Privacy Policy

Private Fraud Notifier — Android application
Published by Fine Ware s.r.o.
Last updated:

1. Introduction

Fine Ware s.r.o. (“we”, “us”, “our”) built Private Fraud Notifier (“PFN”, “the App”) to help users detect telephone fraud and scam attempts in real time. This Privacy Policy explains what data the App accesses on your device, how that data is used, and your rights under applicable law — including the EU General Data Protection Regulation (GDPR) and applicable Czech law.

By installing or using PFN you acknowledge that you have read and understood this policy. If you do not agree, please uninstall the App.

2. Data controller

The data controller for processing that occurs within the App is:
Fine Ware s.r.o.
Czech Republic
Contact: [email protected]

3. Permissions and data accessed

PFN requests the following Android permissions. All analysis described below is performed exclusively on your device. Unless explicitly stated otherwise, no personal data derived from these permissions is transmitted to our servers or any third party.

Phone state & call log

READ_PHONE_STATE  READ_CALL_LOG

Why: The App detects when an incoming or outgoing call is active and, where available, reads basic call metadata (duration, call state) to identify patterns associated with telephone fraud (e.g., long calls from unknown numbers, call forwarding abuse). Call metadata is analysed locally and immediately discarded after the fraud-detection check completes. Call recordings are never made.

Legal basis (GDPR): Legitimate interests (Art. 6(1)(f)) — fraud prevention on behalf of the user.

SMS messages

RECEIVE_SMS  READ_SMS

Why: The App intercepts incoming SMS messages and analyses their text content on-device for indicators of phishing, financial fraud, and social-engineering scams (e.g., fake bank alerts, package-delivery scams, family-emergency fraud). Message text is never stored persistently and is never transmitted outside the device.

Legal basis (GDPR): Legitimate interests (Art. 6(1)(f)) — fraud prevention on behalf of the user.

Accessibility service — app activity monitoring

BIND_ACCESSIBILITY_SERVICE

Why: PFN uses the Android Accessibility Service solely to observe which application is currently in the foreground. This enables the App to alert you when sensitive apps (e.g., banking or payment apps) are opened in circumstances that may indicate a remote-access or impersonation attack. The App does not read the content of other apps' screens, does not capture keystrokes, and does not interact with or control any other application. Foreground app names are evaluated in memory and never stored or transmitted.

Note: Google Play requires that apps using the Accessibility API declare this use. PFN uses this permission exclusively for the fraud-detection purpose described above and for no other purpose.

Legal basis (GDPR): Legitimate interests (Art. 6(1)(f)) — fraud prevention on behalf of the user.

Notifications

POST_NOTIFICATIONS

Why: Used to display fraud-detection alerts to you in real time. No notification content is transmitted anywhere; notifications are generated locally based on on-device analysis results.

Start on boot

RECEIVE_BOOT_COMPLETED

Why: Allows the App to restart its monitoring service automatically after the device reboots, so fraud protection is continuous without requiring you to manually reopen the App. No data is collected or transmitted during boot.

Internet access

INTERNET

Why: Internet access is used solely to verify and manage in-app subscription status via RevenueCat, a third-party subscription management platform. When you purchase or restore a subscription, RevenueCat may process a pseudonymous device/user identifier and purchase receipt data. Fine Ware s.r.o. does not receive or store your payment details. PFN's fraud-detection engine does not use the internet connection — all analysis is on-device.

RevenueCat's privacy policy is available at revenuecat.com/privacy.

Legal basis (GDPR): Contract performance (Art. 6(1)(b)) — subscription verification required to provide paid features.

4. Data we do not collect

PFN does not:

  • Transmit call recordings, call metadata, or SMS content to any server.
  • Store your messages, call logs, or phone number on our systems.
  • Collect location data.
  • Track your behaviour across apps or websites.
  • Sell, rent, or share your personal data with advertisers or data brokers.
  • Require account registration or collect your name or email address.

5. Data retention

Because PFN analyses data in memory and does not persist personal data to storage or external servers, there is no retention period for call, SMS, or accessibility data — it is never retained beyond the immediate in-memory analysis.

Subscription status information managed by RevenueCat is retained according to RevenueCat's own retention policies. Please refer to their privacy policy for details.

6. Third-party services

The only third-party service integrated into PFN is:

  • RevenueCat — subscription and in-app purchase management. Data processed: pseudonymous device identifier, Google Play purchase receipt. See RevenueCat Privacy Policy.
  • Google Play — app distribution platform. See Google Privacy Policy.

7. Your rights (GDPR)

If you are located in the European Economic Area, you have the following rights regarding any personal data we process:

  • Access — request a copy of the data we hold about you.
  • Rectification — request correction of inaccurate data.
  • Erasure — request deletion of your data (“right to be forgotten”).
  • Restriction — request that we restrict processing of your data.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — where processing is based on consent, withdraw it at any time.

Because PFN does not collect or store personal data on our servers, most rights can be exercised directly on your device (e.g., uninstalling the App, revoking permissions in Android Settings). For any requests or questions please contact us at [email protected].

You also have the right to lodge a complaint with the Czech data protection authority (Úřad pro ochranu osobních údajů — uoou.cz) or the supervisory authority in your country of residence.

8. Children's privacy

PFN is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided personal data through the App, please contact us so we can address it promptly.

9. Security

PFN's on-device processing architecture minimises exposure of sensitive data. Because no personal data is transmitted to external servers, there is no central server database that could be breached. We take reasonable technical measures to protect the App binary and configuration against tampering.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify users of material changes by updating the “Last updated” date at the top of this page and, where feasible, through an in-app notice. Continued use of the App after changes are published constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions, requests, or concerns, please contact:

Fine Ware s.r.o.
Email: [email protected]
Web: fineware.dev