Privacy Policy for Protectstar Android Apps

Last Updated: March 31, 2025

• Introduction
• Which Protectstar Android Apps Collect Personal Data?
• Types of Data Collected
• Data Collection: Why, What, and How
• How We Handle Your Data
• Data Collection and Usage by Specific Apps
• Emphasis on Data Anonymization
• Firebase Messaging and Privacy
• In-App Purchases & Subscriptions
• Data Sharing and Use of SDKs
• Prominent Disclosure and User Consent
• Transparency and User Control Over Data
• Data Retention and Deletion
• Consistency with Play Store “Data Safety” Sections
• How We Protect Your Data
• Your Rights Regarding Personal Data
• Children’s Privacy
• International Data Transfers
• No Automated Decision-Making
• Changes to This Privacy Policy
• Contact Us

Introduction

At Protectstar Inc. (“Protectstar,” “we,” “us,” “our”), we respect and protect your privacy. Our primary goal is to safeguard you (“you,” “your”) in the digital world from unauthorized access, data theft, and other threats. This Privacy Policy explains which data we collect when you use our Android apps and related services, how we use that information, and the steps we take to protect your data.

We view privacy as a fundamental right closely tied to our security promise. Accordingly, in this Privacy Policy, we aim to clarify the following:

• Data Collection: Which data we collect and why it is necessary for our security features.
• Data Usage: How and for what purposes we process your data.
• Your Rights and Choices: How you can access, correct, or request deletion of your data.
• Contacting Us: How to reach us with any privacy-related questions or concerns.

This Privacy Policy applies to your use of our apps and services, including downloading, installing, or using them on an Android device. By using our services, you agree to the terms of this Privacy Policy, as well as our Terms of Use and End User License Agreement (EULA). As we continuously improve our products and processes, it may be necessary to update this Privacy Policy. We will notify you of any significant changes by email, through in-app notifications, or as otherwise required by law. We recommend checking this page regularly to stay informed about any updates.

This Privacy Policy applies worldwide to all users of our Android apps and services. Users in the European Economic Area (EEA) or in similar jurisdictions also benefit from additional rights and protections.

Which Protectstar Android Apps Collect Personal Data?

Protectstar strictly follows the principle of data minimization, collecting personal data only to the extent required for the proper functioning of our apps. The following apps may collect personal data:

• Anti Spy Android
• Antivirus AI Android
• Camera Guard Android
• DNS Changer Android
• Firewall AI Android
• Micro Guard Android
• iShredder Android (only when using a MY.PROTECTSTAR online account)

Important:
iShredder Android does not create or transmit checksums (SHA-256 or MD5) to our servers. However, if you use a MY.PROTECTSTAR online account (e.g., for license management or updates), any necessary login data or account information may be processed in that context.

Types of Data Collected

Our Android apps (except for iShredder Android) collect two main types of data as part of their anti-spyware and anti-malware functions:

1. Information about Installed Applications
   • We only collect the package names (app names) of the apps installed on your device to provide targeted protection against malware, spyware, or other security threats.
   • We do not access content from these apps.
2. Checksums (SHA-256 & MD5)
   • To protect against tampering or security vulnerabilities, we generate digital fingerprints (checksums) of installed apps and files.
   • These checksums allow us to quickly detect deviations without analyzing the full files or their contents.

Data Collection: Why, What, and How

We collect certain information to enhance your security and to continuously improve our apps’ functionality. Below we explain why we collect this data, which data is collected, and how it is processed.

I. Purpose: Why We Collect Your Data

We gather certain information to increase your security and improve the functionality of our services. Here’s why we need specific types of data:

• Detect and prevent security risks By using app names and checksums, we can identify known malware, spyware, or dangerous modifications.
• Ensure the integrity of your apps and files: Through checksums, we determine whether installed apps or files have been altered.
• Optimize user experience: By continuously analyzing and refining our detection mechanisms, we reduce false positives and continuously improve our service.

II. What We Collect

1. App Package Names
   • Necessary to prioritize protection for specific applications and to identify security vulnerabilities.
   • We do not access app content; we only collect names and package identifiers.
2. Checksums (SHA-256 & MD5) of Apps and Files
   • Serve as digital fingerprints that make changes or tampering visible.
   • MD5 is an older hash function, while SHA-256 is more modern. Using both increases reliability when detecting changes.

No Transmission of Content
We never send entire apps or files to our servers—only the generated checksums. This ensures your personal files and app data remain protected and are never exposed.

