Privacy Policy

1. Introduction

LESRA Future Apps (“we”, “us”, “our”) develops and operates the Scientific Calculator mobile application (the “App”). This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

This Privacy Policy also serves as our Data Policy and Data Safety Summary for Google Play Store compliance purposes.

By downloading, installing, or using the App, you agree to this Privacy Policy. If you do not agree, please uninstall the App and discontinue use.

2. Data Controller

Developer / Publisher: LESRA Future Apps
App Name: Scientific Calculator
Package Name: com.lesra.scientificcalculator
Developer Email: jdronquillo16@gmail.com
Contact / Privacy Inquiries: jdronquillo46@gmail.com

3. Information We Collect

3.1 Data Stored Locally on Your Device (Never Transmitted to Us)

The following data is stored exclusively on your device and is never uploaded to our servers:

Data	Purpose	Storage
Calculation history (last 20 entries)	Display recent calculations	SharedPreferences (local)
Pinned calculations	User-bookmarked results	SharedPreferences (local)
6-digit vault PIN (SHA-256 hash only)	Authenticate vault access	flutter_secure_storage (Android Keystore)
Decoy PIN hash (optional)	Secondary security layer	flutter_secure_storage (Android Keystore)
Biometric unlock preference	Enable/disable fingerprint/face unlock	flutter_secure_storage (local)
Auto-lock timeout setting	Auto-lock vault after inactivity	SharedPreferences (local)
Private vault photos	Hidden photo storage	App private directory (not accessible by gallery)
Private vault videos	Hidden video storage	App private directory (not accessible by gallery)
Private vault notes	Private text notes	App private directory (local)
Google account name, email, photo URL (if signed in)	Display account info; subscription management	SharedPreferences (local)
Subscription status	Determine ad-free access	SharedPreferences + Google Play (verified by Play)
App theme and UI preferences	User customization	SharedPreferences (local)

3.2 Data Collected by Third-Party Services

The App integrates with the following third-party services that may collect data under their own privacy policies. See Section 5 for full details.

• Google AdMob — may collect advertising identifier and device info to serve ads
• Firebase Analytics — collects anonymous usage events (see Section 5.3)
• Google Sign-In — accesses name, email, and profile photo if you choose to sign in
• Google Play Billing — processes subscription payments (we receive no payment details)

3.3 Data We Do NOT Collect

4. How We Use Your Data

• Calculator functionality: History and pinned results stored locally for display
• Vault authentication: Hashed PIN verified locally — no server call required
• Subscription enforcement: Subscription status checked via Google Play to disable ads
• Analytics: Anonymous event data used to understand feature usage and improve the App
• Ads: AdMob serves ads to non-subscribed users based on advertising preferences

5. Third-Party Services

5.1 Google AdMob

We display banner, interstitial, and rewarded video advertisements through Google AdMob. AdMob may collect your device’s advertising identifier (GAID) and other device signals to deliver targeted ads.

Ads are not shown to subscribed users.
To opt out of personalized ads: Google Settings → Ads → Opt out of Ads Personalization
AdMob Privacy Policy: https://policies.google.com/technologies/ads

5.2 Google Play Billing

Subscription payments ($2.00/month) are processed entirely by Google Play. We do not receive, store, or process any payment card or financial information. All billing is governed by Google’s terms.
Google Play Terms: https://play.google.com/about/play-terms/

5.3 Firebase Analytics (Google)

We use Firebase Analytics to track the following anonymous events:

Event	What It Records	Personal Data?
app_open	App launched	No
locker_open	Private vault accessed	No (no file content)
ad_impression	Ad displayed	No
subscribe_attempt	Subscribe button tapped	No
login	Google Sign-In completed	No (method only)

All analytics data is aggregated and anonymous. No vault contents, files, or personal identifiers are included.
Firebase Privacy Policy: https://firebase.google.com/support/privacy

5.4 Google Sign-In

Google Sign-In is optional. If you choose to sign in, we receive your Google account name, email address, and profile photo URL. This information is stored locally on your device only and is used solely to display your account details and associate your Google Play subscription.

We do not upload your Google account data to our servers.
Google Privacy Policy: https://policies.google.com/privacy

6. Private Vault — How Your Files Are Protected

• Storage location: getApplicationDocumentsDirectory()/locker/ — only accessible by this App
• Gallery/file manager exclusion: A .nomedia file is placed in all vault sub-directories, preventing Android’s MediaStore from indexing vault files
• PIN security: Your 6-digit PIN is hashed with SHA-256 and stored in Android Keystore via flutter_secure_storage — the raw PIN is never stored anywhere
• Biometrics: Fingerprint and face recognition are processed entirely by the Android BiometricPrompt API — we receive only a pass/fail result, never biometric data
• Decoy PIN: A secondary PIN can show an empty vault — real files remain unaffected
• Auto-lock: Vault automatically locks after a configurable inactivity timeout

7. Data Storage & Retention

7.1 On-Device Data

All data described in Section 3.1 remains on your device for as long as the App is installed. Uninstalling the App will delete all locally stored data, including vault files.

7.2 Firebase Analytics

Anonymous analytics events are retained by Firebase for up to 14 months by default, per Google’s retention policy. No personal data is included in these events.

7.3 Google Sign-In Session

Cached Google account name, email, and photo are stored locally and are deleted when you sign out within the App or uninstall the App.

7.4 Data Deletion

To delete your data:

1. Vault files: Open the App → vault → delete files individually, or uninstall the App to delete all vault data
2. Google account / analytics data: Email us at jdronquillo46@gmail.com with subject “Data Deletion Request” — we will respond within 30 days

8. Device Permissions

Permission	Why It Is Used
READ_MEDIA_IMAGES / READ_MEDIA_VIDEO	Import photos and videos from device gallery into the private vault
READ_EXTERNAL_STORAGE / WRITE_EXTERNAL_STORAGE	Import files on older Android versions (API < 33)
CAMERA	Capture a photo directly into the vault from within the App
USE_BIOMETRIC / USE_FINGERPRINT	Optional fingerprint or face unlock for the private vault
INTERNET	Display ads (AdMob), Firebase Analytics, Google Sign-In, and Play Billing

The App does not request location, contacts, microphone, or SMS permissions. Storage permissions are used only to import files you select — the App does not scan or upload your device storage.

9. Data Security

• 🔒 Android Keystore encryption — PIN hash stored using hardware-backed key storage
• 🔒 App private directory — vault files inaccessible to other apps or system media scanners
• 🔒 Code obfuscation — App compiled with --obfuscate and ProGuard to prevent reverse engineering
• 🔒 TLS/SSL encryption — all network traffic (AdMob, Firebase, Google Sign-In) is encrypted in transit

10. GDPR Compliance (EU Users)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

• Right to Access: Request a summary of any data we hold about you
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your data (“right to be forgotten”)
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to data processing for direct marketing
• Right to Withdraw Consent: Withdraw consent for ad personalization at any time

To exercise any of these rights, contact us at: jdronquillo46@gmail.com
We will respond within 30 days.

11. Children’s Privacy (COPPA)

The App is rated Teen (13+) on Google Play. The private vault feature is intended for adult personal use.

• We do not knowingly collect personal information from children under the age of 13
• If you are a parent or guardian and believe your child under 13 has used this App, please contact us immediately at jdronquillo46@gmail.com
• We will delete any data associated with a child under 13 promptly upon notification

12. Google Play Data Safety Disclosure

The following summarizes our Data Safety form responses for Google Play:

Category	Collected?	Shared?	Purpose
Name, Email (Google Sign-In)	Optional	No (local only)	Account display, subscription
App interactions / usage data	Yes (anonymous)	Firebase (Google) — anonymized	Analytics, app improvement
Advertising ID	By AdMob SDK	Google AdMob	Ad delivery
Photos / Videos / Notes	On-device only	Never	Private vault storage
Payment info	No (Google Play handles)	No	Subscription processing by Google
Location	No	No	N/A
Contacts / SMS / Calls	No	No	N/A
Biometric data	No (Android OS handles)	No	Vault biometric unlock (OS-level)

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via an in-app notification or an updated “Last Updated” date at the top of this page. Continued use of the App after changes constitutes acceptance of the revised policy.

We encourage you to review this Privacy Policy periodically.

14. Contact Us

For privacy questions, data requests, or concerns, contact us:

LESRA Future Apps
📧 Privacy / Support Email: jdronquillo46@gmail.com
We aim to respond within 3–5 business days.