Privacy Policy

Last updated: 21 May 2026 · Effective for SweepKeeper v1.0 and later.

The short version

SweepKeeper stores everything on your phone. We don't run a server, we don't have user accounts, and nothing about your hunts, finds, photos, locations, or usage ever leaves your device — not to us, not to advertisers, not to analytics services, not to anyone.

The rest of this page is the careful version of that statement, in the order Google Play's policy review wants it.

1. Contact

Questions about this policy or about the app's data handling: support@sweepkeeper.app.

2. What data we collect about you

None.

We do not operate a server that receives data from the app. We do not have user accounts. We do not embed analytics SDKs, crash reporters, advertising libraries, or any third-party telemetry. There is no log of who installed the app, when you opened it, or what you did inside.

3. What data the app handles on your device

The app stores the following only on your phone, in an encrypted SQLite database (SQLCipher) whose key is held in the Android Keystore:

• Hunts (start time, end time, duration, optional notes)
• GPS trail points recorded during an active hunt
• Finds (category, identification text, depth, photos)
• Permission records (land you've been granted access to)
• Equipment inventory you choose to enter
• Settings (units, theme, watermark initials)
• The encryption key wrapping the database, in the Keystore
• Local notification scheduling (e.g. permission expiry reminders)
• Your purchase status from Google Play Billing

All of the above lives in the app's private app-data directory, which Android only exposes to SweepKeeper itself. We have no copy of any of it.

4. Permissions and why

Android requires the app to ask for specific permissions for specific functions. Each one is used only as described and only when the named feature is active.

Location (foreground and background)

Used only while a hunt is active. Recording your GPS trail is the core feature of the app. We need background location so the trail stays accurate while your screen is off or another app is on top. Location data is written directly to the encrypted database on your phone and is not transmitted to us or anyone else. When no hunt is active, the app does not record location.

Camera and photo library

Used to attach photos to a find. Photos are stored in the app's private storage. Existing photos in your gallery are only read if you explicitly pick one through the system picker.

Foreground service / notifications

Required by Android 14+ for the persistent "hunt in progress" notification. The notification exists so you (and the Android OS) can see that location tracking is happening. Other notifications are local-only reminders (e.g. when a permission you entered is about to expire).

Internet

Used for two narrow purposes:

• Fetching map tiles from OpenStreetMap and (when configured) Google Maps to render the map view. Tile requests carry no SweepKeeper-specific identifier; they look like any other map request from any other app on your phone. We do not see these requests.
• In-app purchase verification through Google Play Billing. Google handles this entirely; we receive only a yes/no answer about whether you've unlocked Pro.

5. Third-party services

SweepKeeper uses three external services for unavoidable purposes:

• Google Play Billing for the one-time Pro purchase. Subject to Google's privacy policy .
• OpenStreetMap tile servers for the default offline-friendly map. Subject to OSM's privacy policy .
• Google Maps SDK (when an API key is configured) for the optional satellite view. Subject to Google's privacy policy linked above.

No analytics SDKs, no crash reporters, no advertising libraries, no social media SDKs are included in SweepKeeper.

6. Sharing your data

The only way data leaves your device is when you explicitly choose to share it through Android's system share sheet — for example, sending a KML export of your hunts to Google Earth, or attaching a CSV to an email. SweepKeeper never auto-shares anything.

Encrypted backups (.skbk files) you create through the Backup feature go wherever you choose to put them. They are encrypted with a key derived from the same Keystore-held secret; only an installation of SweepKeeper with access to that key can read them.

7. Children

SweepKeeper is not directed at children under 13. It is intended for adult hobbyists. The app does not knowingly collect personal information from anyone under 13 — because the app does not collect personal information from anyone, full stop.

8. Security

Local data is encrypted at rest with SQLCipher (AES-256 CBC). The encryption key is stored in the Android Keystore, which on modern devices is backed by hardware. Photos are stored in the app's private storage, accessible only to SweepKeeper.

The realistic threat the encryption defends against is loss of the unlocked device — a thief or a borrower cannot read your hunts without the device unlocked. It does not protect against forensic capture from an unlocked device with root access; if that's in your threat model, no consumer app does.

9. Your rights and choices

Because we don't hold any of your data, there is no data request, deletion, correction, or portability flow we could offer. Uninstalling SweepKeeper deletes all SweepKeeper data from your device immediately. Exporting your data to a file you own is supported through the app's Backup and Export features.

10. Changes to this policy

If we change anything material in this policy, a new "Last updated" date will appear at the top, and the in-app About screen will reference the updated policy. Substantive changes will be noted in the app release notes.