Privacy Policy For Android Apps

Effective Date: September 28, 2024

Developer Information and Privacy Point

If you have any questions or comments about this Privacy Policy, or if you would like us to update or remove information or preferences you provided to us, please contact us at:

cb innovations
Schwarzwaldstr. 22
D-76532 Baden-Baden
GERMANY
E-Mail:

Introduction

At cb innovations (“cb innovations”, “we”, “us”, “our”), protecting your privacy is central to our mission. We are committed to safeguarding users (“you” and “your”) from risks such as theft, malware, and other threats.

This Privacy Policy applies to the information we collect from your device when you download and install our Android apps. By using our apps, you acknowledge that you have read, understood, and agree to this Privacy Policy. Your use of our Services and any dispute related to privacy is governed by this Policy, as well as any applicable Terms of Service and End User License Agreements.

This Privacy Policy applies globally. Users from the European Economic Area (EEA) and other regions may have additional rights depending on local laws, as outlined in this Policy.

Why We Collect Your Personal Data

Data collection is necessary to maintain app functionality, protect against cybersecurity threats, and provide customer support. By analyzing diagnostic data, we can resolve technical issues and enhance app performance and stability.
The collection of certain data enables us to enhance app security features and identify potential malware or espionage activities.

What Information Do We Collect?

We collect and process the following types of information to enhance user security and improve the functionality of our apps:

  • Data Collected: Package names, SHA-256, and MD5 checksums of installed apps on your device.
  • Purpose: This data allows us to detect and assess potential security threats, optimize app performance, and tailor our services to your specific needs. We do not access the content of the apps themselves.

This information is sent anonymously to our secure cloud servers at https://www.cb-innovations.com, allowing us to efficiently detect potential threats and enhance app performance.

Data Collection in Action

When connected to the internet, the app will transmit selected information, such as details about the installed applications and files on your device, to our cloud servers. Specifically, we collect and process the following data through your interactions with our Android apps:

  • The package name of the installed app
  • The calculated SHA-256 and MD5 checksums of the app's APK file
  • The calculated SHA-256 and MD5 checksums of any scanned files

All data is transmitted anonymously to our cloud servers at https://www.cb-innovations.com, ensuring your privacy while allowing us to enhance the security and performance of our services.

Opting Out of Data Collection

If you prefer not to have your data collected, you may disable your internet connection, which may reduce the effectiveness of malware detection and other security features.

How We Use the Information We Collect

We use the collected data to:

  • Provide and Operate Our Services: Ensure our apps work seamlessly across devices.
  • Detect and Prevent Security Threats: Identify and neutralize potential malware or other security threats.
  • Optimize App Performance: Improve app stability, reduce false positives, and deliver updates.
  • Enhance Customer Support: Respond to service and security needs effectively.

How will your data be transferred from your device?

Your data is transmitted anonymously and securely to our cloud servers at https://www.cb-innovations.com

To ensure the safety of your data, all information collected by the app is encrypted during transmission. We use AES-256 encryption to protect your data as it travels from your device to our servers. The transmission is secured using the HTTPS protocol, providing an additional layer of protection against unauthorized access.

This ensures that your personal information remains private and secure throughout the data transfer process.

What is the purpose of processing your data?

The data we collect, such as installed application information and file details, is essential for providing our services to you. It enables accurate malware detection and helps us identify potential espionage threats.
Our primary goal in collecting your data is to offer you robust products and services that provide a responsive, real-time defense against both known and emerging threats.

By analyzing the installed application and file information on our cloud servers, rather than on individual devices like your smartphone, we ensure that the analysis is fast, efficient, and precise. This cloud-based processing allows for:

  • Optimal Performance: Your device resources are preserved, as the heavy lifting is done on our servers.
  • Accurate Analysis: The power of cloud computing enables quick and thorough analysis, which translates into faster threat detection and response.

