MsgVault Privacy policy
🔒 Privacy Policy
Effective Date: February 1, 2026
Last Updated: June 13, 2026
Welcome to MsgVault – Delete Recovery (also referred to as "MsgVault", "App", "we", "us", or "our"). This Privacy Policy explains exactly how we collect, use, store, and protect your information when you use our application. It is written to match the App's actual behaviour precisely and to satisfy Google Play's Data Safety requirements.
Data Safety disclosure approach: For maximum transparency, our Google Play Data Safety answers may disclose data as collected or shared even when MsgVault only reads, creates, stores, imports, exports, or processes that data locally on your device, offline, or through a user-initiated share/send action. In this Policy, we distinguish local/on-device processing from data sent to Google, another app, or a third-party SDK. MsgVault does not operate its own cloud server for your saved message content.
1. Information We Collect
1.1 Data Collected via Notification Listener (Core Feature)
To provide its primary function — capturing and archiving messages — the App uses Android's Notification Listener Service. When granted permission, it reads:
- Notification text content: The visible text (title and body) of notifications from apps you choose to monitor (for example WhatsApp, Telegram, Signal, social apps, email apps, or SMS/MMS-style messaging apps if you enable them).
- Sender name / identifier: The display name shown in the notification.
- Timestamp: The time the notification was received.
- App source: The package name of the app that sent the notification (e.g.,
com.whatsapp). - Notification media (optional): Profile pictures or image previews extracted directly from the notification payload using Android's
EXTRA_LARGE_ICON,EXTRA_PICTURE, andMessagingStyleAPIs. No external storage files are read. - Deletion events: When a notification is removed by the source app, the App records this to identify potentially deleted messages.
All of this data is stored in app-private storage on your device. It is never transmitted to our own servers by MsgVault. It may be shared with another app or provider only when you intentionally use a feature that does so, such as Direct Chat, Android share/export actions, auto-reply, or scheduled/repeat sending.
1.2 Data You Provide Directly
- Scheduled Messages & Reminders: Text you write for reminders or scheduled/repeated messages is stored locally in the app-private database. Reminder text is not transmitted by MsgVault. If you configure a scheduled/repeat send, the configured text may be passed on-device to the selected messaging app through its verified notification reply action at the scheduled time.
- Message Templates: Custom text templates you create, stored locally. Never transmitted.
- Contact Notes: Personal notes you write about contacts, stored locally. Never transmitted.
- Direct Chat (phone numbers/usernames): When you use the Direct Chat feature (open a conversation in a messaging app without saving a contact), you manually enter a phone number or username. This value is: (a) saved in an app-private
SharedPreferencesfile on your device for “Recent History” convenience; and (b) passed to the selected third-party messaging app via a standard deep-link URL (e.g.,https://wa.me/<number>for WhatsApp,https://t.me/<username>for Telegram,https://signal.me/#p/<number>for Signal,viber://chat?number=<number>for Viber). The value is never transmitted to our own servers, but it is shared with the target messaging app when the deep-link URL is opened — this is functionally identical to tapping a phone number or username link in any web page or dialer. You can clear your Direct Chat history at any time via the Direct Chat screen. This feature is entirely optional. - In-app Search History: Search terms you type inside MsgVault may be saved locally on your device to improve the local search experience. These search terms are never transmitted to our servers.
- Local Backup Files: When you create, export, import, restore, or enable premium Auto-Backup, the App reads or writes local backup files. Backup files may include your local MsgVault database, settings, notification records, scheduled/repeat messages, reminders, auto-reply rules, and related media thumbnails.
- Media Recovery Vault: This feature is optional and starts only after you open Media Recovery Vault, choose a source folder through Android's system folder picker, and grant media access. Once enabled, MsgVault may read supported image, video, audio, GIF/sticker, and document files and copy them into the App's private Media Recovery Vault. On Android versions where you grant media permissions, a backup service (shown to you as a foreground-service notification) uses Android's
MediaStoreand file-observer APIs to monitor newly added and deleted media across your device storage; however, it automatically backs up only files it identifies as belonging to supported messaging and social apps (such as WhatsApp, WhatsApp Business, Telegram, Messenger, Signal, Viber, Instagram, Discord, IMO, and LINE), detected by their folder/path name (e.g. “WhatsApp Images”). Media from unrelated apps is ignored. This monitoring is used only to back up recoverable chat media and to detect when an original is deleted, so it can be restored later. MsgVault does not read private messaging-app databases, does not request broad all-files (MANAGE_EXTERNAL_STORAGE) access, and cannot recover files deleted before a backup exists. You can stop this at any time by clearing the vault, removing source folders, revoking media permission, or disabling the feature. - PIN (App Lock & Secret Vault): Your chosen PIN is never stored in plaintext. It is hashed using PBKDF2-HmacSHA256 with a unique cryptographic salt (10,000 iterations, 256-bit key) and stored in Android's Encrypted SharedPreferences (AES-256-GCM encryption via Jetpack Security Crypto). The encrypted file is explicitly excluded from all cloud and device-transfer backup operations.
- Auto-Reply Rules: When you create an auto-reply rule, you configure a trigger keyword and a reply text. When an incoming notification matches the trigger keyword, the App uses the notification’s own RemoteInput reply action — the same mechanism used when you reply from the notification shade — to deliver the reply text through the original messaging app’s notification infrastructure. No message content is routed through our servers. The reply is sent entirely on-device using the PendingIntent provided by the original app’s notification. Auto-reply rule data (keywords, reply texts, scheduling windows) is stored locally and never transmitted.
- Scheduled & Repeat Messages: If you use Scheduled Messages or the Repeater tool, you configure a message text, a target chat/app, a time, and optionally a repeat interval/count. For chats where Android exposes a verified notification reply action, the App may send your configured text automatically at the scheduled time using that notification’s own RemoteInput PendingIntent — the same reply channel used when you reply from the notification shade. MsgVault verifies the stored reply action against the intended sender name before sending, refuses to send if it cannot verify the target, and records the outgoing scheduled/repeat message locally. You can pause, cancel, or delete scheduled/repeat jobs in the App. The scheduled message text is stored locally only and is never transmitted to our servers.
1.3 Data Collected by Third-Party SDKs
The App integrates the following third-party services, which may collect data independently under their own privacy policies:
Google AdMob & User Messaging Platform (UMP)
- AdMob may collect and share your Advertising ID, app set ID, device/account identifiers, device information, IP address, ad/app interaction data (such as app launches, taps, impressions, clicks, and video views where applicable), and diagnostic information for advertising, analytics, fraud prevention, and security. Google may use the IP address to estimate approximate location for ad delivery and measurement.
- The Google Mobile Ads SDK merges advertising permissions into the final APK manifest, including
com.google.android.gms.permission.AD_ID,ACCESS_ADSERVICES_AD_ID,ACCESS_ADSERVICES_ATTRIBUTION, andACCESS_ADSERVICES_TOPICS. These permissions are used by Google for ad serving, measurement, attribution, fraud prevention, Android Privacy Sandbox ad features, and app set / advertising identifier handling where available and allowed by the user's consent/settings. - The Google UMP SDK is used to request your GDPR/consent preferences before requesting personalised ads where required. MsgVault app code requests and serves ads only when Google's consent SDK indicates that ads can be requested. The Google Mobile Ads SDK provider may still appear in the Android manifest as required by the SDK.
- The App also stores local-only ad performance counters in app-private
SharedPreferences, including ad format, impression count, load success/failure count, last load error code, revenue micros, currency, and precision type provided by AdMob's paid event callback. These counters are used only by the App for ad-format diagnostics and are not transmitted by us to any external server. - You can change your ad consent preference at any time via Settings → Ad Privacy Settings inside the App.
- Google Privacy Policy: https://policies.google.com/privacy
- AdMob data practices: https://support.google.com/admob/answer/6128543
Google Play Billing
- If you purchase a premium subscription or lifetime upgrade, Google Play Billing processes the payment. The App receives only purchase-verification data such as product ID, purchase token, purchase state, acknowledgement state, verification timestamp, subscription type, and cached entitlement status — it never receives or stores your payment card details.
- This purchase-verification data is stored locally in encrypted app-private preferences where supported and is used only to verify premium access, prevent local premium-status tampering, restore purchases, and control which ad formats are suppressed for your plan.
