As of the effective date listed above, Notifcation Launcher uses 2 Android Permissions : RECEIVE_BOOT_COMPLETED and INTERNET. Neither of these is used to collect or store personally identifiable user information.
The RECEIVE_BOOT_COMPLETED permission is used to reschedule notifications that the user has previously scheduled after the user's device has been restarted. This permission notifies the Notification Launcher application that the device has been restarted but that is all of the information the app receives that is not manually input into the app by the user. Information entered by the user (including, but not limited to, notification title, notifaction message, and notification scheduled timing) never leaves the device. A small amount of other data is collected in the normal usage of the app, including the installed applications on the user's Android device, which is necessary to the core functionality of the application. This information also never leaves the user's device.
The INTERNET permission is used to retrieve tutorial data but makes a GET service call that does not send any data to a server. If the internet permission is revoked, the tutorial feature may stop working but everything else will work as intended. If the user has previously viewed the tutorials, the cached tutorial data should remain available even if the permission is denied by the user but new tutorials will not be able to be downloaded. This permission is used to serve both personalized and non-personalized ads based on the user's discretion. Finally analytics also leverages this permission. Both analytics and advertising are detailed below.
As of app version 2.5.0 and later, Google's AdMob service is used to display relevant ads to the user. Personal data such as the device identifier and adverising ID are collected by the third party AdMob service in order to deliver ads more effectively. This functionality can be opted out of by the end user by going to the Settings menu and turning advertising off. To accomodate users in the EU under the General Data Protection Regulation (GDPR), personalized advertising is opt-in in these regions. By default, advertising is un-targeted but users can opt in to see more targeted advertising if they so choose in the EU.
We leverage the Firebase Analytics library in Notification Launcher version 3.2.0 and greater in order to track which buttons have been pressed in order to know which features deserve the most development and attention.
For users in the EU, analytics are always turned off. For users outside of the EU, analytics are enabled but we have disabled collection of the SSAID (Settings.Secure.ANDROID_ID) and disabled colelction of the Adrverstising ID. These cannot be enabled by the user. We have also turned off personalized advertising features associated with the Firebase Analytics library. The steps we followed to do this from a development side can be found here.
Even though the app uses the INTERNET permission primarily for displaying tutorial data. The analytics library is used as outlined in the Analtyics section above to capture which buttons are pressed and which pages are visited. This data is anonymized so I am unable to directly correlate data to any specific users. Anonymized crash data that the Google Play Store collects automatically for all apps is also collected.
If the end-user is still wary about providing the INTERNET permission to the Notificaton Launcher application, they can opt to turn off the INTERNET permission entirely and all core functionality will still work as intended.
Changes to the apps permissions and behaviors will be reflected in this policy as updates as soon as necessary (i.e. when a change is made in the Notification Launcher application). For changelogs related to Notification Launcher, see the release notes.