Privacy Policy

1. Information We Do NOT Collect

PrivacyInsights is fundamentally different from most apps. We explicitly do NOT collect:

• Personal Information: No names, email addresses, phone numbers, or contact details
• Device Information: No device identifiers, UDID, advertising IDs, or hardware information
• Location Data: No GPS coordinates, IP addresses, or geolocation tracking
• Network Data: No browsing history, network traffic, or connection logs
• Bluetooth Data: No device lists, MAC addresses, or connection history
• Camera/Microphone Data: No photos, videos, or audio recordings
• Usage Analytics: No feature usage tracking, crash reports, or telemetry
• Cookies or Tracking: No cookies, web beacons, or third-party trackers

2. How PrivacyInsights Works

PrivacyInsights is an educational and analysis tool that demonstrates what information is accessible on your device. Here's how each feature operates:

🌐 Network & Security Analysis

• Domain Security Checker: Analyses SSL/TLS certificates and DNS records locally. No data sent to external servers.
• URL Scanner: Checks URLs for phishing patterns, homoglyphs, and tracking parameters entirely on-device using local pattern matching.
• Network Scanner: Discovers devices on your local network using standard network protocols. All scanning happens locally.
• Traceroute: Traces network paths using ICMP packets. Geolocation data is looked up from an embedded local database (no internet required).

📱 Device Analysis

• Security Check: Scans for 40+ jailbreak indicators using local file system checks. No data transmitted.
• Bluetooth Scanner: Discovers nearby Bluetooth devices using iOS Bluetooth APIs. Device information is matched against a local database of 170+ manufacturers. No data leaves your device.
• Tracker Monitoring: Monitors Bluetooth signal strength (RSSI) over time to detect potential tracking devices. All analysis happens locally.
• Device Info: Displays system information available through iOS APIs. This information never leaves your device.

🍪 Web & Cookie Tools

• Safari Extensions: Content Blocker and Web Extension run entirely within Safari's sandbox. Blocked domains are stored locally in your device's app group storage.
• Cookie Inspector: Reads Safari cookies using iOS APIs. Cookie data is displayed to you but never transmitted anywhere.
• QR Code Scanner: Scans QR codes using your camera and analyses the content locally. No QR data is uploaded.

📊 Privacy Analysis

• Privacy Score: Calculates a privacy score based on your device's security settings and permissions. All calculations happen on-device.
• Permission Scanner: Lists iOS permissions granted to apps. This information is read from iOS system APIs and never transmitted.

3. Permissions We Request and Why

PrivacyInsights requests certain iOS permissions to demonstrate what information apps can access. Here's what we request and why:

Permissions We Actually Use Active

• Camera Access: Required for QR Code Scanner feature. Images are processed locally and immediately discarded. No photos are saved or transmitted.
• Location Access: Used to correlate GPS coordinates with Bluetooth tracker detection. Location data is processed locally and never stored or transmitted.
• Bluetooth Access: Required for Bluetooth Scanner and Tracker Monitoring features. Device information is displayed to you but never collected by us.
• Local Network Access: Required for Network Scanner and IoT Device Detector. Network scanning happens locally; no data is sent externally.

Permissions Used for Privacy Education Local Only

These permissions are used by PrivacyInsights to demonstrate what apps with these permissions can learn about you. All processing happens entirely on your device:

• Photos: Used by Photo Privacy Analysis to show what apps with photo access can learn about you (locations, faces, activities, receipts, sensitive documents). All analysis is performed locally using Apple's Vision and CoreML frameworks. No photos leave your device.
• Speech Recognition: Used for real-time speech transcription to demonstrate voice data processing. Audio is processed locally and never transmitted.
• HomeKit: Used to display your smart home device inventory for privacy awareness. No control commands are sent.

Network Extension Permission Local VPN

The app includes a local VPN tunnel for Network Profiling:

• Network Extension (VPN): Creates a local-only VPN tunnel to monitor which apps and services your device connects to. All traffic passes through unchanged - nothing is blocked, modified, or sent externally. This is purely for visibility into your device's network activity.

