NoteVault Privacy Policy

The data controller responsible for the NoteVault application is:

For matters involving the EEA, UK, or Switzerland, you may also contact our privacy mailbox above and we will route your request through our designated representative if one is required for your jurisdiction.

This policy applies to:

• The NoteVault Android application distributed via the Google Play Store (package com.zeengocorp.notevault).
• Communications you send to contact@zeengocorp.com and related ZeengoCorp mailboxes.

It does not apply to third-party services governed by their own privacy policies (Google AdMob, Google Crashlytics, Google Play Integrity), nor to ZeengoCorp's main corporate website — see the ZeengoCorp Innovations website privacy policy for that.

NoteVault processes data in two clearly separated categories:

3.1 On-device data (never leaves your device)

• Notes content — text, formatting, labels, pins, archive state, reminders, color codes.
• Vault content — photos, videos, audio, PDFs, and documents you choose to hide.
• Vault metadata — folder names, encrypted thumbnails, file index entries (stored in a local SQLite database).
• Authentication artifacts — your password and trigger word, hashed locally using SHA-256. We never receive the plaintext.
• Recovery code hash — generated and stored locally so you can regain access if you forget your password.
• Intruder log — timestamps of failed unlock attempts, stored locally. Not transmitted.

We do not have access to any of the above. We cannot read, copy, or recover your vault content. If you lose both your password and your recovery code, your vault content is permanently inaccessible.

3.2 Data processed off-device by third parties

When you use NoteVault, the following information may be processed by third-party services described in §7:

• Advertising identifier (Google Advertising ID) — a resettable, pseudonymous identifier issued by your device. You can reset or delete it at any time from your Android settings.
• IP address — observed by ad and crash services for general geolocation (country-level), fraud prevention, and ad serving.
• Device & app data — model, OS version, app version, language, screen size, time zone, mobile country code.
• Ad interaction data — impressions, clicks, viewability, and ad latency, used by ad partners to measure and bill.
• Crash & stability data — anonymous diagnostic stack traces and run-time metrics via Firebase Crashlytics, used solely to fix bugs.
• Integrity signals — Google Play Integrity API tokens used to detect tampered or rooted environments. Tokens are short-lived and do not contain personal data.

We do not collect: email, phone number, real name, address, contacts, calendar, microphone audio, biometric data, or any vault content.

Under Articles 6(1)(a), 6(1)(b), and 6(1)(f) of the EU General Data Protection Regulation 2016/679 (and equivalent provisions of UK-GDPR and the DPDPA 2023), we rely on the following legal bases:

Where we rely on legitimate interests, we have conducted a balancing test and concluded that our interest in serving non-personalized ads and maintaining product stability does not override your rights and freedoms. You may object to processing on this basis under §10.

NoteVault is supported in part by advertising. Ads are served by Google AdMob, operated by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) for users in the EEA, UK, and Switzerland, and by Google LLC for users elsewhere.

5.1 Where ads appear

• Within the notepad surface (banner and interstitial placements).
• As rewarded ads gating certain sensitive saves for free-tier users. Watching a rewarded ad unlocks the save once.
• No ads are shown inside the vault flow. Once the vault is unlocked, the ad surface is suppressed.
• Premium subscribers ($1.49/month) see no ads at all.

5.2 Personalized vs. non-personalized ads

A personalized ad is selected based on data Google holds about the device, such as previous app usage and inferred interests. A non-personalized ad is selected using only contextual signals such as the current app and coarse geography.

• EEA, UK, and Switzerland users:On first launch we display the Google-certified User Messaging Platform (UMP) consent screen, which implements the IAB Transparency & Consent Framework v2.2. You can choose between "Consent" (personalized) and "Manage options" (granular toggles per purpose and per partner) or "Do not consent / continue without consent" (non-personalized). Your choice is recorded as a TCF v2.2 consent string stored locally and read by AdMob.
• All other regions: Personalized ads may be served subject to local law. You can opt out at any time (see §6).

5.3 Ad partner list

Google AdMob may share request information with the third-party ad networks and exchanges that Google admits into its mediation auction. The current list of vendors and the data each receives is available at:

https://support.google.com/admob/answer/9012903

For the IAB Global Vendor List used inside the EEA/UK consent screen, see vendor-list.consensu.org/v3/vendor-list.json.

5.4 Ad measurement and reporting

Ad partners measure ad impressions, viewability, and clicks to bill advertisers and detect invalid traffic. This measurement may rely on your Advertising ID and IP. We rely on legitimate interests for measurement; if you withdraw advertising consent in the EEA/UK/CH, measurement also stops processing personal data and falls back to aggregated counts.

• Inside the app: Open Settings → Privacy → Manage Ad Preferences to re-display the consent screen at any time. Withdrawing consent is as easy as giving it.
• Reset advertising ID: Android Settings → Privacy → Ads → Reset advertising ID, or Delete advertising ID.
• Opt out of personalized ads across Google: visit myadcenter.google.com.
• Remove ads entirely: subscribe to NoteVault Premium ($1.49/month via Google Play).

We do not sell personal data. We share only with the following categories of recipients, each acting as an independent controller or processor under its own privacy policy:

ZeengoCorp is based in India. Google AdMob, Firebase Crashlytics, Google Play Integrity, and Google Play Billing process data in the United States and other countries. Where personal data of EEA, UK, or Swiss residents is transferred outside their region, we rely on:

• The European Commission's Standard Contractual Clauses (SCCs) of 4 June 2021, as implemented by Google in its data processing terms.
• The UK International Data Transfer Addendum (UK IDTA) issued by the Information Commissioner's Office.
• The Swiss Federal Data Protection and Information Commissioner (FDPIC) recognized SCCs.
• Google's certification under the EU-US Data Privacy Framework (DPF), the UK extension, and the Swiss-US framework where applicable.

You may request a copy of the safeguards relied on for a particular transfer by emailing contact@zeengocorp.com.

• On-device vault content (§3.1): retained on your device until you delete it or uninstall the app. We never receive a copy.
• Advertising data: retained by Google according to their published retention policies (typically up to 13 months for personalized cohorts; aggregated counters longer).
• Crash data: retained by Firebase Crashlytics for up to 90 days, then aggregated and anonymized.
• Support emails: retained for 24 months from last contact, then deleted, unless a legal obligation requires longer retention.
• Consent records (TCF v2.2 strings): retained locally on your device for the validity period of the framework (currently 13 months) and refreshed on re-prompt.

If you are in the EEA, UK, Switzerland, or India, you have the following rights:

• Access (Art. 15): obtain confirmation of whether we process your personal data and receive a copy.
• Rectification (Art. 16): correct inaccurate or incomplete data.
• Erasure / right to be forgotten (Art. 17): have your data deleted, subject to lawful exceptions.
• Restriction (Art. 18): limit processing pending verification or objection.
• Portability (Art. 20): receive your data in a structured, commonly used, machine-readable format.
• Objection (Art. 21): object to processing based on legitimate interests, including direct marketing.
• Withdrawal of consent (Art. 7(3)): withdraw advertising consent at any time without retroactive effect on prior processing.
• Not be subject to solely automated decisions (Art. 22): NoteVault makes no decisions about you that produce legal or similarly significant effects.
• Lodge a complaint (Art. 77): with your local supervisory authority — see §16.

To exercise any right, email contact@zeengocorp.com. We respond within 30 days, extendable to 60 days for complex requests with notice. We may ask for information to verify your identity. There is no fee unless your request is manifestly unfounded or excessive.

If you are a California resident, the California Consumer Privacy Act of 2018 (as amended by the CPRA) gives you the following rights regarding personal information we process in the prior twelve months:

• Right to know the categories of personal information collected, the sources, the business purposes, and the categories of recipients.
• Right to delete personal information we have collected from you.
• Right to correct inaccurate personal information.
• Right to opt-out of "sale" or "sharing" for cross-context behavioral advertising.
• Right to limit use of sensitive personal information — we do not use sensitive personal information for purposes other than those permitted under § 7027(m) of the CCPA regulations.
• Right of non-retaliation for exercising your rights.

Sale / sharing status:ZeengoCorp does not sell personal information for money. Some advertising activity may qualify as "sharing" under California law. Withdrawing advertising consent inside the app (§6) functions as a Global Privacy Control opt-out. We also honor the GPC browser/device signal where transmitted.

To submit a CCPA request, email contact@zeengocorp.comwith the subject line "California Privacy Request".

NoteVault is not directed at children. We do not knowingly collect personal information from children under 13 years of age (United States, COPPA) or under 16 years of age (EEA, where Art. 8 GDPR digital consent age applies, subject to local Member State rules) or under 18 years of age (India, DPDPA).

We have configured Google AdMob with "tag for child-directed treatment" (TFCD) and "tag for under age of consent in EEA" (TFUA) set where appropriate, and we instruct ad partners to serve only non-personalized, COPPA / GDPR-K compliant ads when these flags are active.

If you believe a child has provided us information, please contact contact@zeengocorp.com and we will delete it without delay.

We apply technical and organizational measures appropriate to the risk:

• SHA-256 hashing of passwords, trigger words, and recovery codes — never stored in plaintext.
• Android Keystore hardware-backed key storage where available, with secure key wrapping.
• AndroidX Security EncryptedSharedPreferences / EncryptedFile for the local file store and vault index.
• Scoped storage per Android 13+ photo and video access guidelines — minimum permissions only.
• TLS 1.2+ in transit for any background calls (ad requests, crash reports, integrity tokens).
• Play Integrity API to detect tampered or compromised devices.
• Personal data breach notification: in the rare event we identify a personal data breach likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority within 72 hours as required by Art. 33 GDPR, and notify affected users without undue delay where required by Art. 34.

No method of electronic storage is 100% secure. We do not guarantee protection against sophisticated physical attacks on a device already in someone else's possession.

NoteVault does not use solely automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you (Art. 22 GDPR). Ad selection is automated but considered service operation, not a qualifying decision.

We will update this policy when our practices or applicable law change. The "Last updated" date at the top reflects the most recent revision. For material changes (for example, adding a new category of recipient or a new processing purpose) we will notify users in-app or by a prominent notice at least 14 days before the change takes effect, and where required by law we will obtain renewed consent before processing on the new basis.

A versioned changelog is maintained in our public repository on request.

For privacy questions, requests to exercise your rights, or to withdraw consent at any time, contact us at the addresses below. We aim to respond within 30 days.

Right to lodge a complaint

You may complain to a data protection supervisory authority. Examples:

• India (DPDPA): Data Protection Board of India — meity.gov.in.
• EEA: the national data protection authority in your country of residence — see EDPB members list.
• United Kingdom: Information Commissioner's Office — ico.org.uk.
• Switzerland: Federal Data Protection and Information Commissioner — edoeb.admin.ch.
• California: California Privacy Protection Agency — cppa.ca.gov; or Office of the Attorney General — oag.ca.gov/privacy.