III. How We Process This Data

Information about installed apps (name/package name), as well as generated SHA-256 and MD5 checksums, is transmitted to our Protectstar AI Cloud (https://api.protectstar.com). There, they are analyzed using advanced detection algorithms to:

• Identify and block malware and spyware,
• Detect unauthorized changes to apps and files, and
• Minimize false positives (by comparing with known safe and malicious patterns).

This enables us to continuously optimize our security features and offer you an app that is as efficient and resource-friendly as possible, without placing unnecessary strain on your device.

Note:
If you do not want this data to be collected, you can disable your internet connection. However, please note that this may limit core app functions such as malware detection and real-time protection.

How We Handle Your Data

• Anonymity: We place great importance on your privacy and ensure that all data transmitted to our cloud server at
  • https://api.protectstar.com/api/get-deep-detective-packages-shas-info (only Antivirus AI and Anti Spy App)
  • https://api.protectstar.com/api/get-blocklists-info (only Firewall AI app) is fully anonymized.
• Encryption: We use strict data transmission practices, including the Advanced Encryption Standard (AES) with a 256-bit key over the HTTPS protocol. This robust encryption not only protects your data but also ensures it cannot be traced back to individual users.

Data Collection and Usage by Specific Apps

Below is an overview of our apps and their respective data collection practices, including associated URLs, purposes, and limited permissions. This provides transparent information on how we handle your data and which features are required.

1) Firewall AI & DNS Changer

Note for Both Apps:
Firewall AI and DNS Changer route the data traffic of allowed connections directly to their destination via the Android VPN service without using a remote VPN server.

This operation can lead to two scenarios regarding your internet traffic:

• If IP filtering is disabled: All blocked internet traffic is sent to the local VPN service and effectively acts like a sinkhole, dropping all blocked traffic.
• If IP filtering is enabled: Both blocked and allowed internet traffic is routed to the local VPN service, but only the allowed traffic is forwarded to the intended destination. No traffic is sent to a remote VPN server.

The Android VPN service (https://developer.android.com/reference/android/net/VpnService.html) is used to route all internet traffic locally to Firewall AI. This design means no root access is needed to build or implement this firewall application.

Data Collection and Usage:

1. Endpoint: https://api.protectstar.com/api/get-blocklists-info
   • Data Collected: App package name
   • Purpose: To download the latest filter blocklists.
2. Endpoint: https://api.protectstar.com/api/whois
   • Data Collected: IP address of visited URLs, device locale
   • Purpose: To provide localized WHOIS information for an IP address selected by the user.
3. Endpoint: https://tile.openstreetmap.org
   • Data Collected: User-Agent (app package name, app version, developer email)
   • Purpose: To display OpenStreetMap for WHOIS information.

Limited Permissions:

1. android.permission.READ_PHONE_STATE (Mandatory, except for DNS Changer)
   • Allows read-only access to phone state, including mobile network information.
2. android.permission.QUERY_ALL_PACKAGES (Mandatory)
   • Lists all apps installed on the device so the user can control which apps to block or bypass in the firewall.
3. VPNService
   • Routes network traffic from Android through the apps for security purposes.

2) Anti Spy & Antivirus AI

Data Collection and Usage:

1. Endpoint: https://api.protectstar.com/api/get-deep-detective-packages-shas-info
   • Data Collected: SHA-256, MD5, package name
   • Purpose: To identify potential security threats during manual and real-time scans.
2. Endpoint: https://api.protectstar.com/api/add-statistic-item and https://api.protectstar.com/api/add-file-statistic-item
   • Data Collected: SHA-256, MD5, package name, file path/name, installation source, app version/code, device data (OS version, manufacturer, model)
   • Purpose: To analyze and record statistics on detected threats.

Limited Permissions:

1. android.permission.SCHEDULE_EXACT_ALARM (Optional)
   • Allows scans at user-defined times.
2. android.permission.QUERY_ALL_PACKAGES (Mandatory)
   • Scans all installed apps for threats.
3. android.permission.SYSTEM_ALERT_WINDOW (Optional)
   • Protects against screen-capture malware.
4. android.permission.PACKAGE_USAGE_STATS (Optional)
   • Detects foreground apps to enable screen-capture protection.
5. android.permission.MANAGE_EXTERNAL_STORAGE (Mandatory)
6. android.permission.READ_EXTERNAL_STORAGE (Mandatory)
7. android.permission.WRITE_EXTERNAL_STORAGE (Mandatory)
   • Scans and manages files to detect threats.