Google Play In-App Updates
- The App uses the Google Play In-App Updates API (
com.google.android.play:app-update) to check whether a newer version of the App is available on Google Play. - When a mandatory update is available, a full-screen Google Play update overlay is displayed. You must update the App before you can continue using it. This ensures all users run the latest version with the newest security patches, bug fixes, and policy-compliant features.
- The update check communicates only with Google Play servers and transmits only the App's package name and current version code — no personal data, message content, or device identifiers are sent by this feature.
- If the device is offline or the update check fails, the App continues normally. The update will be enforced on the next launch with network connectivity.
- Google Play Terms: https://play.google.com/about/developer-distribution-agreement.html
Smart Reply Suggestions (On-Device Only)
- The App provides contextual reply suggestions when viewing a conversation. This feature uses a lightweight, on-device pattern-matching engine built into the App — no third-party SDK, no machine-learning model, and no external server is involved.
- The suggestion engine analyses the last received message locally and returns pre-defined contextual reply options. No message text leaves your device at any point during this process.
2. Permissions Declared and Why
Below is a complete, accurate disclosure of every permission declared in the App's manifest (AndroidManifest.xml), including its classification, purpose, and necessity.
| Permission | Classification | Purpose & Justification |
|---|---|---|
INTERNET |
Normal | Required for AdMob ads to load, Google Play Billing to connect to Google's servers for subscription verification, and Google Play In-App Updates to check for mandatory app updates. |
ACCESS_NETWORK_STATE |
Normal | Checks network availability before attempting ad loading or billing operations, preventing unnecessary errors on offline devices. |
com.google.android.gms.permission.AD_ID |
Normal (merged by Google Mobile Ads SDK) | Allows Google Mobile Ads to access the user-resettable Android Advertising ID for ad serving, frequency capping, fraud prevention, and measurement where available and permitted by user consent/settings. This permission is merged from the AdMob SDK manifest; MsgVault does not use the Advertising ID for any non-advertising purpose. |
ACCESS_ADSERVICES_AD_ID |
Normal (merged by Google Mobile Ads SDK) | Allows Google Mobile Ads to use Android Privacy Sandbox ad services identifiers on supported Android versions for advertising and measurement purposes. This permission is merged from the AdMob SDK manifest; MsgVault does not access this identifier directly. |
ACCESS_ADSERVICES_ATTRIBUTION |
Normal (merged by Google Mobile Ads SDK) | Allows Google Mobile Ads to use Android Privacy Sandbox attribution and measurement services on supported Android versions. This permission is merged from the AdMob SDK manifest; MsgVault does not use it for any non-advertising purpose. |
ACCESS_ADSERVICES_TOPICS |
Normal (merged by Google Mobile Ads SDK) | Allows Google Mobile Ads to use Android Privacy Sandbox Topics services on supported Android versions for ad relevance where available and permitted by user settings/consent. This permission is merged from the AdMob SDK manifest; MsgVault does not access topics directly. |
FOREGROUND_SERVICE |
Normal | Required to run the Notification Capture Service as a foreground service so Android does not terminate it while the user uses other apps. |
FOREGROUND_SERVICE_SPECIAL_USE |
Sensitive / Restricted | Android 14+ requires this permission for notification listener services that do not fit into a predefined foreground service type. Both the Notification Capture Service and the Repeat Message Service declare android:foregroundServiceType="specialUse" as required. This use case must be declared in the Google Play Console with a full justification before release submission. |
POST_NOTIFICATIONS |
Dangerous (runtime) | Required on Android 13+ to display MsgVault notifications when you enable them, including the single summary/service notification, recovered media alerts, and message reminder notifications. Requested at runtime with a clear user explanation before the prompt is shown. |
READ_MEDIA_IMAGES, READ_MEDIA_VIDEO, READ_MEDIA_AUDIO |
Dangerous (runtime, Android 13+) | Used only for the optional Media Recovery Vault after you open that feature and add source folders. These permissions allow MsgVault to read supported image, video, and audio media through Android's media APIs so it can back up recoverable files and detect when originals disappear. MsgVault must declare and, where required, justify these permissions in Play Console because Google Play treats photos and videos as personal and sensitive data and recommends picker-based alternatives where sufficient. |
READ_EXTERNAL_STORAGE |
Dangerous (runtime, Android 12 and below) | Legacy media-read permission used only on Android versions before the granular Android 13 media permissions. It supports the optional Media Recovery Vault and is limited with maxSdkVersion="32". |
WRITE_EXTERNAL_STORAGE |
Dangerous (Android 9 and below only) | Legacy write permission used only on Android 9 and below when saving/restoring recovered media to shared storage. On newer Android versions, MsgVault uses MediaStore or the Storage Access Framework instead. The permission is limited with maxSdkVersion="28". |
FOREGROUND_SERVICE_DATA_SYNC |
Normal | Required on Android 14+ for the Media Auto-Backup foreground service type. It supports the optional Media Recovery Vault's local backup/sync work after you add source folders or enable media monitoring. |
WAKE_LOCK |
Normal | Allows the notification service to briefly hold a CPU wake lock when a notification arrives, ensuring the notification is fully processed before the device enters deep sleep. The wake lock is released immediately after processing (10-second maximum). |
USE_BIOMETRIC |
Normal | Powers the optional App Lock feature, which lets users protect the App with fingerprint or face authentication. Only used if the user explicitly enables biometric lock in Settings. |
USE_FINGERPRINT |
Normal (legacy biometric compatibility) | Merged by AndroidX Biometric for older Android versions that use the legacy fingerprint API. It supports the same optional App Lock feature as USE_BIOMETRIC. |
VIBRATE |
Normal | Provides haptic feedback during PIN input and on certain button interactions for improved user experience. Carries no privacy risk. |
RECEIVE_BOOT_COMPLETED |
Normal | Allows the App to restart the Notification Listener Service after the device reboots, ensuring uninterrupted message capture. The Boot Receiver responds to BOOT_COMPLETED and LOCKED_BOOT_COMPLETED. No user data is read during boot — only the service is restarted. |
com.android.vending.BILLING |
Normal (merged by Google Play Billing) | Allows Google Play Billing to process premium subscription and lifetime purchase flows. MsgVault receives purchase tokens and subscription status only; it never receives payment card details. |
com.horayra.msgvault.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION |
App-specific signature permission (generated by AndroidX) | Generated to protect internal non-exported dynamic broadcast receivers used by AndroidX libraries. It is not a user-data permission and does not grant access to device data. |
3. How We Use Your Data
- Notification content is used solely to display captured messages inside the App and to detect deleted messages. It is never transmitted externally by us.
- PIN data is used solely for authentication when App Lock or Secret Vault is enabled. It is stored encrypted and never transmitted.
- Subscription status is used solely to enable premium features and to control which ad formats are displayed. Specifically: free users see all ad types; weekly and monthly subscribers have interstitial, banner, app-open, and rewarded ads removed but continue to see native ads between content items; yearly and lifetime subscribers have all ad formats removed entirely.
- Scheduled message & reminder data is used solely to trigger reminders and, when you explicitly configure a scheduled/repeat message, to send the configured text through the original messaging app’s verified notification reply action at the selected time. If a verified reply action is not available, the send is refused and marked failed instead of guessing a recipient.
- Message classification data (OTP, Bank, Shopping, Promotion, Appointment, Urgent, etc.) is computed locally on your device to help you organise your messages. It is not transmitted.
- Auto-reply rules are processed locally to match incoming notification text against your configured keyword triggers. When a match is found, the App sends the configured reply text using the notification’s own RemoteInput PendingIntent — i.e., the same reply channel the original messaging app exposes in its notification. This action occurs entirely on-device. No message content is sent to our servers or any external service.
- Package visibility / installed-app data is used exclusively on your device to show installed launcher apps in the Deleted Message Recovery selector, check whether supported chat, social media, email, and limited system packages are installed, group apps into categories, display app icons/names, and open supported apps for Direct Chat. This information is not uploaded to our servers and is not sold.
- Local ad performance counters are used only to understand which ad formats load successfully and to calculate local estimated ad revenue. These counters do not include message content, phone numbers, names, contacts, or precise device identifiers, and they are not transmitted by us.
- Data Safety wording: To avoid under-disclosure, Google Play Data Safety may mark local/on-device data such as sender names, message previews, thumbnails, files, search history, installed-app information, and user-generated message content as collected for app functionality even when that data is stored locally only and is not sent to our own servers.
