1. Developer Identity and Scope

Developer/publisher entity: Scinecis. This policy covers user data accessed, collected, used, stored, and shared through Core Launcher on Android phones and tablets.

This page is the official app privacy policy used for Google Play listing disclosure. In-app disclosures and permission prompts provide additional context when required by policy.

2. Data Categories We Process

Depending on enabled features and permission choices, Core may process:

• Installed app inventory/package names for launcher discovery, search, categorization, and app actions.
• Contacts data, including contact display names, phone numbers, starred/favorite state, and contact photos, for contact search and favorite contacts in Quick Tiles (when granted).
• Phone numbers from selected contacts are passed to messaging apps (WhatsApp, WhatsApp Business, the device's default SMS app, or the dialer) when you tap a call/message/WhatsApp action on a contact tile. The phone number is included in the deep link used to open the chosen app and is not stored or transmitted by Core Launcher to its own servers.
• Calendar event metadata for today/upcoming events in Quick Tiles (when granted).
• Notification listener metadata (per-package unread counts only) used for app icon badge counts when explicitly enabled by user. Notification message content, sender, or body text is never read, stored, transmitted, or shared.
• Wallpaper color metadata from Android's wallpaper color APIs for local appearance adjustments such as automatic status bar and drawer text color.
• User-provided weather city/location text and cached geocode coordinates for weather cards.
• Technical diagnostics/performance metadata generated by SDKs (for example crash traces, coarse event context, and app performance signals) when telemetry consent is enabled.
• App interaction telemetry fields generated by in-app analytics logging (for example action names, screen names, and selected non-sensitive technical event parameters) when telemetry consent is enabled.

Core does not intentionally collect SMS content, call logs, microphone audio, camera captures, payment card data, or government identifiers.

3. Why We Process Data

• Provide launcher core functionality expected by users (app list, app search, categories, widgets, gestures).
• Run optional user-requested features (contacts, calendar, weather, notification badges, hidden apps, widgets, and internet speed overlay).
• Support contact photos, starred contact behavior, wallpaper-based appearance tuning, and user-initiated backup/restore flows.
• Maintain reliability and quality (crash diagnosis, performance monitoring, feature tuning) when telemetry consent is enabled.
• Apply remote configuration for compatible app behavior and controlled rollouts when telemetry consent is enabled.

4. Data Stored on Device

Core stores launcher settings locally on device, including preferences and local database entries such as app organization states, shortcuts, selected contacts, categories, widget layout data, weather settings, and feature toggles.

Android cloud backup and device-transfer backup are configured to exclude the main launcher preferences file and local launcher databases. Manual backup export/import is separate and user-controlled.

If you choose to export a backup file, that file can contain launcher preferences and local app data such as settings, app organization, shortcuts, categories, and stored contact entries used by launcher features. Exported files remain where you save them until you delete them.

5. Third-Party SDK and Service Transparency

Core may use the following third-party services. Data processed by these providers is limited to service operation and policy-compliant purposes.

• Firebase Analytics: product usage/engagement metrics when telemetry consent is enabled.
• Firebase Crashlytics: crash diagnostics and stability signals in release builds.
• Firebase Performance Monitoring: app performance and latency telemetry when telemetry consent is enabled.
• Firebase Remote Config: remotely delivered configuration values when telemetry consent is enabled.
• Firebase Installations / Sessions (transitive Firebase components): app instance/session support for Firebase services.
• Open-Meteo APIs: geocoding and weather response data based on user weather setup.

Core's telemetry setting is user-controllable in app settings. Firebase Analytics, Performance Monitoring, and Remote Config follow that telemetry setting; Crashlytics is enabled in release builds for crash diagnostics and stability.

Current source manifest rules remove Google advertising identifier and AdServices attribution permissions from the app package. Release declarations should still be rechecked before every submission because merged manifests can change when dependencies change.

Third-party policy links:

Firebase: Privacy
Open-Meteo: Privacy Policy

Core also uses Firebase Installations/session support that can create service-side app instance identifiers needed for Firebase operations when telemetry features are enabled.

We require third-party providers used by Core to handle data in line with Google Play policy requirements. We do not permit sale of personal and sensitive user data from Core through SDK integrations.

6. Permissions and Feature Mapping

• QUERY_ALL_PACKAGES / package visibility: launcher app discovery, search, and app management features.
• READ_CONTACTS: contact search, Quick Tile favorites, contact photos, and starred contact behavior. Core needs contact database access to keep these launcher surfaces current; one-time contact selection does not provide the complete starred/favorite state and photo-backed contact list needed for this feature.
• READ_CALENDAR: upcoming event display and countdown.
• CALL_PHONE: direct call action when initiated by the user.
• USE_BIOMETRIC: optional biometric confirmation for the hidden-apps passcode flow.
• Notification Listener access: app icon notification badges only. Core counts unread notifications per package to render the badge; notification message content, sender, and body are not read, stored, transmitted, or shared.
• SYSTEM_ALERT_WINDOW: optional internet speed overlay.
• INTERNET: weather data and service communication.
• REQUEST_DELETE_PACKAGES: user-initiated uninstall actions from app option menus.
• SDK-declared network/power permissions (for example ACCESS_NETWORK_STATE, WAKE_LOCK, install referrer service binding): SDK/runtime transport and service support.

If a permission is denied or revoked, related features may be unavailable or reduced. For example, contact photos and starred contact shortcuts may not appear without Contacts permission, and notification badges may not appear without Notification Listener access.

Core requests runtime permissions where applicable and should show in-app disclosure/consent where required by Google Play policy.

7. Data Sharing and Sale

We do not sell personal and sensitive user data.

Data is shared only with service providers necessary to deliver app functionality (for example analytics/crash/performance configuration and weather response services), and only for disclosed purposes.

Installed app inventory, contact identifiers, widget/provider identifiers, weather location strings, calendar event identifiers, and similar sensitive values are filtered out of the app's telemetry payloads before analytics/crash logging. Weather city/location text and geocode coordinates are sent to Open-Meteo when you use the weather feature because that service requires location input to return weather results.

When you tap the WhatsApp or WhatsApp Business action on a contact in Quick Tiles, the selected contact's phone number is passed to WhatsApp via a deep link (https://api.whatsapp.com/send?phone=…) so WhatsApp can open a chat with that contact. This share happens only at the moment you tap the action, only with the contact you selected, and only with WhatsApp. Core Launcher does not store or transmit phone numbers to its own servers, and phone numbers are not included in analytics, crash, or performance telemetry. The Call and Message actions use on-device intents (tel: and smsto:) and do not transmit data to Core Launcher's servers.

Wallpaper appearance metadata used for local appearance adjustment stays on device and is not shared with analytics or advertising providers for that feature purpose.

Contact photos, contact starred/favorite state, and wallpaper-derived color analysis are used for local launcher functionality and are not sold or shared for advertising.

Installed app inventory and other sensitive data are not shared for advertising or analytics monetization purposes.

8. Retention and Deletion

• Local data remains on your device until you remove it, clear app data, or uninstall Core.
• Exported backup files persist where saved until you delete them.
• Android cloud backup/device transfer excludes the main launcher preferences file and launcher databases under the current app backup configuration.
• Third-party provider retention is governed by their own policies and contractual controls.

Core currently does not require user account creation. If account features are introduced in the future, this policy and deletion flows will be updated to meet Google Play account deletion requirements.

9. Security

We apply reasonable administrative, technical, and organizational safeguards to protect data. Data in transit should use modern encrypted transport (for example HTTPS/TLS) where applicable.

No internet or storage system can be guaranteed to be 100% secure, but we continuously work to reduce risk.

10. International Processing

Service providers may process data in countries outside your own jurisdiction. Where required, we rely on contractual and legal safeguards provided by those processors and applicable law.

11. Your Choices and Controls

• Grant, deny, or revoke runtime permissions (Contacts, Calendar, Phone) at any time from Android Settings → Apps → Core → Permissions.
• Revoke Notification Listener access from Android Settings → Apps → Special app access → Notification access.
• Revoke Display-over-other-apps (overlay) access from Android Settings → Apps → Special app access → Display over other apps.
• Disable optional features inside app settings.
• Telemetry collection is optional and can be disabled from Core settings.
• Clear app data or uninstall the app to remove local data.
• Contact us to submit privacy inquiries or deletion requests tied to data we control.

Some launcher features rely on ongoing permission access. If you prefer not to grant Contacts access, you can still use the launcher, but contact-photo and starred-contact features may be limited.

12. Children's Privacy

Core is not directed to children under 13. If you believe a child has provided personal data through the app, contact us and we will take appropriate steps.

13. Google Play Data Safety and Declarations

Your Google Play Data Safety form, high-risk permission declarations, and this privacy policy must remain consistent on every release.

• Update disclosures whenever SDKs, permissions, or data flows change.
• Ensure in-app privacy policy links and Play Console privacy policy URLs resolve directly to this page or its current canonical equivalent.
• Declare package visibility usage accurately and limit access to minimum necessary scope.
• Declare Contacts access as feature-required where applicable: Core uses Contacts for contact photos, search, Quick Tile favorites, and starred contact behavior.

14. Changes to This Policy

We may revise this policy over time. Updates are effective when posted on this page with a new "Last updated" date.

15. Contact

Privacy contact: priteshvishwakarma@gmail.com

Include this same contact path in Play Console so users and reviewers have a consistent privacy point of contact.