3) iShredder Android

Limited Permissions:

1. android.permission.MANAGE_EXTERNAL_STORAGE (Mandatory)
2. android.permission.READ_EXTERNAL_STORAGE (Mandatory)
3. android.permission.WRITE_EXTERNAL_STORAGE (Mandatory)
   • Reads and securely overwrites file bytes.
4. android.permission.READ_CONTACTS (Optional)
5. android.permission.WRITE_CONTACTS (Optional)
   • Reads and writes contacts on your device to securely delete them.

Common Features of All Apps

In-App Billing System

1. Data Collected:
   • Purchase history: Records purchase history (app-only) within the app.

Apps Integrated with MY.PROTECTSTAR (MYPS) User Account (Optional)

Included Apps: Anti Spy, Antivirus AI, Firewall AI, DNS Changer, iShredder, Micro Guard

1. Endpoint: https://my-api.protectstar.com
   • Data Collected:
     • User Data: MYPS UserId, email, first name, last name, and password.
     • Device Type: Information such as user-defined device name (e.g., “Peter’s Samsung Galaxy S23”), manufacturer, model, industrial design name, board name (e.g., “goldfish”), hardware specifications.
     • Product SKU: App package name.
     • License Information: Activation ID, activation key.

Apps Integrated with Firebase Messaging

Included Apps: Anti Spy, Antivirus AI, Firewall, DNS Changer, Camera Guard, Micro Guard

• Data Collected:
  • Device data: OS version, name, model, brand, form factor.
  • Installation source: Identifies the app used for installation (e.g., Play Store).
  • App version: Captures the app version for managing topic subscriptions.
• Purpose: For developer communication and app updates.
• Settings: Data collection and usage for Analytics are permanently deactivated according to https://firebase.google.com/docs/analytics/configure-data-collection?platform=android.

In summary, data collection is not only aimed at detecting threats but also tailoring our security measures to your device’s unique environment to provide you with the most effective protection against evolving digital threats.

Emphasis on Data Anonymization

All data transmitted to our cloud servers is not only encrypted but also fully anonymized during processing. This ensures that no personal information can be traced back to you as an individual. Our anonymization process guarantees that even in the event of unauthorized access, the data cannot be linked to a specific user.

Firebase Messaging and Privacy

We use Firebase Messaging solely to send notifications and updates to your device, ensuring you receive relevant messages and information. No personal data or activity tracking is collected, and we do not collect any personal or sensitive user data through Firebase Messaging.

We do not use other Firebase services, such as Firebase Crashlytics, to collect crash reports or personal data.

For more information on Firebase Messaging’s data processing, please visit https://firebase.google.com/docs/android/play-data-disclosure?hl=en#cloud-messaging.

You can rest assured that Firebase Messaging is only used to deliver relevant messages and updates to you and that no personal or sensitive data is shared with or collected by third parties. For this purpose, Firebase Messaging is specifically configured so that, according to their documentation, no analytics data is collected.

Cooperation with Operating System Features
FLAG_SECURE & Screen Capture

In accordance with Google’s guidelines (as of November 2022), our apps respect the security settings of other applications (e.g., protected screenshots). We do not override any protection mechanisms set by the system or other apps, such as FLAG_SECURE, and thus uphold Google’s screen-capture protection guidelines. Our screen-capture malware detection feature relies solely on our own security mechanisms and does not interfere with the system-level security settings of other apps.

What We Will Never Process

Protectstar will never process “sensitive” personal data such as religion, political opinions, sexual preferences, health, or other special categories of personal data through its products and services. We do not want to receive such data and will not request it from you.

Protectstar products must be installed and used by an adult. Children are allowed to use the device on which the Protectstar product is installed only with the permission of a parent or guardian. Except for “data for child protection” features, we do not intend to process personal data from children nor do we wish to receive such personal information from children.

No Location Data or Advertising Ids

Our apps do not collect location data (GPS) or use advertising or tracking IDs. This means we do not process or store any location-based data or unique advertising identifiers (such as your device’s advertising ID). This ensures that no sensitive information regarding user location or advertising preferences is collected.

In-App Purchases & Subscriptions

• Advertising
  Our apps do not display any third-party advertising, nor is data transmitted to third parties for advertising purposes. Should we ever integrate advertising in the future, we will update this Privacy Policy accordingly and clearly inform users.
• In-App Purchases and Subscriptions
  In certain apps, we offer paid features that can be unlocked via in-app purchases or subscriptions. If you subscribe, you can cancel or manage it at any time through Google Play.
• Monetization Model
  Our base versions are free; advanced or additional features can be unlocked via in-app purchase or subscription. We do not monetize our apps in any other way, particularly by selling data or displaying ads. We strive to ensure that your privacy is not compromised by advertising or the sharing of information.

