Your data stays yours.
We built it that way.
Both tools are offline-first because switchrooms have no signal. That design choice has a side effect worth spelling out: they are also about as private as working software can be. This page is the plain-English version, with enough technical detail underneath that your IT department can verify it rather than take our word for it.
The whole of what we hold
When you request a licence, you email us two things: the name you typed into the app and the device code it shows you. We keep that pair so we can sign your licence key, and re-issue it if you change handsets. That is the entire dataset. You send it yourself, from your own mail app, and you can read exactly what's in it before it goes.
- No accounts, no passwords, no profile.
- No usage tracking, no analytics, no crash reporting, no advertising IDs.
- No payment details stored in or around the software; invoicing happens by email like any other supplier.
Want your licence record deleted? Email us and it's gone. Your installed licence keeps working; it lives on your device, not with us.
What the device code is (and isn't)
The 16-character code on the licence screen is a one-way SHA-256 hash computed on your handset from the app's installation identifier, the phone's model fields and your name. It is not your IMEI, serial number or phone number, and none of those can be recovered from it.
On Android 8 and later the underlying identifier is scoped to the app's signing key: other apps on the same phone are given different values, so the code can't be used to correlate you across apps. It identifies your copy of BTS Toolbox on that handset, which is exactly as much as a per-device licence needs, and nothing more.
Your sites never leave your device
BTS Toolbox does everything on the phone. Relay settings, test results and selections are stored locally and computed locally. It has no way to send them anywhere even if it wanted to; see the permissions note below.
SLD Platform keeps your surveys, single-line diagrams, asset registers and switching schedules in your browser's storage on your machine. There are no user accounts, no cloud store and no sync service. When you share a site file, the app hands you a file and you choose how to send it; it never routes through us.
Your network drawings are commercially and operationally sensitive documents. We treat them the simplest way possible: we never have them. They are your property, on your hardware, full stop.
For IT: verify it, don't trust it
BTS Toolbox (Android APK)
The manifest requests zero permissions. Not internet, not
storage, not camera, not location. Android therefore denies the app any network
access at the operating-system level; there is no code path to phone home.
Confirm with aapt dump permissions bts-toolbox-1.7.3.apk: the only
entry is the app's own
DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION, a housekeeping marker the
AndroidX build tooling generates inside every modern app; it grants nothing and
requests nothing from the system. Check the signature with
apksigner verify --print-certs. The SHA-256 of every release is
published next to its download link.
Licensing is offline public-key cryptography. The APK embeds
only an ECDSA P-256 public key; your licence is a signed token verified
on the device. There is no activation server, no periodic check-in, no network
dependency. Android backup of app data is disabled
(allowBackup=false) so licence state can't be silently cloned off
the handset.
SLD Platform (web app)
It's a static application. Your browser downloads the app itself from our host, and that is the only traffic there is: the app's code contains no API calls and there are no server endpoints to receive data. Watch the network tab while you work; after the app loads, it goes quiet.
Site data lives in the browser's local storage under your own user profile, which is why it works with no signal. A standard service worker caches the app for offline use. Licence unlock codes are verified locally with WebCrypto, the same offline design as the Android app.
This website
Static pages on a CDN. No analytics, no tracking scripts, no cookies. The only channel between you and us is email.
Questions we haven't covered? Put your IT department in touch directly at info@btspower.co.uk. It's software built by engineers who sit on the other side of those security reviews too; it's usually a short conversation.
The short version
We hold one licence record. Everything else stays on your device, and the software is built so that you can prove that, not just read it here.
Back to BTS Power