Last Updated: 19/10/2025

Effective Date: 19/10/2025

This exhaustive Privacy Policy ("Policy") governs the manner in which CodeGuru ("we," "us," or "our") collects, uses, maintains, and discloses information collected from users (each, a "User") of the SnapCall mobile application (the "App"). This Policy is designed to be fully transparent regarding our minimal data processing practices, especially considering our target audience of children and individuals requiring simplified technology.

1. Definitions and Key Principles

For the purpose of this Privacy Policy:

• App: Refers to the SnapCall mobile application.

• Company (or We): Refers to CodeGuru.

• User (or You): Means the individual accessing or using the App.

• Personal Data (PII): Any information that relates to an identified or identifiable natural person. (We do not collect PII as defined by GDPR/CCPA, as detailed below.)

• Usage Data (Non-Personal): Data collected automatically, either generated by the use of the App or from the App infrastructure itself (e.g., crash logs, time spent on features).

• Device: Any device that can access the App such as a phone, tablet, or mobile device.

• Third-Party Service: Any company or individual employed by the Company to facilitate the App, provide the App on behalf of the Company, or assist the Company in analyzing how the App is used.

2. The Core Commitment: Zero User Data Storage by CodeGuru

Our fundamental principle is to minimize data collection. CodeGuru does not collect, transmit, or store any Personal Data from your interaction with the core calling features of the App.

• Contact Information: All contacts you manually enter, mark as favorites, or use via the dial pad are stored exclusively and solely on your personal device within the App's local storage sandbox.

• Call Logs/History: We do not access, view, or store any record of the calls you make.

• User Registration: No account creation, login, or registration is required, which ensures we never possess a user identifier linked to personal information.

• Data Backup: We explicitly do not offer support for data backups, ensuring that no user-entered data ever leaves the user's device via our systems.

3. Data Collection: Usage Data and Third-Party Services

Despite our commitment to zero PII collection, certain non-personal data is necessarily processed by third-party tools to ensure the application is stable, secure, and monetarily sustainable. This data is defined as Usage Data.

A. Application Stability and Diagnostics (Firebase Crashlytics)

We use Google's Firebase Crashlytics to monitor for technical errors and crashes. This is critical for maintaining an accessible experience for all Users, particularly those who are less tech-savvy.

• Data Collected:

  • Crash Traces: Technical logs detailing the state of the App at the time of a crash.

  • Installation UUID: A random, anonymous identifier specific to the app installation, used to link crash reports.

  • Device Status: General device model, operating system version, and approximate usage time leading up to a crash.

• Legal Basis for Processing (GDPR): Legitimate Interest (Article 6(1)(f)), specifically to ensure the security, stability, and technical performance of the App.

• Retention: Crashlytics retains non-aggregated crash data for 90 days before aggregation or deletion.

B. Monetization and Advertising (Google Ads)

The App utilizes advertising provided by Google Ads to generate revenue necessary for ongoing maintenance and development.

• Child-Directed Policy and Non-Personalized Ads: CRITICAL COMPLIANCE POINT: Given our target audience, the App is specifically designated as child-directed to Google. Consequently:

  • We ONLY serve Non-Personalized Ads (NPA): These ads are based purely on contextual information (like the content category of the App or generalized location) and NOT on individual user profiles, browsing history, or retargeting data.

  • No PII is used for Ad Targeting: The ad identifier is used only for frequency capping (to limit repetitive ads) and measurement, in a manner compliant with the Children's Online Privacy Protection Act (COPPA) in the U.S. and GDPR-K in Europe.

• Data Collected for NPA: General device information, non-personalized IP address to determine general geography, and interaction data (ad views/clicks).

• Legal Basis for Processing (GDPR): Legitimate Interest and Consent where applicable (e.g., to generate revenue while maintaining child-safe standards).

4. App Permissions and Their Purpose

The SnapCall application requires explicit permission from the User's device operating system to function:

Permission Name

Purpose and Use

Data Access

CALL_PHONE (Phone Calls)

Allows the App to initiate a phone call directly when the user taps a contact or uses the dial pad, fulfilling the App's primary function.

No access to call logs, history, or recordings. Only used to launch the call intent.

INTERNET (Network Access)

Required to connect to Firebase Crashlytics for diagnostics and to Google Ads servers for displaying non-personalized advertisements.

Does not access personal files or locally stored contacts. Limited to necessary network communication for third-party services.

5. Legal Compliance and Global Regulations

We affirm our commitment to adhering to major global privacy standards:

A. Children’s Online Privacy Protection Act (COPPA - U.S.)

The App fully complies with COPPA by:

1. Treating all Users as potentially under 13.

2. Disabling all mechanisms for collecting or transmitting PII.

3. Ensuring all third-party services (Google Ads) are set to child-safe, non-personalized modes.

4. If we were ever to learn that we have collected PII from a child under 13 without verifiable parental consent, we would immediately delete that information.

B. General Data Protection Regulation (GDPR - EU)

As we do not collect PII, the strict mandates of the GDPR related to user consent for PII are largely moot. However, we address the rights of EU citizens regarding the Usage Data collected:

• Right of Access/Rectification: Because the Usage Data collected is anonymous crash/usage data, it cannot be linked back to a specific individual for access or correction.

• Right to Erasure (Right to be Forgotten): Users can request the deletion of all Usage Data associated with their unique Installation UUID, and we will comply to the extent technically feasible within our third-party services.

• Data Processing Basis: As noted in Section 3, our basis is Legitimate Interest.

C. California Consumer Privacy Act (CCPA / CPRA)

Because the App does not collect "personal information" as defined by the CCPA (names, addresses, unique identifiers that are not anonymized), we are effectively in compliance. We do not "sell" (as defined by CCPA) any data, as we do not collect PII.

6. Data Retention and Deletion Protocols

• Contact Information: This data is retained only as long as the App remains installed on the User's device. Uninstalling the App will immediately and permanently delete this locally stored data.

• Usage Data (Crashlytics): Anonymous crash reports are retained for up to 90 days to ensure debugging can be completed, after which they are aggregated or deleted.

• Advertising Data (Google Ads): Non-personalized ad interaction data is retained according to Google's standard retention policies for non-personalized advertising, which is generally 18 months for certain measurement data.

7. Data Security and Storage

• User Data (Contacts): Stored only on the Device. This data is protected by your device's own operating system security protocols (e.g., encryption, password protection). CodeGuru has no control over or liability for the security of your device.

• Usage Data (Crash/Ad): Transmitted securely (SSL/TLS encryption) to the servers of Firebase and Google Ads, who employ industry-leading security practices.

• Breach Mitigation: Due to the App's architecture, a data breach on our end would only expose anonymous crash and usage data, not any sensitive User PII or contact lists.

8. User Control and Opt-Out

While we collect minimal data, you retain control:

• Device-Specific Opt-Out: You can usually restrict the sharing of device identifiers used for advertising by adjusting the privacy settings on your device (e.g., "Reset Advertising ID" or "Limit Ad Tracking" on iOS/Android).

• Deletion: Uninstalling the App will immediately cease all collection of Usage Data and will delete all User-entered contact data stored locally on the device.

9. Changes to This Privacy Policy

CodeGuru reserves the right to update this Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this Policy. We may also notify users through a prominent notice in the App or via the App Store listing. Your continued use of the App constitutes your acceptance of the revised Policy.

10. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or your data, please contact the data controller for the App:

CodeGuru

Email: codeguru.haven@gmail.com

Subject Line: Privacy Policy Inquiry - SnapCall