Data Sharing and Use of SDKs

We do not share or sell your personal data to third parties. All information we collect—such as hash values like SHA-256 or MD5—is fully anonymized and used exclusively to improve our apps’ functionality and protect your device.

During the use of our apps, we may collect data such as app checksums or file metadata. These checksums act as unique digital fingerprints, enabling us to verify the integrity of apps and files on your device without accessing their actual content. This ensures that no conclusions can be drawn about your identity.

Our data storage practices are extremely restrictive: the information collected is processed solely on secure servers located in Germany and deleted just a few seconds after the analysis is completed. As a result, your data is retained only for as long as absolutely necessary.

We currently do not integrate any third-party SDKs that collect or share personal or sensitive user data. Should we decide to use third-party SDKs in the future, we will ensure their full compliance with Google Play policies. Additionally, we will promptly update this Privacy Policy and obtain your explicit consent before any data is collected.

Prominent Disclosure and User Consent

Before we collect personal or sensitive data, you will see a clear in-app notification explaining:

• Which data is collected
• Why it is needed
• How it will be used

You will be asked for your explicit consent by tapping “Accept.” This consent dialog typically appears upon the first launch of the app or as soon as you activate a specific feature that collects personal data. The app will only proceed with data collection after you have given your consent. If you choose not to consent, you can dismiss the prompt, and no data will be collected.

Transparency and User Control Over Data

At Protectstar, we are fully committed to ensuring you have control over your data at all times.

• Opt-Out Options: You can stop data collection and transmission at any time. This can be done by adjusting the app settings, disabling your internet connection, or uninstalling the app. We ensure that no data is collected without your explicit consent, and you can withdraw this consent at any time if you change your mind.
• Control Over Notifications: You can manage notifications through Firebase Messaging in your device’s notification settings, thereby controlling when and how you receive updates from us.

Data Retention and Deletion

We only retain your data for the minimal amount of time necessary to fulfill its specific purpose. For example, checksums and metadata collected during security analysis are processed on our secure servers and permanently deleted a few seconds after the analysis concludes. This ensures that your data is not stored any longer than necessary and provides security without compromising your privacy.

We strive to give you control over your data, including the option to request deletion of that data. How we handle data deletion depends on whether you have created an account:

• Registered Users: If you have created a MY.PROTECTSTAR account, you can request the deletion of your account and all associated personal data directly through the account settings. You may also contact us at privacy@protectstar.com for assistance. Once we receive your request, we will delete your personal data unless we are legally required to retain it or have legitimate reasons for doing so.
• Non-Registered Users: If you use our apps without creating an account, you can stop data collection at any time by uninstalling the app. Upon uninstallation, all locally stored data is deleted, and any data processed on our cloud servers is deleted immediately after the necessary analysis—usually within a few seconds. You may also contact us at privacy@protectstar.com to request the deletion of any remaining data.
• Legal Retention Requirements: In some cases, we may retain certain data as required by law (e.g., for fraud prevention or to comply with legal regulations). We ensure that any data retained is handled securely and only kept for the period necessary.

Consistency with Play Store “Data Safety” Sections

We ensure that the information provided in this Privacy Policy fully aligns with the details disclosed in the “Data Safety” section on the Google Play Store. Our Data Safety statement provides a concise overview of the types of data collected, the purposes of data collection, and our security measures. We encourage you to review the “Data Safety” section in the Play Store listing for a quick overview of how we handle your data.

Both this Privacy Policy and the “Data Safety” section reflect our commitment to transparency and protecting your personal information. Any discrepancies or updates between these two documents will be addressed promptly to maintain consistency.

How We Protect Your Data

At Protectstar, safeguarding your personal information is our highest priority. Our comprehensive security system combines administrative, organizational, technical, and physical measures to maintain the confidentiality, integrity, and availability of your data. We continually adapt our security precautions to the latest technological developments and best practices.