4. Data Storage and Retention
- All message data is stored in a local Room (SQLite) database inside Android's app-private storage, inaccessible to other apps without root access.
- Android Auto Backup (Google Cloud) is disabled for MsgVault via declared backup rules (
fullBackupContentanddataExtractionRulesin the App manifest). MsgVault does not use Google Drive or any cloud sync for your message data. - Android device-to-device transfer or operating-system backup behavior may still be controlled by Android and the device manufacturer. Where allowed by Android, non-sensitive preferences may move during device transfer, but MsgVault backup/export files are created only when you choose to create or share them.
- Profile pictures and media thumbnails extracted from notifications are stored in private
profile_picsandmedia_thumbsfolders inside app-private storage. - Encrypted SharedPreferences (containing Vault PIN and App Lock credentials) are encrypted with AES-256-GCM and stored in Android's sandboxed storage only.
- Media Recovery Vault files are stored in app-private storage under MsgVault's private vault folder. You can clear this vault inside the Media Recovery screen. Clearing the vault does not delete the original source files.
- Data is retained until you delete it within the App or uninstall the App. Uninstalling removes all locally stored data.
- Auto-cleanup is available at 7-day, 30-day, and 90-day intervals and must be explicitly enabled by the user in Settings.
- You can create a local ZIP backup of your data at any time via Settings → Backup & Restore. Premium users can also enable Auto-Backup, which periodically refreshes the same local ZIP file on the device. These backups are stored on your device only and are never uploaded by the App. A backup ZIP can contain an unencrypted copy of your local app database, scheduled/repeat messages, reminders, auto-reply rules, settings, and related media, so you should keep it private and store it only in locations you trust.
5. Data Sharing
We do not sell, rent, or share your personal data with any third party, except as follows:
- Google AdMob: Advertising data (Advertising ID, device info) is shared with Google for ad serving. EU/EEA users control this via the UMP consent prompt and the in-app Ad Privacy Settings.
- Google Play Billing: Purchase tokens are exchanged with Google Play to verify subscription status. We receive only the subscription outcome — not payment details.
- Direct Chat (phone numbers/usernames): When you use the Direct Chat feature, the phone number or username you enter is passed to the selected third-party messaging application (e.g., WhatsApp, Telegram, Signal, Viber, IMO, Skype, LINE) via a deep-link URL. This is a user-initiated action and is functionally identical to opening a phone number or username link from any web page. The value is never sent to our own servers — it is only shared with the messaging app you choose to open. This feature is optional; if you do not use Direct Chat, no phone number or username is ever shared.
- User-initiated sharing and export: If you choose to share a message, export a chat as text/PDF, share generated emoji art, share repeated text, or export a local backup ZIP, Android sends that selected content or file to the app or storage provider you choose. MsgVault does not send this content to our servers, but the receiving app/provider may process it under its own privacy policy.
- Media Recovery restore/export: If you restore backed up media or documents from Media Recovery Vault to a folder, app, or provider you select, Android sends those selected files to that destination. MsgVault does not upload these files to our own servers.
- Legal compliance: We may disclose data if required by applicable law or a valid governmental request, to the extent permitted by law and to the minimum extent necessary.
6. Security
- All message data is stored in Android's sandboxed app-private storage, inaccessible to other apps.
- The message database is explicitly excluded from Android Auto Backup (cloud sync) via backup rules configuration.
- PINs are hashed using PBKDF2-HmacSHA256 (10,000 iterations, 256-bit key) with a unique cryptographically-random salt, and stored in Android Encrypted SharedPreferences (AES-256-GCM).
- The optional App Lock (PIN and/or Biometric) provides an additional access-control layer at the app entry point, re-locking immediately when the app goes to background.
- MsgVault does not transmit your message, notification, or chat data to our own servers. Such content may leave the device only when you intentionally share/export it, open it in another app, or configure an auto-reply/scheduled/repeat send that uses the selected messaging app's own notification reply channel.
- Release builds use code shrinking and obfuscation (R8/ProGuard) to harden the application against reverse engineering.
- All network communications from third-party SDKs (AdMob, UMP, Play Billing, and Play In-App Updates) use HTTPS/TLS. Cleartext traffic is explicitly disabled.
- The App creates notification channels that are visible and configurable in Android Settings → Notifications:
- Background Service — single, minimum-priority MsgVault summary/service notification that keeps the vault running silently in the background while notifications are enabled. If you turn MsgVault notifications off, the persistent summary is removed where Android allows.
- New Message Saved — legacy/compatibility channel retained for older installs; current builds update the single MsgVault summary instead of stacking separate capture notifications.
- Deleted Message Alert — recovered deleted-message/media alerts where applicable.
- Message Reminders — time-based reminder alerts
- Scheduled Messages — low-priority foreground-service notification shown while scheduled or repeating message jobs run in the background.
- App Icon Badge — legacy/compatibility minimum-priority channel retained for older installs; current builds avoid posting a separate visible badge notification and show new-message counts in the single summary notification where supported.
7. Children's Privacy
This App is not directed to children. It requires users to be at least 13 years of age (or 16 in the EU/EEA, where GDPR applies a higher minimum age for data processing consent). We do not knowingly collect personal information from children. If you believe a child has provided personal data through this App, please contact us at mhorayra01@gmail.com and we will promptly delete that information.
The App is not configured as child-directed in the AdMob dashboard, and child-directed ad treatment is not applied.
8. Your Rights and Choices
- Access & Deletion: All your data is on your device. You can view and delete any message, chat, or contact note directly within the App. Uninstalling the App removes all locally stored data.
- Media Recovery Vault: You can clear backed up image, video, audio, GIF/sticker, and document files from the Media Recovery screen, add/remove source folders, revoke saved folder access through Android storage controls, or revoke media permissions from Android App Settings. Revoking access stops new media backup/monitoring but does not delete backups already stored inside MsgVault unless you clear the vault.
- Notification Listener: You can revoke Notification Listener access at any time via Android Settings → Apps → Special app access → Notification access. The App will stop capturing new messages immediately.
- Battery Optimisation: You can re-enable battery optimisation for this App at any time via Android Settings → Apps → [App name] → Battery.
- Ad Personalisation: EU/EEA users can modify their ad consent at any time via Settings → Ad Privacy Settings inside the App. All users can reset or limit ad tracking via Android Settings → Privacy → Ads.
- GDPR / CCPA: If you are in the EU/EEA or California, you have rights regarding your personal data. Since your message data is stored locally only and we do not hold it on any server, most rights are exercised directly on your device. For data held by third parties (Google AdMob, Google Play Billing), please refer to Google's privacy policies. For any concerns about your rights, contact us at mhorayra01@gmail.com.
- Auto-Cleanup: You can configure automatic data cleanup at 7, 30, or 90 day intervals from Settings, or delete all data immediately via Settings → Delete All Data.
9. Package Visibility (Installed Apps)
The App declares package visibility queries in its manifest for installed launcher apps and for supported chat, social media, email, and limited system apps. Inside the Deleted Message Recovery selector, the App uses Android's PackageManager APIs to display visible installed apps, including each app's name, icon, package name, and recovery on/off state. This is necessary so you can choose which apps should be used for deleted-message recovery and which apps should be ignored.
This supported-app information is processed on your device only. It is not uploaded to our servers, not sold, and not used for advertising. Chatting, social media, and email apps are enabled by default for recovery; system apps and other apps are disabled by default unless you turn them on. You can change any category or individual app switch at any time from the home-screen app selector.
10. Home Screen Widgets
MsgVault offers two optional Home Screen Widgets that you can add to your Android launcher:
- MsgVault Stats Widget (Small — 2×1): Displays aggregate statistics read from the local app database, such as total captured message count, total chat count, and total deleted-message count. No message text, sender names, or contact details are displayed — only numeric totals.
- MsgVault Messages Widget (Medium — 4×2): Displays a short list of your most recent captured message entries (sender name and a brief message preview) sourced from the local app database. This information is rendered directly on your home screen for quick reference.
Widgets read data only from the local app-private database on your device. No data is transmitted to our servers or any external service as a result of widget rendering. Widget data is refreshed automatically when the App database changes. You can remove either widget from your home screen at any time via your launcher's widget management interface. Adding or removing a widget does not affect the data stored in the App.
