Privacy Policy

1. Introduction

ButterPass ("App," "we," "us," or "our") is developed and operated by William Termini (ABN 47 283 458 067). This Privacy Policy explains what data we collect, how we use it, and your choices regarding your information. This policy applies to all users of ButterPass on Android.

2. What We Don't Collect

No Cloud Storage: We do not store, sync, or transmit your card data to any cloud servers.

No User Accounts: No sign-in or personal contact info (email/phone) is required.

No Tracking: We do not track your location or profile your card usage habits.

No Personal Information: We do not collect your name, address, or age.

3. What Data Is Processed

A. Card Data (Local Only)

Any card information you enter, scan, or import (names, barcodes, QR codes, images) is stored exclusively on your device. This data is never sent to our servers or any third party.

B. Technical Data (Third-Party)

While we do not host a server to collect your data, the following services process technical identifiers:

• Crash Reports (Optional): Provided by Google Play. These are anonymized and help us fix bugs.
• Performance Data: Standard Android tools to monitor app stability.
• Ad Identifiers: If ads are enabled, Google AdMob uses your device's Advertising ID to serve ads. We do not store this ID or link it to your cards.
• Purchase History: Processed by Google Play Billing to manage Premium and restore purchases. We do not receive your card numbers.

4. How We Use Your Data

We process data locally to provide:

• Display & Management: Showing, editing, and customizing your cards
• Barcode Scanning: Processing images via your camera (on-device only)
• Image Processing: Allowing you to crop and customize card images locally

5. Permissions

ButterPass uses Android's Scoped Storage model. We can only access files you explicitly grant permission to, and our app data is sandboxed from other apps.

6. Advertising & Consent

Ads & Premium: We show banner ads powered by Google Mobile Ads unless you purchase Premium.

Consent (GDPR/CCPA): In regulated regions, we use a required consent flow. If you refuse consent, ads will be non-personalized.

Opt-Out Rights: Your right to opt out of personalized tracking applies in jurisdictions like the EU (GDPR) and California (CCPA/CPRA). In other regions, ads may be displayed based on Google's default settings. You can adjust ad personalization in Android system settings.

7. Third-Party Services

Google Mobile Ads: Uses your Advertising ID. We do not link this to your identity.

Google and its partners may use cookies or similar technologies (such as the Advertising ID) to serve ads based on your visits to this or other apps.

ML Kit: Used for barcode scanning. Processing happens locally; Google may collect anonymized telemetry for performance monitoring.

UCrop: Open-source library for local image cropping.

8. Data Retention & Deletion

Your Control: You can delete individual cards or the entire database within the app at any time.

Uninstalling: Uninstalling ButterPass deletes all card data from your device storage. If you manually exported a backup file (e.g., to Google Drive or SD card), that file remains under your control and must be deleted manually.

9. Your Privacy Rights

Data Controller Status: Under privacy laws like the GDPR, William Termini is the Data Controller for the App. Because your card data is stored exclusively on your device, we have no technical access to it.

Right to Access/Delete: You exercise these rights yourself by viewing or deleting cards within the app. We cannot fulfill "Right to Access" requests via email because we do not possess your data.

Right to Portability: You can export or share your cards through the App's built-in sharing features.

10. Children's Privacy

ButterPass is not intended for children under 13. We do not knowingly collect any information from children. If you believe a child has provided us with information (e.g., via support email), please contact us for deletion.

11. Legal Necessity & Law Enforcement

Because ButterPass does not collect, store, or access your card data, we cannot provide user data to law enforcement, government bodies, or courts, even if legally compelled. We have no database of user information to subpoena.

12. International Users & Compliance

GDPR (EU/EEA): We follow data minimization. Since no personal data is transmitted to us, your "Right to be Forgotten" is exercised by you deleting the app.

CCPA/CPRA (California): We do not "sell" your personal information.

13. Changes to This Privacy Policy

We may update this policy to reflect changes in technology or law. Material changes will be communicated via the App. Continued use after changes constitutes acceptance.

14. Data Safety Disclosures (Google Play)

To support app store transparency, we disclose how each data category in Google's Data Safety form is handled:

• Approximate location: May be inferred by Google AdMob for ads/analytics. We do not store location ourselves.
• Purchase history: In-app purchases are processed by Google Play Billing; we receive purchase status/receipts (not card numbers) for app functionality.
• App interactions: Ad impressions/clicks may be collected by Google AdMob for ads/analytics. Card interactions remain on-device.
• Crash logs/diagnostics: May be collected by Google Play Services/Crashlytics for stability and analytics. We do not store this outside those services.
• Device or other IDs: Advertising ID may be used by Google AdMob for ads/analytics/fraud detection. We do not link this to your card data.

Summary of collection/sharing and purposes (as reflected in Google Play Data Safety):

All card data you add remains local to your device. We do not sell data, and no data is shared with third parties beyond the optional services noted above.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

We will respond to your inquiry within 30 days of receipt.