Below is an overview of our measures:

1. Comprehensive Security Controls
   Our systems are designed to prevent unauthorized access, data loss, misuse, or tampering of your personal information. These controls are regularly reviewed and updated to address new threats.
2. Specialized Information Security Team
   Our dedicated security team develops, implements, and continuously monitors our security program to ensure that all systems meet the highest data protection standards.
3. State-of-the-Art Security Technologies
   We use advanced security tools—such as firewalls, intrusion detection systems, and regular vulnerability scans—that comply with current industry standards to optimally protect your data.
4. Security Assessment Before Product Launch
   Before introducing any new system or service, we conduct a stringent security check to ensure personal data is handled with the utmost protection.
5. Strict Access Management
   Access to sensitive information is granted solely to authorized personnel. All access is carefully logged and monitored to ensure complete traceability.
6. Incident Response Plan
   In the event of a security incident, we immediately implement our defined emergency plan. This includes promptly identifying the incident, taking countermeasures, and—if necessary—informing the relevant authorities and affected users.
7. Regular Data Backup and Recovery
   Through regular backups and robust recovery mechanisms, we ensure that your data is not permanently lost or damaged even in unforeseen circumstances.
8. Limited Employee and Contractor Access
   Access to personal data is strictly limited to those who need it to perform their duties. All employees are contractually bound to confidentiality, and breaches are addressed decisively.
9. Data Encryption
   All data transmissions between your device and our servers are secured using cutting-edge encryption protocols (AES-256). This ensures that your data remains protected against unauthorized access, even during transmission.
10. Continuous Training
    Our staff undergo regular training in the latest security standards and practices to proactively address potential threats and continually improve our security measures.

Additional Measures:

• ISO 27001-Certified Servers
  Our cloud servers in Germany are ISO 27001 certified, an internationally recognized standard for information security management. This guarantees that your data is stored in one of the most secure environments available.
• Regular Audits and Monitoring
  Through regular security assessments and real-time monitoring, we identify and mitigate potential vulnerabilities before they can pose a risk.

With these measures, we ensure that your personal data is protected throughout its entire lifecycle—from transmission to storage—at the highest possible level.

Your Rights Regarding Personal Data

Under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), you have certain rights concerning your personal data. These rights include:

1. Right of Access: You have the right to request confirmation as to whether we are processing your personal data and, if so, to receive a copy of the data we hold about you.
2. Right to Rectification: If you believe that any personal data we hold about you is inaccurate or incomplete, you have the right to request its correction or update.
3. Right to Erasure (Right to Be Forgotten): Under certain circumstances—such as when the personal data is no longer required for the purposes it was collected, or you withdraw your consent—you have the right to request the deletion of your data. We will comply unless we are legally obligated to retain the information or have other legitimate grounds for doing so.
4. Right to Object or Restrict Processing: You have the right to object to the processing of your personal data in certain situations or request that its processing be restricted. For example, if you dispute the accuracy of the data or if the processing is unlawful, we will limit our processing to essential functions or seek your consent.
5. Right to Data Portability: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format. This allows you to transfer your data to another service provider of your choice without hindrance.

To exercise any of these rights, please contact us. We may need to verify your identity to ensure that your personal data is only disclosed to you or someone authorized by you.

We strive to respond to your requests promptly and transparently, in accordance with applicable legal requirements. If you need additional information about your rights or how we process your personal data, please do not hesitate to contact us.

Children’s Privacy

Our apps are not directed at children under the age of 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal data from children. If we become aware that data from children has been collected, we will delete it immediately. Parents or legal guardians can contact us at any time at privacy@protectstar.com to request deletion of such data.

International Data Transfers

Protectstar Inc. is headquartered in the United States and operates globally—with offices and service providers around the world. Our state-of-the-art cloud servers are located in Germany and hosted in an ISO 27001-certified environment for information security management.

In the course of our business operations, we may transfer, store, or process your personal data across borders to countries with different data protection laws than your home country. Regardless of where processing takes place, we are committed to maintaining the same high level of data protection. To this end, we implement robust safeguards such as Standard Contractual Clauses and data protection agreements to comply with applicable international data protection regulations.

For residents of the European Economic Area (EEA), we ensure that personal data transfers outside the EEA or Switzerland fully comply with the requirements of the General Data Protection Regulation (GDPR).

No Automated Decision-Making

We emphasize that no automated decisions (e.g., in the form of automated profiling) are made that produce legal or similarly significant effects on you. Our focus is solely on detecting and defending against malware or spyware, as well as providing enhanced app features. Therefore, we only collect and process your data for the stated purpose of security and optimization of our services, without using it to create user profiles or for automated decision-making processes.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. If changes are made, we will inform you by posting the updated Privacy Policy on this page at https://www.protectstar.com/de/policy-for-apps.

These changes become effective immediately upon posting, so we recommend reviewing this page regularly to stay informed.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Protectstar Inc.
4281 Express Lane, Suite L3604
Sarasota, FL 34249, USA
Email: