This privacy policy applies to the "Cloud: Backup & Files Storage " app (referred to as the "App") on mobile devices. It explains what information we collect, how we use it, and your choices regarding your data.
Last updated: 10-July-2026
Contact: toolhubapps@gmail.com
Data Controller & Data Protection Officer (DPO)
Data Controller: Tool App Hub Contact: toolhubapps@gmail.com
DPO: No DPO has been appointed. For privacy/DPO inquiries, contact toolhubapps@gmail.com
This Privacy Policy outlines how the Cloud Storage app (referred to as "app") handles your personal information. The app is provided by Tool Apps Hub (referred to as "service provider"). This policy applies to all users of the app.
Data Collection
Our app only uploads and stores the files that you explicitly choose to upload or back up to your cloud storage account. We do not access, upload, or collect your personal files without your action. In addition, third-party services integrated into the App (such as analytics, crash reporting, advertising, and cloud storage infrastructure) may collect certain device, usage, or service-related data. We explain below what data is processed by the App and what data may be processed by third-party services.
Google Analytics for Firebase
Data Collected:
• Device information (device model, OS version, app version, anonymous device identifiers)
• App usage data (session duration, feature interactions, events triggered)
• Crash / diagnostic events (as configured)
Purpose of Collection:
• Monitor app performance and user engagement
• Identify and fix technical issues and crashes
• Analyze feature usage to improve the app
• Measure installs and campaign effectiveness
Data Usage:
• Analytics data is used in aggregated or pseudonymized form. Firebase may retain analytics according to its own retention policies. We do not use Firebase to access your personal files.
AdMob (Google Ad Services)
Data Collected:
• Advertising ID (Ad ID) — a platform advertising identifier
• Device information (model, OS), app usage related to ads (ad interactions)
Purpose of Collection:
• Display relevant advertisements (personalized or non-personalized based on user choice)
• Measure ad performance and effectiveness
• Prevent click fraud and enforce ad policy compliance
Data Usage:
• Advertising ID: We (and AdMob) may collect the Android Advertising ID (Ad ID) to provide and measure ads. AdMob receives advertising identifiers and may combine them with other data under Google’s policies. You may opt out of personalized advertising using your device or Google ad settings (see “Ads & opt-out” below).
Firebase Crashlytics
Data Collected:
• Crash logs and diagnostic data (stack traces, device model, OS version, app version, session data)
Purpose of Collection:
• Identify and diagnose app crashes and stability issues
• Improve app reliability and user experience
Data Usage:
• Crash data is used for debugging and is processed by Crashlytics according to Firebase policies.
Amazon S3 (Cloud Storage Services)
Data Collected:
• Files and content that you choose to upload to cloud storage (such as photos, videos, documents, or other supported files)
• File metadata (such as file name, size, type, upload time, and storage information)
Purpose of Collection:
• Store and synchronize your uploaded files securely in the cloud
• Enable file backup, access, download, and restore across your devices
• Maintain the functionality and reliability of the cloud storage service
Data Usage:
• We do not access, collect, or use the contents of your personal files for analytics, advertising, or marketing purposes. Your uploaded files are stored on Amazon S3 infrastructure to provide cloud storage services. Amazon processes and stores this data according to its own security and privacy policies. We only use the information necessary to provide and manage the cloud storage service.
If you permanently delete your account, all files stored in your cloud storage (Amazon S3) are permanently removed immediately and cannot be recovered.
For more details, please review the privacy policies of these services:
Permissions Required
Manage All Files Permission (All Files Access)
Purpose:
This permission allows the app to access files on your device so you can upload, manage, organize, move, copy, or restore your files in cloud storage.
Details:
The app only accesses files that are required for the features you use or that you explicitly select. Your files are not accessed for advertising or analytics purposes.
Photos and Videos Permission (Read/Write Storage)
Purpose:
This permission allows the app to access your photos, videos, and other supported media files for upload, download, backup, and file management.
Details:
The app only accesses media files needed for the features you choose. It does not modify or share your files without your action.
Contacts Permission
Purpose:
This permission allows you to back up and restore your contacts using the cloud storage service.
Details:
Your contacts are accessed only when you choose to back them up or restore them. They are not used for advertising, marketing, or shared with third parties.
Camera Permission
Purpose:
This permission allows you to capture photos or scan documents directly within the app and upload them to your cloud storage.
Details:
The camera is used only when you choose to take a photo or scan a document. The app does not access the camera in the background.
Notification Permission
Purpose:
This permission is optional and allows the app to send notifications about file uploads, downloads, backups, sync status, and important app updates.Details:
You can enable or disable notifications at any time through your device settings. Notification permission is not required to use the core features of the app.
Security
We value your trust in providing us with the permissions necessary to protect your device. We are committed to ensuring that the App operates securely and that your privacy is maintained. Communications for updates and any minimal data exchanges occur over encrypted channels (HTTPS/TLS). However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure and reliable, and we cannot guarantee absolute security.
Ads & opt-out
We show ads via AdMob/Google Ad Services. AdMob may use the Advertising ID and other signals to serve personalized ads. You can opt out of ad personalization via your device settings (Settings → Google → Ads → Opt out of Ads Personalization) or by disabling personalized ads in-app where provided. If you are located in the EU/EEA, the App will request consent for personalized ads where required by applicable law using a consent dialog/CMP.
Advertising ID & device identifiers — linked/shared: We (and AdMob) collect the Android Advertising ID and device identifiers to provide and measure ads. This data is shared with AdMob and other ad partners for advertising, measurement, and fraud prevention. We do not link the Advertising ID to your personal name or account details.
Data Sharing & Retention
Sharing:
• We share only what is necessary with our service providers (ad networks, analytics and crash reporting providers).
• We do not sell your personal files or contents to third parties.
• We do not share a user’s identifiable installed-app inventory with any third party. Any app-related telemetry we send to analytics partners is aggregated or pseudonymized and cannot be used to identify a specific user or their installed apps.
Retention:
• On-device scan history and scan results are stored locally until you clear them or for up to 12 months, whichever comes first.
• Analytics and crash data are retained by third-party providers for up to 14 months unless you request deletion and the provider supports deletion. For precise retention see the provider policies (Firebase/Google).
• Advertising identifiers used for ads are handled according to Google/AdMob retention practices.
GDPR & Data Subject Rights
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have certain rights under the General Data Protection Regulation (GDPR). We process your data only where we have a legal basis to do so (such as your consent, the performance of a contract, or our legitimate interests).
Your GDPR rights include:
• Right of access — request a copy of personal data we hold about you.
• Right of rectification — request correction of inaccurate or incomplete data.
• Right of erasure — request deletion of your personal data where we have no lawful basis to retain it.
• Right to restrict processing — request limitation of processing in certain situations.
• Right to data portability — request a machine-readable copy of your data.
• Right to object — object to processing, including profiling and direct marketing.
• Right to withdraw consent — if we process data based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
Legal basis for processing (GDPR):
• Performance of a contract / provision of the App’s core functionality — On-device scanning and scanning-related processing needed to provide the antivirus service.
• Consent — For personalized advertising and certain analytics in regions that require consent (e.g., EU/EEA).
• Legitimate interests — Fraud prevention, security & malware detection, debugging and product improvement. We balance these interests against your privacy.
• Legal obligations — when required by law.
How to exercise your GDPR rights:
To exercise any of these rights, contact us at toolhubapps@gmail.com. We will verify your identity and aim to respond to your request promptly — typically within 30 days. If we need more time due to the complexity of your request, we may extend the period by up to 15 additional days and will notify you with reasons for the extension.
California (CCPA/CPRA) — Your rights (if you are a California resident)
Under the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA), California residents have the following rights:
• Right to know — the categories of personal information collected, used, shared, or sold.
• Right to access — request a copy of specific pieces of personal information collected about you.
• Right to delete — request deletion of personal information collected from you.
• Right to opt-out — opt-out of the sale or sharing of personal information for cross-context behavioral advertising.
• Right to non-discrimination — you have a right not to receive discriminatory treatment for exercising privacy rights.
How to exercise CCPA/CPRA rights & opt-out of sale/sharing:
If you are a California resident and want to exercise these rights or opt-out of sale/sharing, email toolhubapps@gmail.com with the subject line “CCPA Request / Do Not Sell or Share My Info” and provide the following: your name, email address used with the App (if any), device identifier (Advertising ID or device ID), and a clear description of your request. We will verify your request and respond within 45 days of receipt. If necessary, we may request additional information to verify your identity. Authorized agents may submit requests on your behalf with proper written authorization.
Virginia (VCDPA) — Your rights
If you are a resident of Virginia you may exercise similar rights under the Virginia Consumer Data Protection Act (VCDPA), including access, correction, deletion, data portability, and the right to opt-out of targeted advertising or the sale of personal data. To exercise these rights, contact toolhubapps@gmail.com with the subject line “VCDPA Request.” We will verify and process the request.
Brazil (LGPD) — Your rights
If you are in Brazil, you have rights under the LGPD including access, correction, deletion, anonymization, portability, and the right to withdraw consent. To exercise these rights, contact toolhubapps@gmail.com with the subject line “LGPD Request.” We will verify and process the request.
How we verify requests & required info
For security and privacy, we must verify identity before fulfilling requests. For most requests, please provide: your name, contact email, device Advertising ID (or a screenshot of the app’s About page showing the device/app version), and a description of the request. For agent requests we require a signed consent/authorization from the data subject. We will not be able to process requests without sufficient verification.
Right to lodge a complaint with a supervisory authority
If you believe your rights under data protection laws have been violated, you may lodge a complaint with your local data protection authority (for example, the Information Commissioner’s Office (ICO) in the UK or your country’s supervisory authority). If you are in the EU/EEA you can contact your national supervisory authority.
Children Policy
Age restriction: This App is not intended for children under 13 years of age. If you are a parent and believe your child has provided us with personal information, contact us at toolhubapps@gmail.com
If you have created an account in the App, you may permanently delete your account at any time from within the App.
When your account is deleted, your account and all data associated with it, including your files stored in our cloud storage (Amazon S3), are permanently deleted immediately. Once deleted, this data cannot be recovered.
We may retain limited information only where required by applicable law or for legal, security, fraud prevention, or regulatory compliance purposes.
Changes to This Privacy Policy
This Privacy Policy may be updated from time to time to reflect changes in our practices or for legal/regulatory reasons. We will notify users of material changes by updating the “Last updated” date on this page and, where appropriate, by notifying users in-app.
Your Consent
Consent: By using the app, you consent to the practices described in this Privacy Policy. Your continued use of the app signifies acceptance of these practices.
Contact Us
If you have any questions, concerns or requests about this Privacy Policy or our data practices, or to submit requests under GDPR/CCPA/VCDPA/LGPD, please contact us at: toolhubapps@gmail.com