4. Data Storage

Some features require temporary local storage to function properly:

What We Store Locally

• Safari Extension Rules: Blocked domains from Cookie Inspector are stored in your device's app group storage to sync with Safari extensions.
• User Preferences: App settings and preferences are stored using iOS UserDefaults on your device.
• Tracker Monitoring History: If you use the Tracker Monitoring feature, RSSI signal history is stored locally to detect patterns over time.
• Embedded Databases: The app includes local databases (Bluetooth manufacturers, GeoIP data, OUI lookups) that are embedded in the app bundle and never updated or transmitted.

What We Do NOT Store

• No cloud storage or remote servers
• No backups to external services
• No synchronisation with other devices
• No persistent logs or history (except Tracker Monitoring, which you control)

5. Third-Party Services

We use ZERO third-party services.

• No analytics services (Google Analytics, Firebase, Mixpanel, etc.)
• No crash reporting services (Crashlytics, Sentry, etc.)
• No advertising networks or SDKs
• No social media integrations
• No cloud services or APIs
• No third-party authentication providers

PrivacyInsights is a completely self-contained app with no external dependencies.

6. Internet Connectivity

PrivacyInsights can function entirely offline. However, some features may require internet connectivity:

Features That May Use Internet

• Domain Security Checker: Performs DNS lookups and SSL certificate validation, which requires internet to contact the target domain. The domain you check receives a connection from your device, but we do not intercept or log this traffic.
• URL Scanner: If you scan a URL, the app may fetch the URL to analyse redirects and content. This connection is made directly from your device to the target URL—we do not proxy or monitor this traffic.
• Traceroute: Sends ICMP packets to trace network paths, which requires internet connectivity. Packets are sent directly from your device; we do not collect or analyse the results.

Features That Work Offline

• Security Check (jailbreak detection)
• Bluetooth Scanner
• Tracker Monitoring
• Device Info
• QR Code Scanner (analysis only; URL opening requires internet)
• Privacy Score calculation
• Cookie Inspector

7. Children's Privacy

PrivacyInsights does not collect any personal information from anyone, including children under the age of 13 (or applicable age in your jurisdiction). The app is designed to be educational and safe for all ages.

Parents and guardians should be aware that the app demonstrates what information is accessible on a device, which may include sensitive system information.

8. Your Rights and Control

Because we don't collect any data, there's nothing for us to access, modify, or delete. However, you have complete control over your device:

• Revoke Permissions: You can revoke any iOS permissions granted to PrivacyInsights at any time through iOS Settings → Privacy & Security.
• Delete Local Data: You can clear all locally stored data by going to iOS Settings → PrivacyInsights → Reset or by uninstalling the app.
• Disable Features: You can choose not to use features that require permissions you're uncomfortable granting.

9. Security

PrivacyInsights is built with security best practices:

• Sandboxed: The app runs in iOS's secure sandbox environment with no access to other apps' data.
• No Network Servers: We don't operate any servers that could be compromised.
• No Data Transmission: Since no data leaves your device, there's no risk of interception or man-in-the-middle attacks.
• Local Processing: All analysis happens on-device using iOS's secure APIs.
• No Credentials: The app doesn't require any accounts, passwords, or authentication.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the app's functionality or legal requirements. Any changes will be posted on this page with an updated "Last Updated" date.

Since we don't collect any contact information, we cannot notify you directly of changes. We encourage you to review this Privacy Policy periodically.

11. Legal Compliance

PrivacyInsights complies with:

• GDPR (General Data Protection Regulation): We don't collect personal data, so GDPR data processing requirements don't apply.
• CCPA (California Consumer Privacy Act): We don't sell or share personal information because we don't collect it.
• Apple App Store Guidelines: We comply with Apple's privacy requirements and App Tracking Transparency framework (though we don't track users).

12. Contact Information

If you have questions about this Privacy Policy or PrivacyInsights, you can contact us:

• Website: https://pii.t1mcode.tech
• App Store: Leave a review or contact through the App Store listing

Please note that since we don't collect any data, we cannot look up or retrieve any information about your usage of the app.