Privacy Policy for IDKAVACH Android App

Data Safety

Question: Does IDKAVACH collect or share any of the user data?

Answer: No

IDKAVACH app is strictly offline and stores all information (including the email address) only in a local SQLite database.

Data that is accessed or stored by IDKAVACH is only processed locally on the user's device (and never sent to a server). Database is stored in the app’s private internal storage and is never uploaded to a cloud or third-party service.

Local-Only Storage: All user-provided data, including the email address used for account identification, is stored in a local SQLite database. This database resides within the app's private sandbox and is not accessible by other applications or sent to external servers.

No "Sharing": IDKAVACH app has no network communication for data transfer, there is no mechanism to "share" data with third parties.

Privacy-First Architecture: The email address acts solely as a local identifier. The app does not utilize any third-party SDKs (like Firebase, Analytics, or AdMob) that might trigger background data collection.

Third-Party SDKs: IDKAVACH app has not integrated any libraries (like crash reporting or analytics) that automatically ping a server with device IDs or metadata.

Backup Services: Backup of IDKAVACH SQLite database file has been explicitly disabled in AndroidManifest.

Sharing of Credential: User can RSA encrypt a credential (username + password) with a receiver's Public Key, and send it by email for sharing that credential with the receiving user. However, this is not "App Sharing" but it is "User-Initiated Actions".

The data is sent off the device only after a specific user action.

The user manually chooses exactly where the data is going (e.g., via the Android Intent system).

IDKAVACH app uses an Intent to open the user's preferred email app (like Gmail or Outlook) and populates the body with the encrypted text, IDKAVACH app is not doing the sharing. The user is sharing the data via a third-party app.

The Technical Logic

The App Encrypts: The RSA encryption happens locally.

The App Hands Off: IDKAVACH uses Intent.ACTION_SEND. This opens the system share sheet.

The User Decides: The user selects "Gmail."

The OS Takes Over: IDKAVACH app's responsibility ends the moment the data is handed to the Android OS.

Thus "IDKAVACH app does not transmit user data to any external servers. Any 'sharing' of credentials is a manual, user-initiated action where data is passed to a third-party application of the user's choice via standard Android Intents. The IDKAVACH app itself maintains no network communication for data transfer."

Internet Permission

Scoped Usage: The INTERNET permission is utilized exclusively by the official com.android.billingclient library to communicate with Google Play servers for license verification.

No Developer Access: IDKAVACH app does not transmit any user-generated content, credentials, or the local SQLite database to any third-party or developer-owned servers.

System Integrity: License checks are a "Service Functionality" required for the IDKAVACH app to operate within the Google Play ecosystem and are not "User Data Collection" under the Data Safety guidelines.

If you installed this application from Google Play, then Google Play does collect some personal data. Please see the privacy policy for Google Play Services here: https://policies.google.com/privacy

ID KAVACH ICON 512x512px