Privacy Policy
Arum Communications Corp. ("we", "us", "our") built the Duplicate Photo Cleaner app ("the Service") as a free, ad-supported application with an optional paid subscription. This page informs you of our policies regarding the collection, use, and disclosure of personal information when you use the Service, and the choices you have associated with that information.
By using the Service, you agree to the collection and use of information in accordance with this policy. We will not use or share your information with anyone except as described in this Privacy Policy.
1. Information We Process
1.1 Information processed only on your device
The Service scans your device storage to find duplicate files, visually similar pictures, blurry photos, and large media. To do this, the app reads:
- File metadata (file name, file path, file size, modification date)
- Image and video content for the purpose of computing local hashes (MD5 partial hashes for duplicate detection, perceptual hashes for similarity detection, Laplacian variance for blur detection)
- The MediaStore content URIs needed to delete files you choose to remove
This information stays on your device. We do not upload your files, file names, file paths, thumbnails, hashes, or scan results to any server operated by us. Cleaning history is stored locally in a Room SQLite database on your device and is removed when you uninstall the app.
1.2 Permissions used
| Permission | Purpose |
|---|---|
READ_MEDIA_IMAGES / READ_MEDIA_VIDEO (Android 13+) |
Read photos and videos from device storage in order to identify duplicates, similar images, blurry photos, and large media. |
READ_EXTERNAL_STORAGE (Android 12 and below) |
Same purpose as above on older Android versions. |
WRITE_EXTERNAL_STORAGE (Android 9 and below) |
Required to delete files you select for cleanup on legacy Android versions. |
1.3 Information collected by third-party services
The app uses third-party services that may collect information used to identify you or your device. These services may collect data such as device identifiers (Android Advertising ID), IP address, device model, operating system version, app version, language, country, crash logs, and aggregated usage events. Please review each provider's privacy policy linked in Section 4 below.
1.4 Subscription and purchase information
If you purchase a premium subscription, the transaction is processed by Google Play Billing and managed through RevenueCat. We do not receive or store your full payment instrument (e.g., credit card number). We receive an anonymous subscriber ID, purchase tokens, entitlement status, and purchase metadata such as country and product ID, in order to grant and validate your premium entitlement.
2. How We Use Information
- To provide the core scanning and cleaning functionality (locally on your device).
- To deliver advertising, including non-personalized ads where required by law or by your consent choice.
- To measure app performance, diagnose crashes, and improve stability.
- To validate and manage premium subscriptions.
- To comply with legal obligations.
3. Legal Basis (EEA/UK Users)
Where the GDPR or UK GDPR applies, we rely on (a) your consent for advertising, analytics, and crash reporting that involve personal data, collected through Google's Consent Management Platform (CMP) shown on first launch; (b) the performance of a contract for subscription processing; and (c) our legitimate interests in operating and securing the Service. You can change your consent at any time from the in-app privacy settings.
4. Third-Party Service Providers and Their Privacy Policies
We use the following third-party services. Each link below leads to that provider's privacy policy and, where applicable, its description of the data it collects and how it is used.
- Google Play Services — Google Privacy Policy
- Google AdMob (advertising) — How AdMob uses information, How Google uses data from partner apps
- Google User Messaging Platform (UMP / CMP) (GDPR consent) — About the Google UMP SDK
- Google Analytics for Firebase — Firebase Analytics privacy and security, Data deletion
- Firebase Crashlytics (crash reporting) — Firebase Privacy and Security
- Google Play Billing (in-app purchase processing) — Google Privacy Policy
- RevenueCat (subscription management) — RevenueCat Privacy Policy, Data Processing Addendum
5. Advertising and Your Choices
Ads are served by Google AdMob and may use the Android Advertising ID to deliver, measure, and limit the frequency of ads. You can opt out of personalized advertising at any time:
- On Android: open Settings → Google → Ads and toggle "Delete advertising ID" or "Opt out of Ads Personalization".
- For EEA, UK, or Swiss users, you may withdraw or change your advertising consent through the in-app privacy options, which re-displays the Google CMP consent form.
- Learn more: Advertising ID, Google Ad Settings.
6. Log Data
When the app crashes or encounters an error, third-party tools (Firebase Crashlytics) may collect diagnostic data including device IP, device model, operating system version, app configuration at the time of the error, and the time and date of the event. This information is used solely to diagnose and resolve issues.
7. Cookies
The Service does not itself use cookies. However, third-party SDKs embedded in the app may use cookie-equivalent identifiers (such as advertising IDs) to provide their services.
8. Data Retention
- Local scan results are kept only in the app's cache and are auto-cleaned after 1 hour.
- Cleaning history is stored locally and is removed when you uninstall the app.
- Subscription records are retained by RevenueCat and Google Play Billing for as long as required to maintain your entitlement and for legal/accounting purposes.
- Crash and analytics data are retained according to each provider's standard retention periods.
9. Your Rights
Depending on your jurisdiction (EEA, UK, California, etc.), you may have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing. To exercise these rights, contact us at the email below. You also have the right to lodge a complaint with your local data protection authority.
10. Security
We take reasonable steps to protect the limited information processed through the Service. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security.
11. Links to Other Sites
The Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. These external sites are not operated by us. We strongly advise you to review the privacy policy of any site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
12. Children's Privacy
The Service is not directed to children under the age of 13, and we do not knowingly collect personally identifiable information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it from our records. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us so that we can take the necessary action.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective date" at the top.
14. Contact Us
If you have any questions or suggestions about this Privacy Policy, please contact us at developer@arumarum.com.
