AdminVault — Privacy Policy

Introduction

AdminVault is a privacy-first, offline-first app designed to help you store documents and purchase records securely on your device, set reminders, and export proof packs.

This Privacy Policy explains how AdminVault handles information when you use the app.

Who we are

• Developer: BlueSparrow (solo developer based in India)
• Website: https://bluesparrow.dev

Contact Information

• Privacy inquiries: privacy@bluesparrow.dev
• General inquiries: info@bluesparrow.dev

Quick Summary (Plain Language)

• Your vault content (documents, scans, receipts, attachments) is stored on your device by default.
• Backups are optional. If you enable backups, AdminVault encrypts backups before they are saved or uploaded.
• AdminVault does not sell your personal information.
• Some optional features use third-party services (for example Google Sign-In, Google Drive, RevenueCat). These services may process limited information needed to provide those features.

1. What Information AdminVault Handles

1.1 Information you create in the app (your content)

Depending on how you use AdminVault, your content may include:

• Documents, scans, PDFs, images, and attachments you import
• Document metadata such as titles, folders, tags, favorites
• Purchase records such as item name, store, purchase date, warranty fields, notes
• Reminders and deadlines
• Collections (proof packs) and their items

By default, this content is stored locally on your device in app-private storage. We do not receive your vault content unless you explicitly share it outside the app (for example via export/share) or you send it to us for support.

1.2 Account and sign-in information (optional)

AdminVault can work without an account for basic offline use.

If you choose to sign in (for example to enable Drive backups), AdminVault may process:

• A Google account identifier and basic profile information (such as email address and display name) provided by Google Sign-In

1.3 Subscription and purchase information (optional)

If AdminVault offers Pro features, subscription and purchase handling may involve:

• Google Play Billing (for purchases made through Google Play)
• RevenueCat (subscription management provider)

These providers may process purchase receipts, subscription status, and device/app identifiers needed to validate purchases and manage entitlements.

AdminVault may store minimal subscription status locally on your device (for example "Pro active") to enable offline access to premium features.

1.4 Backup information (optional)

If you enable backup features, AdminVault may handle:

• Encrypted backup archives created on-device
• Backup timestamps and file sizes

If you choose Google Drive backup, AdminVault may upload encrypted backups to your Google Drive (typically the app's hidden appDataFolder area). AdminVault does not need access to your entire Drive; it uses Drive scopes to store and retrieve files created by the app.

1.5 Notifications (optional)

AdminVault can show local reminders and notifications.

You can control notifications through device settings. AdminVault can be configured to show non-sensitive notification content by default.

1.6 Technical and diagnostic information

AdminVault aims to minimize data collection. We may handle limited technical information in these cases:

• When you contact support and include diagnostic details
• Basic app metadata needed to troubleshoot (for example app version, device model, OS version)

We do not intentionally collect your vault content for diagnostics.

2. Permissions the App May Request

AdminVault may request the following device permissions depending on features you use:

• Camera (scanning documents)
• Photos/files access (importing documents and attachments)
• Notifications (reminders)
• Biometric authentication (unlocking the app using device biometrics)
• Network access (sign-in, subscription validation, Drive backup)

You can decline permissions, but some features may not work.

3. How We Use Information

We use information to:

• Provide the app's core functionality (vault storage, organization, reminders, exports)
• Encrypt/decrypt your local vault files and backups
• Perform backups and restores you request or schedule (if enabled)
• Provide optional sign-in and subscription management (if enabled)
• Respond to your support requests
• Improve stability and performance

4. Where Information Is Stored

• On your device (default): your content and vault metadata are stored locally on your device. AdminVault is designed to encrypt stored files in the vault.
• In your Google Drive (optional): if you enable Drive backup, encrypted backups are stored in your own Google Drive account. The data remains encrypted and should not be readable without the backup passphrase you set.
• On our servers: AdminVault does not upload your vault content to our servers.
• With subscription providers (optional): if subscriptions are enabled, RevenueCat and Google Play may process data needed to operate subscriptions and validate purchases.

5. Sharing and Disclosure

We do not sell your personal information.

We may share limited information with third parties only when necessary to provide optional features you enable, such as:

• Google services (Google Sign-In, Google Drive API)
• RevenueCat (subscription management)
• Google Play Billing (purchase validation and fulfillment through Google Play)

These providers have their own privacy policies and terms.

We may also disclose information if required to comply with applicable obligations, or to protect users and the integrity of the app (while keeping disclosures as limited as possible).

6. International Users and Legal Bases (GDPR/UK GDPR and Similar Laws)

AdminVault is available globally. If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we process information under legal bases such as:

• Your consent (for optional sign-in, Drive backups, notifications)
• Performance of a contract (to provide requested features)
• Legitimate interests (for security, fraud prevention, and app integrity), balanced with your rights

You may withdraw consent at any time by disabling optional features or adjusting device/app settings.

7. Your Privacy Rights

Depending on your location, you may have rights such as:

• Access to the personal information we hold about you (if any)
• Correction of inaccurate information
• Deletion of certain information
• Data portability (where applicable)
• Restriction or objection to certain processing (where applicable)
• Opt-out of certain types of processing (where applicable)

7.1 EEA/UK/Switzerland

You may have the right to contact your local data protection authority if you have concerns.

7.2 United States (including California and other states)

We do not sell personal information. Where applicable, you may have rights to know, access, delete, or correct personal information we hold about you, and to opt out of certain sharing/processing.

7.3 India and other regions

You may have rights under applicable local laws. We aim to honor reasonable requests in a consistent way globally.

To make a request, email privacy@bluesparrow.dev. To help us verify your request, we may ask for information that confirms you control the relevant account.

8. Data Retention

• Local vault content: retained on your device until you delete it or uninstall the app.
• Drive backups (if enabled): retained in your Google Drive until you delete backups or disable the feature.
• Account/subscription metadata (if enabled): retained while you use the account features, and may remain for a reasonable period for operational purposes unless you request deletion (subject to subscription records that may need to be retained by providers).

9. Security

We use security measures appropriate for a privacy-focused vault app, such as:

• Encrypting stored vault files
• Using OS secure storage for sensitive key material (where available)
• App lock options (biometrics/PIN) and auto-lock

No method of storage or transmission is 100% secure. You should protect your device, use strong device security, and keep your backup passphrase safe.

10. Children

AdminVault is not intended for children. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in the app or legal requirements. The "Last updated" date at the top shows when it was last revised.

12. Contact

• Website: https://bluesparrow.dev
• General: info@bluesparrow.dev
• Privacy: privacy@bluesparrow.dev

13. Consent

By using AdminVault, you agree to the handling of information as described in this Privacy Policy.