Privacy Policy

ProofPass is a privacy-first proof vault — designed from day one to keep your personal purchase records, warranties, and receipts exactly where they belong: under your control. We believe a useful app doesn't have to harvest your data, and we've built our entire infrastructure around that principle.

This Privacy Policy explains what information we collect (and what we never touch), how we use it, how we protect it, and the controls you have over it. We've written this in plain English on purpose — no legalese, no hidden clauses.

Local Mode users: If you use ProofPass without signing in, no data ever leaves your device. Your vault is stored locally on your phone, encrypted at rest. We have no visibility into it — ever.

Cloud Sync users (Pro): If you choose to back up and sync across devices, your vault data is end-to-end encrypted on your device before it's ever transmitted. This means even we cannot read what's in your vault. The keys live only on your device.

By using ProofPass, you agree to the practices described in this policy. If you have any questions or concerns, reach out to us at [email protected] — we're real people and we'll respond.

We operate on a strict minimum-data philosophy. Here's exactly what we collect depending on how you use the app — and nothing more.

If you create a ProofPass account (required for Pro cloud sync), we collect:

• ✉ Email address — used solely for authentication. We use it to identify your account and, if you opt in, to send you important product notifications.
• 👤 Display name — pulled from your Google profile or entered during sign-up. Used to personalize your in-app experience. Never shared externally.

If you subscribe to ProofPass Pro and enable cloud backup:

• ☁ Encrypted vault data — your vault is fully encrypted on-device using AES-256 before being uploaded to Firebase Firestore. The ciphertext is what's stored in the cloud. We cannot decrypt it. Only your device holds the keys.

If you choose to use the Gmail Import feature to automatically find purchase confirmation emails:

• 📧 We request read-only access to your Gmail inbox, scoped to find purchase-related emails. We scan for receipt patterns, extract the relevant data (merchant, amount, date), and store only the extracted receipt data in your local vault. We do not store your email content, and we do not retain Gmail access tokens beyond your active session.

• 🔔 If you submit your email address through our "Get Notified" form on our website, we store it solely to send you a one-time launch notification. You can opt out at any time by emailing us.

We use the data we collect for a small number of specific, clearly defined purposes. We don't use your data for advertising targeting, behavioral profiling, or anything you haven't consented to.

• 🔑 Authentication — Your email and display name are used to verify your identity when you sign in and to maintain your account session across devices.
• 🔄 Cross-device sync (Pro) — Your encrypted vault data is synced across your devices via Firebase Firestore. The sync process is entirely end-to-end encrypted; we transmit and store ciphertext only.
• 🔔 Warranty, return & recall notifications — ProofPass monitors warranty expiry dates and matches your product catalog against CPSC (Consumer Product Safety Commission) recall data. Notifications are delivered entirely via your device's local notification system — no data leaves your device for this purpose.
• 📣 Launch notifications (opt-in) — If you submitted your email to be notified at launch, we'll send you one notification when the app goes live. That's it.

Security isn't a checkbox — it's the foundation of how ProofPass is built. Here's exactly what we do to protect your data at every layer.

• 📱 Your local vault is stored in a Hive database with AES-256 encryption at rest. This means even if someone gained physical access to your device storage, they couldn't read your data without the encryption key.
• 🔏 Your PIN and biometric credentials are stored in Flutter Secure Storage, which uses your device's native keychain (iOS Keychain / Android Keystore). This data is hardware-backed and is never transmitted over the network — not even to us.

• ☁️ Vault data is end-to-end encrypted before it leaves your device. We use AES-256-GCM with keys derived from your account credentials. The ciphertext is stored in Firebase Firestore — only you can decrypt it.
• 🏗️ Firebase Firestore provides server-side encryption at rest as an additional layer, along with TLS 1.3 encryption in transit. Both layers are active simultaneously.

• 🛡️ Authentication is handled entirely by Google Firebase Authentication, which implements industry-standard OAuth 2.0 and OpenID Connect. We never receive or store your passwords — they're managed exclusively by Google's identity infrastructure.

While no system is 100% impenetrable, we've taken care to ensure that even in a worst-case breach scenario, your vault data would remain unreadable ciphertext. The encryption keys live on your device — not on our servers.

ProofPass integrates with a small set of trusted third-party services to deliver its features. Here's exactly who they are, what they receive, and why.

We periodically review our third-party integrations and will update this section if the list changes. We do not integrate any data broker, social media tracking, or advertising attribution services.

You're in charge. ProofPass is designed so that the most important privacy controls are built directly into the app — no emails to us required for most actions.

If you're in the EU, UK, or California, you also have formal rights under GDPR, UK GDPR, or CCPA respectively — including the right to access, correct, or object to processing of your personal data. Contact us at [email protected] and we'll respond within 30 days.

ProofPass is not directed at children under the age of 13, and we do not knowingly collect personal information from anyone under 13. The app is designed for adults managing their household purchases, warranties, and consumer records.

If you're a parent or guardian and you believe your child has provided us with personal information, please contact us immediately at [email protected]. We will promptly delete any such data from our systems and deactivate the associated account.

We comply with the Children's Online Privacy Protection Act (COPPA) and take our obligations seriously. If we ever discover that a user is under 13, we will immediately remove their data without waiting for a request.

We may update this Privacy Policy from time to time — for example, when we add new features, change our infrastructure, or when laws and regulations require it. We'll always be transparent about what's changed and when.

When we make a meaningful update — anything that affects how your data is collected, used, or shared — we will:

• 📱 Display a clear in-app notice the next time you open ProofPass, summarizing what changed and linking to the full updated policy.
• 📅 Update the "Last Updated" date at the top of this page so you can always tell when the policy was last revised.

For minor changes — like fixing a typo, clarifying wording, or adding a new third-party service that doesn't change data handling — we'll update the page and the date without an in-app notice.

Your continued use of ProofPass after a policy update constitutes your acceptance of the revised policy. If you disagree with any changes, you can delete your account and data using the controls described in Section 6 before the changes take effect.

Privacy questions deserve real answers — not automated replies. If you have any questions about this Privacy Policy, want to exercise your data rights, or just want to understand something better, get in touch with us directly.

We aim to respond to all privacy-related inquiries within 5 business days. For formal data subject access requests (GDPR, CCPA), we respond within 30 days as required by law.

ProofPass is developed and operated by Bela Apps. All data practices described in this policy are maintained by the Bela Apps team.