopsbay unless it is sent to a Devopsbay-operated service under a separate privacy policy.

4.4 Network and Communication Data

To enable communication features, the App may process:

  • Network connection status and quality;
  • Server connection status (e.g., connected/disconnected);
  • Authentication tokens and certificates;
  • Local communication logs (stored on your device or, if you configure it, on your organisation's infrastructure).

This information is used to maintain secure and reliable communication with servers that you configure. Devopsbay does not receive these data solely due to your use of the App.

5. How the App Uses Information

The App uses the information described above to:

  • Provide real-time situational awareness and mapping features;
  • Enable secure communication and coordination between team members;
  • Support mission planning and operational workflows;
  • Maintain application security and prevent unauthorised access;
  • Improve performance and stability at the device level (e.g., local error logging).

5.1 Local Storage and Transmission

TROP follows a local-first and user-controlled design:

  • All data is stored locally on your device by default.
  • Data transmission occurs only when you configure and connect the App to a TAK or similar server.
  • You retain full control over which servers and networks your data is transmitted to.
  • We do not operate default servers that collect your data from the App.
  • If secure server configurations are used, communications can be protected with encryption (e.g., TLS, VPN, or end-to-end encryption where supported by your server setup).

6. Analytics and Improvements

As of the date of this Privacy Policy:

Devopsbay does not collect analytics, telemetry, or usage statistics from your device via the TROP App.

If in the future we introduce fully anonymised, aggregated statistics, we will:

  • Ensure they cannot reasonably be used to identify individual users; and
  • Update this Privacy Policy to clearly describe what is collected and for what purposes.

7. TAK Servers and Third-Party Services

TROP can be configured to connect to:

  • TAK servers operated by Devopsbay;
  • TAK servers operated by your organisation or other third parties;
  • Other third-party services (for example map providers), as configured by you or your organisation.

In such cases:

  • Data (which may include personal and operational data) is processed according to the privacy policy of the respective server or third-party service.
  • The data controller may be Devopsbay (for a Devopsbay-operated TAK service), your organisation, or another third party.
  • Before using any such server or service, you should review and understand the applicable privacy policy and terms of that service.

8. Legal Basis for Processing (GDPR / RODO)

Under the EU General Data Protection Regulation (GDPR) and Polish data protection law:

For the TROP App itself, Devopsbay does not collect or process personal data on its own servers solely due to your use of the App, so no ongoing processing takes place for which Devopsbay would need to rely on a legal basis under Article 6 GDPR in this context.

In other contexts—such as operating a Devopsbay TAK server, handling support requests, or performing contractual or statutory obligations—Devopsbay may process personal data based on legal grounds including:

  • Contract (Art. 6(1)(b) GDPR), where processing is necessary to perform a contract or take steps at your request before entering into a contract;
  • Legal obligation (Art. 6(1)(c) GDPR);
  • Legitimate interests (Art. 6(1)(f) GDPR), such as IT security, fraud prevention, and defence of legal claims;
  • Consent (Art. 6(1)(a) GDPR), where applicable.

Details of such processing are provided in the separate privacy policy of the relevant service (e.g. a Devopsbay TAK server).

9. Data Sharing and Disclosure

With respect to the TROP App itself:

Devopsbay does not share your personal data with third parties, because Devopsbay does not receive personal data from the App by default.

In contexts where Devopsbay acts as a data controller (for example, in connection with its own backend services), personal data may be shared with:

  • Service providers acting as processors (e.g., hosting providers, IT support), under data processing agreements;
  • Public authorities and courts, if required by law or legal process;
  • Other entities in the event of a corporate transaction (merger, acquisition, sale of assets), subject to compliance with data protection laws.

Such arrangements are described in the privacy policy for the relevant service.

10. Data Security

We recognise that TROP may be used in sensitive operational contexts. The security of your data depends on:

  • Security features of iOS and your device (including device-level encryption);
  • Network and infrastructure security where you use the App;
  • Security and configuration of the TAK servers and other backend services you connect to (for example, use of encryption and strong authentication).

Where possible and supported by your configuration:

  • Communications between the App and servers can be encrypted;
  • Secure authentication mechanisms can be used to prevent unauthorised access.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are encouraged to:

  • Use trusted servers and networks;
  • Keep your device and operating system up to date;
  • Protect your device with strong authentication (passcode, password, biometrics);
  • Limit access to your device to authorised personnel only.

11. Data Retention

For the TROP App itself:

  • Data is stored locally on your device for as long as you retain it, according to your configuration and device settings.
  • When you uninstall the App, the app-specific data stored on your device is typically deleted in accordance with iOS behaviour.

For data stored on servers you connect to (such as TAK servers):

  • Retention is determined by the administrator of those servers and governed by their respective privacy policies and data retention rules.

Any anonymised, aggregated analytics (if ever introduced) would be stored only for as long as necessary for the stated purpose, as described in an updated version of this Policy.

12. Your Rights under GDPR

In situations where Devopsbay acts as a data controller (for example, in connection with its own services), you may have the following rights under GDPR:

  • Right of access to your personal data;
  • Right to rectification of inaccurate or incomplete data;
  • Right to erasure ("right to be forgotten") in the cases provided by law;
  • Right to restriction of processing;
  • Right to data portability, where applicable;
  • Right to object to processing based on legitimate interests;
  • Right to withdraw consent at any time, where processing is based on consent (without affecting the lawfulness of processing prior to withdrawal);
  • Right to lodge a complaint with a supervisory authority, in particular with the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych) in Poland or another competent authority in the EU/EEA.

To exercise your rights in relation to processing activities where Devopsbay is the controller, please contact us using the contact details in Section 1.

If your data is processed on a TAK server or other service operated by your organisation or a third party, you should contact that organisation or service provider directly.

13. Children's Privacy

TROP is intended for professional and organisational use and is not directed at children.

We do not knowingly target or collect personal data from children under 16 years of age (or the applicable age of consent in your jurisdiction) in connection with the App. If you believe that a child's data is being processed in connection with a related service (e.g. a TAK server), please contact the relevant service operator and/or us so that appropriate steps can be taken in line with applicable law.

14. Compliance

This Privacy Policy is designed to comply with:

  • The EU General Data Protection Regulation (GDPR);
  • The Polish Personal Data Protection Act;
  • Other applicable data protection and privacy laws.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect:

  • Changes in applicable laws;
  • Updates to the functionality of the App;
  • Changes in our organisational structure or services (including TAK services).

When we make material changes, we will:

  • Publish the updated Privacy Policy in a location accessible to users of the App; and
  • Update the "Last updated" date at the top of this document.

We encourage you to review this Privacy Policy periodically.

16. Contact

If you have any questions, requests, or concerns about this Privacy Policy or our data protection practices, please contact:

  • Devopsbay Spółka z Ograniczoną Odpowiedzialnością
  • ul. Leśna 1
  • 81-876 Sopot
  • Poland
  • E-mail: privacy@defencebay.com

Proven in action built for Poland

We gained expertise in real operations — from Ukraine, where network-centric communication systems proved their effectiveness, to projects for companies working with the US DoD.Today we translate these experiences into strengthening the country's defense, offering a modern, made in Poland communication ecosystem: TROP (Polish version of TAK), managed TROP/TAK servers (vehicle/cloud/on-prem) and resilient Mesh LoRa radios with native Mesh↔IP synchronization and off-grid mode.
Contact us