11. Google Play Data Safety Summary
In compliance with Google Play's Data Safety requirements, here is the maximum-disclosure summary used for this App. "Collected / processed" includes local, offline, and on-device reading, creation, storage, import, export, or processing by MsgVault. "Shared" means the data may be sent to Google, another app, a storage/share provider, or a third-party SDK; it does not mean MsgVault uploads your message content to its own servers.
| Data Type | Collected / Processed? | Shared? | Purpose | User Control |
|---|---|---|---|---|
| Personal info / Name | Yes - notification sender display names, chat labels, and locally created contact notes may be stored on-device when enabled. | No in the Play Console Data Safety declaration. If you intentionally export/share content or send configured text to another app, the receiving app/provider may receive selected content as part of your user-initiated action. | App functionality: message recovery, chat history, widgets, notes, and automation. | Disable notification access/source apps, delete in-app, clear app data, or uninstall. |
| Personal info / User IDs | Yes - usernames, @handles, LINE IDs, Skype IDs, or similar Direct Chat identifiers you manually enter may be stored locally for recent history. | Yes - only with the messaging app you choose to open through Direct Chat. | App functionality: open a selected third-party chat app. | Feature is optional; clear Direct Chat history in-app. |
| Personal info / Phone number | Yes - phone numbers you manually enter in Direct Chat may be stored locally for recent history. | Yes - only with the messaging app you choose to open through Direct Chat. | App functionality: open a selected third-party chat app. | Feature is optional; clear Direct Chat history in-app. |
| Financial info / Purchase history | Yes - Google Play purchase tokens, product IDs, purchase state, acknowledgement state, verification time, plan type, and local entitlement status. | No in the Play Console Data Safety declaration. Payments are processed by Google Play Billing as the payment/service provider; MsgVault does not receive payment card details. | App functionality and account management: premium access, restore purchases, anti-tampering, and ad suppression by plan. | Cancel/manage via Google Play; restore purchases in-app. |
| Location / Approximate location | Yes - Google Mobile Ads may infer approximate location from IP address. | Yes - with Google/AdMob. | Advertising, analytics, fraud prevention, security, and measurement. | Ad Privacy Settings, Android privacy controls, Google ad settings, and UMP consent where available. |
| Messages / Emails, SMS/MMS, and other in-app messages | Yes - notification previews from enabled email, SMS/MMS-style, chat, social, or other apps may be stored locally when notification access is enabled. | Only when you use auto-reply, scheduled message, repeat message, Direct Chat, or Android share/export actions that intentionally pass selected content to another app/provider. | App functionality: message backup, deleted-message recovery, search, widgets, reminders, and automation. | Disable notification access/source apps, delete in-app, disable rules/jobs, clear app data, or uninstall. |
| Photos | Yes - notification avatars, large icons, image previews, thumbnails, photos from source folders you explicitly select, and photos exposed through Android media APIs after media permission is granted may be stored locally for Media Recovery Vault. | Yes - only when you restore/share backed up photos or thumbnails to a folder, app, or provider you choose. | App functionality: contact/avatar display, media preview, backup, deletion detection, and restore. | Delete in-app, clear Media Recovery Vault, revoke folder/media access, clear app data, or uninstall. |
| Videos | Yes - videos and GIF-like video files from selected source folders or Android media APIs may be copied into app-private storage for Media Recovery Vault. | Yes - only when you restore/share backed up videos to a folder, app, or provider you choose. | App functionality: media backup, deletion detection, and recovery. | Clear Media Recovery Vault, revoke folder/media access, clear app data, or uninstall. |
| Audio files | Yes - voice/sound recordings, music files, and other audio files from selected source folders or Android media APIs may be copied into app-private storage. | Yes - only when you restore/share backed up audio to a folder, app, or provider you choose. | App functionality: media backup, deletion detection, and recovery. | Clear Media Recovery Vault, revoke folder/media access, clear app data, or uninstall. |
| Files and docs / local backup files | Yes - when you create, import, export, restore a backup, enable premium Auto-Backup, select document folders for Media Recovery Vault, or when supported document/file media rows are monitored for recovery. | Yes - only when you restore/share backed up documents or backup files to a folder, app, or provider you choose. | Backup, restore, auto-backup, media/document recovery, deletion detection, and data portability. | Delete backup files, clear Media Recovery Vault, disable Auto-Backup, revoke access, or choose where to save them. |
