Your data.
Our promise to protect it.

01 · Introduction

Protectstar Inc. (“Protectstar,” “we,” “us,” or “our”) respects and protects your privacy. This Privacy Policy describes which personal data and sensitive user data our Android apps and related services process, the purposes for which they are processed, which service providers may be involved, how long data is retained, and what rights you have.

This Privacy Policy applies worldwide to the Android apps listed below and to related online features, including Protectstar AI Cloud, MY.PROTECTSTAR, in-app purchases, push notifications, support, and security updates.

By using our services, you acknowledge this Privacy Policy. Where the processing of personal or sensitive data requires consent or a specific in-app disclosure, we obtain that consent separately, explicitly, and before the relevant processing takes place.

You can find a compact overview at Your Privacy. You can find the technical and Google Play-specific detailed disclosure at Data Disclosure for Protectstar Android Apps. For Firewall AI and DNS Changer, there is also the VPNService Disclosure.

02 · Which apps does this Privacy Policy cover?

This Privacy Policy applies to the following Protectstar Android apps:

• Anti Spy Android
• Antivirus AI Android
• Camera Guard Android
• DNS Changer Android
• Firewall AI Android
• Micro Guard Android
• iShredder Android

iShredder Android transmits personal data to Protectstar only when you use optional online features, particularly MY.PROTECTSTAR, license/purchase verification, in-app purchases, or support features. Secure deletion of files, folders, or contacts takes place locally on your device; the contents of deleted files or contacts are not transmitted to Protectstar.

03 · Legal bases for processing

Depending on the feature and jurisdiction, we process personal data on one or more of the following bases:

• Performance of a contract or steps before entering into a contract, when data is required to provide an app feature, a MY.PROTECTSTAR account, a license, a purchase, a subscription, or support service.
• Consent, when a feature requires it, especially for cloud analyses that require consent, sensitive Android permissions, optional online features, or certain notification settings.
• Legitimate interest, in security, abuse prevention, integrity, fraud prevention, stability, error reduction, and protection of our infrastructure, provided your rights and interests do not override those interests.
• Legal obligations, for example, tax, accounting, security, compliance, or recordkeeping obligations.

You can withdraw consent you have given at any time with effect for the future. Withdrawal may cause certain security or online features to be limited or no longer available.

04 · What categories of data do we process?

We process only data that is required for security, feature delivery, licensing, purchases, notifications, or support.

Hash values themselves do not contain file contents. However, accompanying data such as package name, file path/name, device model, or installation identifiers may, depending on the context, create pseudonymous links to a device. For that reason, we treat them as protected data and disclose them transparently.

05 · App-specific processing

06 · Android permissions and in-app disclosure

Some apps require sensitive Android permissions so their core functionality can work. Before activating features or sensitive permissions that require consent, we display a clear in-app disclosure explaining the data category, purpose, processing, and necessary recipients.

For optional secure deletion of contacts in iShredder, the Android Contact Picker is not sufficient because iShredder must locally delete selected contacts or — where technically possible — overwrite them with placeholder values before deletion and perform the deletion in a verifiable way. Contact permissions are used exclusively for this local feature; contacts are not transmitted to Protectstar.

Closing the disclosure, navigating away, pressing the Back or Home button, remaining inactive, or an automatically disappearing notice does not constitute consent. If you do not consent, we do not transmit security analysis data to the Protectstar AI Cloud and do not transmit MY.PROTECTSTAR account data for that feature. Technically necessary processing by Google Play, Firebase Cloud Messaging, OpenStreetMap, or other features you actively use is described separately.

07 · Firebase Cloud Messaging

We use Firebase Cloud Messaging (FCM) exclusively for the technical delivery of push notifications and for managing topic subscriptions, such as security alerts, update notices, or important app messages.

Technical identifiers and metadata may be processed in this context, in particular FCM token or Firebase installation identifier, app version, Firebase User-Agent, OS version, model, brand, form factor, and installation source.

We do not use Firebase Cloud Messaging for advertising, profiling, app activity tracking, or behavioral analysis. Firebase Analytics and Firebase Crashlytics are not enabled or included in the Android apps named above unless expressly stated otherwise in the respective app.

You can disable push notifications at any time in your device’s system settings.

08 · In-app purchases, subscriptions, and MY.PROTECTSTAR

In-app purchases and subscriptions

Some apps offer paid features, subscriptions, or one-time purchases via Google Play Billing. Purchase history, product SKU, subscription status, and technical purchase references may be processed so we can unlock features, verify purchases, prevent fraud, and satisfy legal recordkeeping requirements. You can manage or cancel subscriptions through Google Play.

Our apps do not display third-party advertising and are not monetized through the sale of data or advertising profiles.

MY.PROTECTSTAR account

Use of a MY.PROTECTSTAR account is optional. Apps with account integration may process data via https://my-api.protectstar.com.

• User data: UserId, email address, first name, last name, and authentication data. If you use a password, we do not store the plain-text password, only a salted cryptographic verification value.
• Device data: User-defined device name, manufacturer, model, device design name, board, and hardware specifications.
• Product and license data: Product SKU, app package name, activation ID, and activation key.

