ProofPocket — Privacy Policy

Introduction

ProofPocket ("the App") is a privacy-first receipt and warranty tracker that helps you store proof of purchase, track return and warranty deadlines, and export Proof Packs.

This Privacy Policy explains how information is handled when you use the App and related services.

Who we are

• Developer: BlueSparrow (solo developer based in India)
• Website: https://bluesparrow.dev

Contact Information

• Privacy inquiries: privacy@bluesparrow.dev
• General inquiries: info@bluesparrow.dev

Quick Summary (Plain Language)

• ProofPocket is offline-first. Most data you add stays on your device.
• We do not sell personal data and we do not run third-party advertising trackers.
• Some optional features use third-party providers (for example, subscriptions and Drive backup). These providers have their own policies.
• Google Drive backup (optional) stores an encrypted backup in your own Google Drive appDataFolder.

1. Information We Handle

1.1 Information you create in the App (stored locally by default)

When you use ProofPocket, you may create and store:

• Item details (for example: item name, store, category, purchase date, return window, warranty duration, serial/model, notes)
• Attachments (for example: receipt photos, receipt PDFs, warranty documents, product photos)
• Reminder settings (lead times, enable/disable)
• Exports generated by the App (for example: Proof Pack PDFs, ZIP bundles, inventory CSV)

By default, this information is stored locally on your device in app-private storage.

1.2 Optional account information (only if you choose to sign in)

ProofPocket can optionally support sign-in using Google (Firebase Authentication). If you sign in, we may handle:

• Your Google account identifier (UID)
• Your email address and display name (as provided by Google, depending on your account settings)

Sign-in is optional and used primarily for subscription restore convenience and Google Drive backup.

1.3 Subscription information

ProofPocket offers optional subscription-based Pro features. Subscriptions are processed by:

• Google Play Store (payments)
• RevenueCat (subscription status and entitlement management)

We do not receive your full payment card details. Payment information is handled by Google Play. We may receive subscription status/entitlement information (for example: whether Pro is active) through RevenueCat.

1.4 Optional Google Drive backup/restore (Drive-only; no Firebase Storage)

If you enable Google Drive backup/restore, the App may request permission to access:

• Google Drive appDataFolder (a hidden app-specific folder)

Backup behavior:

• The App creates a backup archive containing your local database and attachments.
• The archive is encrypted on your device using a backup passphrase you choose.
• The encrypted backup file is uploaded to your own Google Drive appDataFolder.

Important:

• The backup passphrase is required to restore backups.
• If you forget the passphrase, the encrypted backup cannot be decrypted.

1.5 Permissions and device features

Depending on what you use, ProofPocket may request:

• Camera (to capture receipt photos)
• Photos/media access or document picker access (to import images/PDFs)
• Notifications permission (to deliver reminders, if enabled)
• Biometric authentication (for Pro app lock; the App does not receive biometric data, only a success/failure response from the operating system)

You can revoke permissions in your device settings at any time.

1.6 Support communications

If you email us, we will receive the information you include in your message (for example: your email address and message content). We use this only to respond and provide support.

2. Information We Do Not Collect

We do not intentionally collect:

• Your precise location
• Your contacts/address book
• Your call logs or SMS
• Your browsing history
• Advertising identifiers for tracking across apps
• Third-party behavioral analytics or data broker profiles

3. How We Use Information

We use information to:

• Provide core App functionality (items, attachments, reminders, exports)
• Enable Pro features and confirm subscription status (via RevenueCat)
• Enable Google sign-in when you choose it
• Enable Google Drive backup/restore when you choose it
• Respond to support requests and improve the App

We do not use your information for targeted advertising.

4. Where Your Data Is Stored

• On your device (default): item data, attachments, reminders, exports.
• Your Google Drive (optional): encrypted backup archives in Drive appDataFolder.
• Third-party systems (limited):
  • Google Play / RevenueCat for subscription processing and entitlement checks
  • Firebase Authentication for optional sign-in

We do not store your receipts/items on our own servers as part of the App's core design.

5. Sharing and Disclosure

We share information only:

• When you explicitly choose to use a third-party feature (for example, Google sign-in or Drive backup)
• When required to operate subscriptions through app store and subscription providers
• When required to respond to valid requests under applicable data protection rules

We do not sell personal data.

6. Data Security

We take reasonable steps to protect information handled by the App:

• App-private storage for attachments and database on device
• Encrypted Drive backups (passphrase-based encryption performed on device)
• Secure connections (HTTPS) for network requests to third-party providers

No system is perfectly secure. We encourage you to keep your device protected and avoid sharing your backup passphrase.

7. Data Retention

• Local App data: stored until you delete it in the App or uninstall the App.
• Google Drive backups (optional): stored in your Google Drive until you delete them.
• Subscription records: retained according to Google Play and RevenueCat requirements.
• Support emails: retained only as long as needed to respond and maintain support history.

8. International Users and Cross-Border Processing

The developer is based in India. If you use ProofPocket from another country, third-party providers (such as Google and RevenueCat) may process data in different locations depending on their infrastructure.

9. Your Privacy Rights (Global)

We respect privacy rights globally and will respond to legitimate requests regardless of your location.

9.1 EEA/UK/Switzerland (GDPR / UK GDPR)

Depending on your circumstances, you may have rights such as:

• Access to personal data
• Correction of inaccurate data
• Deletion
• Restriction of processing
• Data portability
• Objection to processing
• Withdrawal of consent (where applicable)

9.2 United States (including California)

Where applicable, you may have rights such as:

• Knowing what categories of personal information are handled
• Requesting deletion of personal information
• Requesting access to personal information

We do not sell personal information.

9.3 Other jurisdictions

You may have additional rights under your local laws. Contact us and we will make reasonable efforts to help.

To exercise rights, contact: privacy@bluesparrow.dev

10. Children's Privacy

ProofPocket is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, please contact us at privacy@bluesparrow.dev.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will update the "Last Updated" date and may provide an in-app notice for significant changes.

12. Contact Us

• Privacy inquiries: privacy@bluesparrow.dev
• General contact: info@bluesparrow.dev
• Website: https://bluesparrow.dev

13. Consent

By using ProofPocket, you agree to the handling of information as described in this Privacy Policy.