| App Activity / App interactions | Yes - local app activity counters and Google Mobile Ads ad interactions may be processed. | Local counters are not shared by us; ad interactions may be shared with Google/AdMob. | App functionality, advertising, analytics, fraud prevention, security, and measurement. | Clear app data/uninstall; use Ad Privacy Settings and UMP consent where available. |
| App Activity / In-app search history | Yes - search terms typed inside MsgVault may be stored locally to improve local search. | No, unless you intentionally export/share content containing that text. | App functionality: local search and recent search convenience. | Clear search history, clear app data, or uninstall. |
| App info and performance / Diagnostics | Yes - Google Mobile Ads may collect diagnostics, load errors, performance data, and related SDK signals. MsgVault may also store local ad diagnostic counters. | Yes - with Google/AdMob for SDK diagnostics; local MsgVault counters are not shared by us. | Analytics, advertising, fraud prevention, security, measurement, and ad diagnostics. | Ad Privacy Settings, Android/Google controls, clear app data, or uninstall. |
| Device or other IDs | Yes - Google Mobile Ads may process Advertising ID, app set ID, device/account identifiers, and Android Privacy Sandbox ad-service signals where available. | Yes - with Google/AdMob. | Advertising, analytics, fraud prevention, security, attribution, and measurement. | Android Ad ID controls, Google ad settings, Ad Privacy Settings, and UMP consent where available. |
| Installed apps | Yes - visible launcher app name, icon, package name, category, and recovery on/off state may be processed/stored locally. | No. | App functionality: Deleted Message Recovery app selector, Direct Chat selector, app icon display, and category controls. | Switch apps/categories on or off in-app, clear app data, or uninstall. |
| Other user-generated content | Yes - templates, contact notes, custom text, auto-reply rules, keyword triggers, reminders, scheduled/repeat message text, and generated text are stored locally when you create them. | Only when you intentionally share/export generated text or configure an auto-reply/scheduled/repeat send that passes text to another app. | App functionality: templates, notes, reminders, automation, and text tools. | Delete in-app, clear history, disable rules/jobs, clear app data, or uninstall. |
| PIN hash (encrypted) | Yes — encrypted locally (AES-256-GCM) | No | App Lock & Vault security | Disable App Lock in Settings |
| Smart Reply suggestions | Processed on-device only through built-in pattern matching; no third-party model/server is used. | No. | App functionality: suggest replies in Chat view. | Suggestions are generated automatically on-device when you open a conversation; tapping a suggestion to use it is optional. |
| App version and update status | Yes - version code is checked through Google Play In-App Updates. | With Google Play. | App functionality: mandatory update enforcement and security/policy updates. | Automatic; no message content is involved. |
| Home Screen Widget data | Yes - widget totals, recent sender names, and message previews are read locally from the app database for widget display. | No. | App functionality: Stats Widget and Messages Widget display. | Remove the widget from your home screen at any time. |
| Precise location | No - MsgVault does not request location permission. | No precise location shared by MsgVault. | - | Android privacy controls. |
| Contacts | No - MsgVault does not request contact-list permission or read your contacts database. | No. | - | - |
| Precise device identifiers such as IMEI | No. | No. | - | - |
12. International Users
Your message data is stored locally on your device and is not transferred internationally by us. Third-party advertising and billing services (Google) may transfer data internationally as described in their own privacy policies. EU and UK users: the Google UMP SDK manages your GDPR/PECR consent for personalised advertising before any AdMob initialisation occurs.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in the App's features or applicable law. We will notify you of significant changes by:
- Updating the "Last Updated" date at the top of this policy.
- Showing an in-app notification for material changes.
- Requiring re-acknowledgement where changes affect how your data is handled.
Continued use of the App after a policy update constitutes acceptance of the updated terms.
14. Third-Party Links & Apps
The Direct Chat feature launches third-party messaging applications already installed on your device. We do not access, store, or transmit any data from those apps. We are not responsible for the privacy practices of any third-party app or service you choose to open.
15. Disclaimer
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
- Email: mhorayra01@gmail.com
We aim to respond to all inquiries within a reasonable timeframe.
Comments
Post a Comment