09 · Service providers, recipients, and sharing

We do not sell personal data and do not share it for advertising, tracking, profiling, or monetization purposes.

Processing by service providers or technical recipients takes place only where technically required or based on your use of a feature:

• Google / Firebase — technical delivery of push notifications via Firebase Cloud Messaging.
• Google Play Billing — processing of in-app purchases and subscriptions through your Google Play account.
• bunny.net CDN — fast and secure delivery of downloads, update files, or malware signatures, in particular for Anti Spy and Antivirus AI, where these are retrieved through our CDN. Necessary connection and security data may be processed, for example IP address (anonymized in logs), time, requested path/URL, HTTP headers including User-Agent, country/region, and amount of data transferred. No advertising, no tracking, no profiling. Searchable CDN logs are currently retained for 3 days; permanent log storage/forwarding is disabled.
• OpenStreetMap / OpenStreetMap Foundation — map tiles when you use the WhoIs map view in Firewall AI or DNS Changer.
• Hosting/cloud providers — operation of api.protectstar.com and my-api.protectstar.com on ISO 27001-certified servers in Germany.
• Support and communication services — (email and ticket systems, where used) — only to the extent required to handle your support, privacy, or account request.

All service providers are limited to the relevant purpose. Where they act as processors or service providers, appropriate contractual obligations are in place.

10 · Data retention, deletion, and account deletion

We do not retain personal data longer than necessary for the respective purpose.

Delete MY.PROTECTSTAR account

If you have created a MY.PROTECTSTAR account, you may request deletion of your account and the associated data at any time:

• In the app: Settings → Account → Delete Account
• Online: my.protectstar.com/app/settings/my-profile
• By email:

If we must temporarily retain certain data for legitimate reasons such as legal retention, security, fraud prevention, or billing records, we will transparently inform you about the purpose and duration.

11 · How we protect your data

We protect personal data and sensitive user data through appropriate technical and organizational measures. These include, in particular:

• Transmission via HTTPS/TLS with modern cipher suites,
• encryption of data at rest where technically applicable,
• access restrictions based on need-to-know and least-privilege principles,
• logging of administrative access,
• system hardening, patch management, firewalls, and monitoring,
• backups and recovery tests,
• incident response processes and statutory notification obligations,
• regular security and privacy training.

Our cloud infrastructure for security analyses runs on ISO 27001-certified servers in Germany.

12 · International data transfers

Protectstar Inc. is headquartered in the United States and offers its apps worldwide. Our app cloud servers for security analyses are located in Germany. Depending on the feature, service provider, support case, or global delivery, personal data may be transferred to or processed in other jurisdictions.

For international transfers, we use appropriate safeguards, in particular contractual privacy agreements, Standard Contractual Clauses, technical safeguards, and data minimization. For users in the European Economic Area, Switzerland, and the United Kingdom, we comply with the applicable requirements for international data transfers.

13 · Your privacy rights

Depending on your jurisdiction, you have rights with respect to your personal data. These include in particular:

• access to information about the processing of your data,
• correction of inaccurate data,
• deletion of your data,
• restriction of processing,
• objection to certain processing activities,
• data portability,
• withdrawal of consent with effect for the future,
• complaint to a competent data protection supervisory authority.

For users in California and other U.S. states, additional rights to know/access, correct, delete, and opt out of sale, “sharing,” or targeted advertising may apply. We do not sell personal data and do not share it for cross-context behavioral advertising.

To exercise your rights, contact us at . We may verify your identity before processing a request.

14 · Children, special categories, and automated decisions

Children

Our apps are not directed to children under 13 years of age or, where local law provides otherwise, under 16 years of age. We do not knowingly collect personal data from children. If you believe that a child has provided personal data to us, please contact us at so we can delete the information.

Special categories

We do not request special categories of personal data, such as health, religion, political opinions, sexual orientation, or comparable sensitive categories, through our apps and do not want to receive such data.

Automated decisions

We do not make automated decisions that have legal or similarly significant effects on you. Security assessments are used solely to detect and defend against malware, spyware, or other digital threats.

15 · Alignment with Google Play, Data Safety, and in-app disclosures

We align this Privacy Policy, our Data Disclosure for Apps, the in-app disclosures, Play Console Data Safety statements, active app versions, SDKs, permissions, and actual data flows for each package name.

If data processing, SDKs, permissions, purposes, recipients, or retention periods change, we update this Privacy Policy, the app disclosure, and the Google Play information. Where required by law or by Google Play, we obtain renewed explicit consent before new data processing takes place.

16 · Changes and contact

Changes

We may update this Privacy Policy to reflect changes to our apps, technologies, service providers, legal requirements, or data processing. We may communicate material changes via a website notice, email to the address linked to your account, and/or an in-app notice.

Changes apply from the stated update date. Continued use does not replace separate consent where a new processing activity requires explicit consent by law or by Google Play.

Contact

If you have questions about this Privacy Policy or our data practices, please contact us at:

Protectstar Inc.
4281 Express Lane, Suite L3604
Sarasota, FL 34249, USA
Email: