Privacy Policy
Last updated: May 2025 · Effective: May 2025
This Privacy Policy describes how DecodeHer ("we", "our", or "us") collects, uses, and protects your information when you use the DecodeHer Android application. Please read it carefully.
1. Who We Are
DecodeHer is an Android application that uses AI to help users understand communication patterns. The app is operated by Raghul Babu. For privacy-related inquiries, contact us at contact@pvfreund.com.
2. Data We Collect
2.1 Account Data (via Firebase Authentication)
When you sign in with Google, we receive and store in Firebase:
- Your Google email address
- Your Google display name
- Your Google profile photo URL
- A unique Firebase User ID (UID) assigned to your account
This data is used solely to identify your account and associate it with your subscription tier.
2.2 Subscription & Usage Data (via Firestore)
We store the following in Google Firestore, keyed to your Firebase UID:
- Your current subscription tier (free, plus, or pro)
- Your daily decode count (resets at midnight UTC)
This data is used to enforce tier limits and is updated in real time when you purchase or cancel a subscription.
2.3 Subscription & Payment Data (via RevenueCat)
In-app purchases are processed by Google Play Billing. Subscription state is managed by RevenueCat. RevenueCat may collect:
- Your Firebase UID (used as their app user ID)
- Purchase receipts and transaction IDs from Google Play
- Subscription status, renewal dates, and entitlements
We do not receive or store your payment card details. See RevenueCat's Privacy Policy for details.
2.4 Message Content (Transient — Not Stored)
When you decode a message, the following is sent to our backend API (hosted on Google Cloud Run) for AI processing:
- The message text you entered
- The relationship type you selected (e.g., girlfriend, new match)
- Optional context you provided (notes, age, culture)
- A window of recent conversation history for context
- Your AI-generated profile summary (if available)
This data is passed directly to the AI model and is not logged, stored, or retained by our backend. Our API is stateless — no conversation data touches a database on our servers.
2.5 Screenshots (OCR — Transient)
If you use the screenshot import feature, the image is sent to our backend and processed by Google Gemini to extract message text and contact names. The image and extracted text are not stored on our servers after processing.
2.6 Voice Notes (Transient — Plus/Pro only)
If you import a voice note, the audio file is sent to our backend and transcribed by Google Gemini. The audio and transcript are not stored on our servers after processing.
3. Data Stored on Your Device
The following data is stored in an SQLite database on your device only. We have no access to it, and it is never transmitted to our servers:
| Data Type | What's Stored |
|---|---|
| Profiles | Name, relationship type, age, culture, notes, avatar, AI-generated communication summary |
| Messages | Her messages, your messages, decoded translations, tone, watch-for warnings, reply suggestions, your ratings (👍/👎) |
| Ask Sessions | Questions you asked and AI answers (Plus/Pro feature) |
| Contact Mappings | App name + contact name linked to a profile (for auto-routing screenshot imports) |
Uninstalling the app permanently deletes all of this data from your device.
4. Third-Party Services & Data Sharing
We share data with the following third parties only to the extent necessary to operate the app:
| Service | Purpose | Data Shared | Their Policy |
|---|---|---|---|
| Firebase Auth (Google) | Sign-in | Google account info | Firebase Privacy |
| Firestore (Google) | Tier & usage tracking | UID, tier, decode count | Firebase Privacy |
| RevenueCat | Subscription management | UID, purchase receipts | RevenueCat Privacy |
| Anthropic (Claude AI) | Message decoding, Q&A, summaries | Message text, context (transient) | Anthropic Privacy |
| Google (Gemini) | Screenshot OCR, voice transcription | Image/audio files (transient) | Google Privacy |
| Google Cloud Run | API hosting | Request data (not logged) | GCP Privacy |
We do not sell, rent, or share your data with any third parties for advertising or marketing purposes.
5. Data We Do Not Collect
We do not collect or access:
- Your device contacts or phone book
- Your location
- Your camera or microphone directly (files are picked by you via system file picker)
- Any data from other apps on your device
- Crash reports or analytics (no third-party analytics SDK is integrated)
- Advertising identifiers
6. Data Security
- All data in transit between the app and our backend is encrypted using HTTPS/TLS.
- Firebase and Firestore access is protected by Firebase security rules and authenticated Firebase tokens.
- Our backend verifies your Firebase ID token on every request.
- Local SQLite data is protected by your device's operating system security.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Firebase account (email, name, UID) | Until you delete your account |
| Firestore tier & usage data | Until you delete your account |
| RevenueCat subscription records | Up to 90 days after cancellation (for billing disputes) |
| Message content sent to AI | Not retained — processed and discarded immediately |
| Local device data (SQLite) | Until you uninstall the app or use in-app delete |
8. Your Rights & Account Deletion
You have the right to:
- Access: Request a summary of what account data we hold about you.
- Delete: Request deletion of your Firebase account and associated Firestore data.
- Portability: Your local data (profiles, messages) is stored in SQLite on your device and is under your full control.
To delete your account, visit our Delete Account page or email us at contact@pvfreund.com. We will process deletion requests within 7 days.
9. Children's Privacy
DecodeHer is intended exclusively for users aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, contact us immediately at contact@pvfreund.com and we will delete the account.
10. Changes to This Policy
We may update this policy as the app evolves. When we make significant changes, we will update the "Last updated" date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.
11. Contact
For any privacy-related questions or requests, contact us at:
contact@pvfreund.com