The processing of your data allows us to:

  • Identify New Threats: Understand the behavior, security status, and origins of potential threats.
  • Evaluate Reputation: Assess the reputation of applications and files to determine their safety.
  • Reduce False Positives: Minimize incorrect threat detection to ensure smooth operation.
  • Enhance App Performance: Improve the efficiency and capabilities of our security components.
  • Boost Product Performance: Continuously optimize the overall performance of our apps and services.
  • Utilize Data for Improvement: Use the confidential information about installed apps to refine and enhance the features of cb innovations’ Android apps.

We only collect the data necessary for the purpose of providing security and optimizing app performance.

Overview about our apps and their specific data collection practices that is send to the related URL incl. their purpose as well as the Restricted Permissions:

A. Firewall Security – No Root

Note about the Firewall Security – No Root app:

The Firewall Security – No Root app forwards the traffic of allowed connections directly to their destination through the Android VPN Service without using a remote VPN server. Its mode of operation can lead to one of two scenarios concerning your internet traffic:

  • When IP Filtering is Disabled: Any blocked internet traffic is routed into the local VPN service, effectively acting as a sinkhole that drops all blocked traffic.
  • When IP Filtering is Enabled: Both blocked and allowed internet traffic are routed into the local VPN service, but only allowed traffic is forwarded to the intended destination. No traffic is sent to a remote VPN server.

The Android VPN Service (https://developer.android.com/reference/android/net/VpnService.html) is utilized to locally route all internet traffic to Firewall Security app. This design means that root access is not required to build or implement this firewall application.

Through transparently explaining these functions, we aim to instill confidence in our users regarding the privacy and integrity of their data when utilizing our Firewall Security application.

Data Collection and Usage:

  1. Endpoint: https://www.cb-innovations.com/api/get-blocklists-info
    • Data Collected: App package name
    • Purpose: To download the latest filter block lists.
  2. Endpoint: https://www.cb-innovations.com/api/whois
    • Data Collected: IP address of visited URLs, locale of user's device
    • Purpose: To provide localized WhoIs information for an IP address.
  3. Endpoint: https://tile.openstreetmap.org
    • Data Collected: User agent (app package name, version, developer email)
    • Purpose: To display Open Street Map for WhoIs information.

Restricted Permissions:

  1. android.permission.READ_PHONE_STATE (Mandatory, except for DNS Changer)
    • Allows read-only access to phone state, including cellular network information.
  2. android.permission.QUERY_ALL_PACKAGES (Mandatory)
    • Lists all apps installed on the device, enabling user control over app blocking or bypass in the Firewall Security app.
  3. VPNService
    • Redirects Android’s network traffic through the apps for security purposes.

B. Anti Spy Detector

Data Collection and Usage:

  1. Endpoint: https://www.cb-innovations.com/api/get-deep-detective-packages-shas-info
    • Data Collected: SHA256, MD5, Package Name
    • Purpose: To identify potential security threats.

Restricted Permissions:

  1. android.permission.SCHEDULE_EXACT_ALARM (Optional)
    • Enables scans at user-defined times.
  2. android.permission.QUERY_ALL_PACKAGES (Mandatory)
    • Scans all installed apps for threats.
  3. android.permission.MANAGE_EXTERNAL_STORAGE (Mandatory)
  4. android.permission.READ_EXTERNAL_STORAGE (Mandatory)
  5. android.permission.WRITE_EXTERNAL_STORAGE (Mandatory)
    • Scans and manages files for threats.

C. Common Features Across All Apps

  1. In-App Billing System
    • Data Collected:
      • Purchase History: Records the history of purchases (only of the app) made within the app.

How do we use the information we collect?

When you install or use one of our Services, it will run in the background of your device or environment to help predict threats, and better protect you, your devices, and your information. We use the data we collect for:

  • (a) Providing and operating our Services;
  • (b) Addressing and responding to service, security, and customer support needs;
  • (c) Detecting and preventing cybersecurity threats, such as malware, on your device;
  • (d) Identifying potential false positives;
  • (e) Analyzing data sent to or from your device(s) to isolate and identify threats, vulnerabilities, viruses, suspicious activities, and attacks, and to communicate potential threats to you.

Transmitted user information will only be used for the aforementioned limited purposes, which the user has agreed to.

The specific data processed depends on the product or service in use. We encourage users to carefully review the agreements and related disclosures during the installation or use of any software or service. Regardless of the type of data or the jurisdiction where the data is received or processed, we uphold the highest data protection standards and implement diverse legal, organizational, and technical measures to secure user data. This approach ensures the safety and confidentiality of data and respects user rights under applicable law.

Additional Uses

We may also utilize Personal Data for activities where we have a legitimate interest, such as direct marketing, individual or market research, anti-fraud protection, or any other purpose disclosed to you when you provide Personal Data or as per your consent.

How long do we store your Personal Data?

The data collected is stored temporarily, only for as long as necessary to fulfill the purpose of data collection. In general, data is deleted within seconds after processing. However, some anonymized data may be retained for statistical analysis.

Sharing and Selling of Personal Data

At cb innovations, we are committed to protecting your privacy. We do not sell personal or sensitive user data to third parties.

How Do We Protect Your Data?

At cb innovations, we prioritize the protection of your data by employing industry-leading security measures. We use a combination of technical, administrative, and physical safeguards to ensure the confidentiality, integrity, and availability of your personal data.

Key Security Measures:

  • Encryption: All data transmitted from your device to our cloud servers is protected using AES-256 encryption. The data transfer occurs over secure HTTPS connections, ensuring that the information remains confidential during transmission.
  • Anonymization: We anonymize the collected data, ensuring that it cannot be traced back to individual users. This adds an additional layer of protection for your privacy.
  • Access Control: Only authorized personnel within cb innovations have access to your data. We enforce strict internal policies to ensure that access is limited to those who need it to perform essential tasks.
  • Data Retention: We retain your data only for the time necessary to fulfill the purposes outlined in this Privacy Policy. In most cases, data is stored for a few seconds before being securely deleted after processing.
  • Data Deletion: Once the data has been analyzed, it is promptly deleted from our servers following stringent data deletion protocols. In some cases, anonymized data may be stored longer for statistical analysis or quality assurance purposes.
  • Regular Security Audits: We perform routine security audits and vulnerability assessments to ensure our systems remain up-to-date with the latest security standards and practices.

Through these comprehensive security practices, we aim to protect your data from unauthorized access, misuse, alteration, or disclosure.

What Choices Do You Have About Your Personal Data?

You may stop cb innovations’ collection of Personal data from your device by uninstalling that product.

Individual Rights in Personal Data

In accordance with applicable law, you may have the right to:

  1. Request confirmation of whether we are processing your Personal Data.
  2. Obtain access to or a copy of your Personal Data.
  3. Receive a portable copy of your Personal Data, or ask us to send that information to another organization (the "right of data portability").
  4. Seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Data.
  5. Restrict our processing of your Personal Data.
  6. Object to our processing of your Personal Data.
  7. Request erasure of Personal Data held about you by us, subject to certain exceptions prescribed by law.

If you would like to exercise any of these rights, don't hesitate to get in touch with us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we may take steps to verify your identity before fulfilling your request. For some requests and where permitted by law, an administrative fee may be charged. We will advise you of any applicable fee before performing your request.

Children’s Privacy

Our services are not designed for children under the age of 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal data from children. If you believe we have collected such information, please contact us, and we will promptly delete it.

Data Transfers

cb innovations is located in GERMANY, but our company operates globally, and your data may be transferred to jurisdictions with different data protection laws. We ensure that your data receives adequate protection through standard contractual clauses and security measures.

For residents of the EEA, we comply with the General Data Protection Regulation (GDPR) and only transfer data outside the EEA under strict conditions.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices. Any significant updates will be communicated via email, our website, or in-app notifications.

Contact Us

For any questions or concerns regarding this Privacy Policy, please contact us at:

cb innovations
Schwarzwaldstr. 22
D-76532 Baden-Baden
GERMANY
E-Mail: