# Privacy Policy — ClientKit
**Last updated:** 13 July 2026
**App:** ClientKit (`com.ilyas.ilyasapps.clientkit`)
**Developer:** Mobilia Apps
**Contact:** muhammadilyas15@gmail.com
## Our approach: your client records stay on your phone
ClientKit is designed to be **local-first**. The clients, projects, proposals, agreements,
invoices, payments and photos you enter are stored **only on your device**, in the app's private
storage. We do **not** upload them to any server, we do **not** require an account, and no one —
not even us — can access or delete your records remotely. If you uninstall the app, that data is
removed with it.
## The one exception: AI drafting (only when you ask for it)
ClientKit includes an optional **"Draft with AI"** feature that writes proposal cover notes, payment
reminders, scope-change notes and follow-up messages for you. This is the **only** feature that
sends data off your device, and it runs **only when you tap the AI button**. When you do, the
details needed for that specific draft — for example the relevant **client name, invoice number,
amount and due date, or a short description you type** — are sent over an encrypted (HTTPS)
connection to our AI proxy (a Cloudflare Worker) and on to **Google's Gemini API**, which generates
the text and returns it.
- We do **not** send your full client list, project history, or any records you did not choose to draft about.
- Our proxy is a **stateless relay** — it does not store your request or the generated text.
- Google processes the request under its API terms; see https://ai.google.dev/gemini-api/terms and https://policies.google.com/privacy
- If you never use the AI feature, **no client data ever leaves your device.**
## Information we do NOT collect
- We do not collect your name, email address, phone number, or any account identity.
- We do not collect your location. The app has **no location permission**.
- We do not access your photo library beyond images you explicitly pick, and photos you attach stay on your device.
- We do not upload your clients, invoices, payments, agreements or reports.
## Information collected by third-party services
To keep the app free, we use the following Google services, which may process limited data:
- **Google AdMob** (advertising): may use your device's Advertising ID and coarse location derived
from your IP address to show ads. A consent prompt (Google UMP) is shown where required.
- **Google Play Billing**: processes the optional premium purchase / subscription. We never receive your payment card details.
- **Firebase Crashlytics & Analytics**: collect anonymized crash reports and aggregate app-usage events to help us fix bugs and improve the app.
These services operate under Google's privacy policy: https://policies.google.com/privacy
## Permissions and why
- **Internet / Network state** — to show ads, run AI drafts, and check for updates.
- **Notifications** — to deliver local invoice-due and project reminders (nothing leaves the device).
- **Receive boot completed** — to restore your reminders after the device restarts.
- **Billing** — to process the optional premium unlock / subscription.
## Data retention and deletion
Because your records live only on your device, you control them entirely. Delete individual records
in the app, or uninstall the app to remove everything. You can reset your Advertising ID in Android
system settings.
## A note on invoices and agreements
ClientKit generates invoices and agreement records for your own record-keeping. It is not tax,
accounting or legal software, and agreement records are not legally binding contracts. Consult a
qualified professional for tax filing or legally enforceable agreements.
## Children
The app is not directed at children under 13 and does not knowingly collect data from them.
## Changes
We may update this policy; material changes will be posted at the URL above with a new date.
## Contact
Questions: muhammadilyas15@gmail.com