NexDee Logo

User Data Policy & Google Play Data Safety Declaration

Last Updated: February 18, 2026

Overview

This document details how Notey handles user data, complying with Google Play's User Data Policy. It serves as a guide for completing the Data Safety Section in the Google Play Console.

1. Data Collection & Sharing (Play Console Answers)

1.1 Does your app collect or share any of the required user data types?

YES.

1.2 Is all of the user data collected by your app encrypted in transit?

YES.

(All sync data moves via HTTPS/TLS to Google Drive; AdMob/Firebase data is also encrypted).

1.3 Do you provide a way for users to request that their data be deleted?

YES.

(Users can delete their account/data via the app settings or by deleting the app, which removes local data. Drive data can be deleted by the user directly from their Google Drive).

2. Detailed Data Type Breakdown

A. Location

Data Type:
Precise Location
Collection:
Yes
Sharing:
No (Processed locally)
Purpose:
App Functionality (Location-based Reminders)
User Choice:
Yes (Permission-based)

B. Personal Info

Data Type:
User IDs (Google Account Email/ID)
Collection:
Yes
Sharing:
Yes (Shared with Google Drive API for authentication)
Purpose:
App Functionality (Cloud Sync)
User Choice:
Yes (Optional sign-in)

C. Photos and Videos

Data Type:
Photos, Videos
Collection:
Yes
Sharing:
No (Unless user actively shares/exports)
Purpose:
App Functionality (Note attachments)

D. Audio Files

Data Type:
Voice or Sound Recordings
Collection:
Yes
Sharing:
No
Purpose:
App Functionality (Voice Notes)

E. Files and Docs

Data Type:
Files and Docs
Collection:
Yes
Sharing:
No
Purpose:
App Functionality (Note attachments/Backups)

F. App Activity

Data Type:
App Interactions, Crash Logs
Collection:
Yes
Sharing:
Yes (Firebase Crashlytics, Google Analytics)
Purpose:
Analytics, Fraud Prevention, Security

G. Device or Other IDs

Data Type:
Device or other IDs (Advertising ID)
Collection:
Yes
Sharing:
Yes (Google AdMob)
Purpose:
Advertising or Marketing (Displaying Ads)

3. Prominent Disclosure & Consent (In-App Requirements)

Google Play Policy Requirement: If your app collects sensitive data (Location, Drive Access), you must show a meaningful disclosure IN THE APP before requesting the permission.

3.1 Location Permission Disclosure (Example Text)

"Notey needs access to your location to enable 'Location-based Reminders'."

  • Why: This feature allows Notey to remind you of tasks when you arrive at specific places (e.g., 'Buy milk' at the grocery store).
  • Privacy: Your location data is processed locally on your device and is never sent to our servers or shared with third parties.
  • Control: You can grant this permission securely via the Android system dialog or deny it if you don't use this feature.

3.2 Google Drive Access Disclosure (Example Text)

"Connect Google Drive for Backup & Sync"

  • Why: To safely backup your notes and synchronize them across your devices.
  • Scope: Notey only accesses its own dedicated App Data folder. It cannot see or modify your other personal files in Drive.
  • Privacy: Your data is encrypted during transfer and storage. We do not have access to your Drive files.

4. Google Drive "Limited Use" Policy Compliance

Notey's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements:

  • Usage: We only use the Drive API to write/read backups created by the app.
  • No Transfer: We do not transfer this data to others unless necessary for the app's core functionality (Sync) or legal compliance.
  • No Advertising: We strictly DO NOT use Google Drive data for advertising purposes.
  • No Human Interaction: Administrators do not read your Drive data.

5. Data Retention & Deletion Policy

Local DataRetained until the user deletes the note or uninstalls the app.
Cloud DataRetained in the user's Google Drive until the user manually deletes the backup file or disconnects the app.
Crash LogsRetained by Firebase for 90 days.

6. Security Procedures

Encryption

All database files (SQLite) are protected by Android's application sandbox.

Secure Transfer

JSON/Media files sync over encrypted SSL/TLS channels.

Vault

The "Vault" feature adds a second layer of encryption/biometric authentication.