Privacy Policy
FalaPix > Privacy Policy > Update: 2 Jun 2026

Privacy Policy - FalaPix

Last Updated: 28 April 2026
Effective From: 28 April 2026
Applies To: FalaPix Android app (com.binaryscript.falapix)
Operator: BinaryScript — contact [email protected]
Jurisdiction: Bangalore, India

This Privacy Policy explains what FalaPix does — and just as importantly, what it doesn't do — with information from your device. We've written it in plain language because that's what we'd want as users. If anything is unclear, email us.

1. The Short Version

  • Notification text never leaves your phone. Pix amounts, sender names, and notification body text are processed entirely on your device. We never see them.
  • We collect anonymous, bucketed analytics so we can fix the app when bank notification text changes. Bank package names and amount-range buckets — that's it.
  • We use Firebase Analytics and Firebase Crashlytics, both Google products, for that analytics and for crash reports.
  • Subscriptions are processed through Google Play Billing; we never see your payment details.
  • You can opt out by disabling Play Services data sharing on your device, or by uninstalling. There is no cloud account to delete.

2. What We Process on Your Device Only (Never Sent Off-Device)

The following data is read by FalaPix locally and never leaves your phone:

  • Notification title, text, big-text, sub-text, and info-text from the banking apps you've explicitly chosen (only those packages are inspected; all other notifications are ignored).
  • The exact BRL amount of incoming Pix and the sender's name (when parseable).
  • A local list of past announcements (last 200), stored in the app's private DataStore for the History screen. This list is encrypted at rest by Android, never uploaded, and is wiped when you uninstall the app or tap "Clear history".

We obtain this through Android's BIND_NOTIFICATION_LISTENER_SERVICE permission, which you grant explicitly during onboarding. You can revoke it at any time in Android Settings → Apps → Special access → Notification access.

3. What We Send to Firebase (Google) for Product Analytics

We send anonymous, bucketed events to Firebase Analytics and Firebase Crashlytics so we can keep the app working as Brazilian banks change their notification wording. Specifically:

  • Bank package name (e.g. com.nu.production) → To know which banks have unparsed text we need to fix.
  • Amount bucket, never exact (e.g. 50–200) → To understand product use, never to identify a transaction.
  • Voice locale (pt-BR / en-US) → To prioritise voice quality work.
  • UI language (en / pt-BR) → Same as above.
  • Onboarding step (Welcome / Setup) → To find drop-off points.
  • Device OEM / Android SDK (Xiaomi/Redmi, 33) → To prioritise per-OEM reliability fixes.
  • Listener connect/disconnect (event with timestamp) → To measure background-survival rate.
  • TTS voice status (MissingData) → To know how many users need pt-BR voice.
  • Settings toggles changed (vibrate=true) → Aggregate product decisions only.
  • Crash stack traces (no PII) → Standard crash reporting.
  • Firebase Installation ID (random ID Firebase generates) → Required by Firebase to attribute events.

We do NOT send to Firebase or any third party:

  • Notification text from your banking apps
  • Sender names
  • Exact BRL amounts (only bucketed ranges)
  • Timestamps of individual transactions
  • Your account number, card number, or any banking credentials
  • Your name, email, phone number, or device identifiers other than the random Firebase Installation ID
  • Your contact list, photos, files, location, calendar, or browsing data — we don't request those permissions in the first place

Firebase data flows through Google's infrastructure. Read Google's Firebase data-handling policy at: https://firebase.google.com/support/privacy

4. Why We Collect Anything at All

Bank notification wording changes when banks update their apps. Without some signal, we'd ship a regex update and find out only when users complain. The bucketed analytics above let us:

  • See which bank apps are sending notifications our parser doesn't understand (the pix_unmatched event)
  • Detect crashes early
  • Measure if our background-listener survives on Xiaomi vs. Pixel vs. Samsung phones
  • Decide where to invest engineering effort

We've deliberately limited the analytics to fields that cannot identify a transaction or a user.

5. Internet Permission

FalaPix declares the INTERNET permission for the Firebase Analytics and Firebase Crashlytics traffic described in section 3, and for Google Play Billing required to verify subscription status. The core listening loop (notifications → parsing → voice announcement) runs entirely offline.

6. Subscriptions and Google Play Billing

FalaPix offers paid subscriptions processed through Google Play Billing. When you subscribe:

  • Google Play handles the entire payment flow. We never see, store, or transmit your credit card, UPI, or other payment details.
  • The App receives only a subscription status token from Google Play that tells it whether your subscription is active.
  • Subscription records held by Google Play are retained by Google according to Google's policies.

Google Play's privacy policy: https://policies.google.com/privacy

7. Permissions We Request, and Why

  • BIND_NOTIFICATION_LISTENER_SERVICE (special) → Detect Pix notifications from your bank apps. Read-only, on-device only.
  • VIBRATE → Pulse the phone when a Pix arrives so you feel it.
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS → Prompt for the system battery exemption so Android doesn't kill the listener while you're working.
  • INTERNET → Send the anonymous analytics described in section 3, deliver crash reports to Firebase, and verify subscription status with Google Play.
  • BILLING → Process subscription purchases via Google Play.

We do NOT request: location, contacts, microphone, camera, files, SMS, call log, calendar, accounts, or any other sensitive permission.

8. Data Retention

  • On-device announcement history: kept in the app's private DataStore until you tap "Clear history" or uninstall (whichever comes first). A rolling cap of 200 entries is enforced automatically.
  • Firebase Analytics: retained per Google's defaults (currently 14 months for event data).
  • Firebase Crashlytics: retained per Google's defaults (currently 90 days for non-fatal events, 90 days for crashes).

You can request deletion of your Firebase Analytics data by emailing us the Firebase Installation ID surfaced in your device's app info.

9. Children

FalaPix is intended for adult merchants. We do not knowingly collect data from anyone under 18. If you are a parent and believe your child has used FalaPix, contact us and we'll delete any associated data.

10. Your Rights Under Brazilian LGPD and Equivalents

If you are a resident of Brazil, the Lei Geral de Proteção de Dados (LGPD, Lei nº 13.709/2018) gives you the right to:

  • Confirm that we process data about you
  • Access the data we have about you
  • Correct incomplete or inaccurate data
  • Request deletion of unnecessary or excessive data
  • Object to processing
  • Request data portability
  • Be informed about third parties we share data with (we share with Firebase only, as described in section 3)

To exercise any of these rights, email [email protected] with the subject line "LGPD request" and we'll respond within 15 days. Note that because we do not collect personally identifying information, we may not be able to identify your data without help (e.g., your Firebase Installation ID).

The same rights are available under EU GDPR for European residents and under similar laws in other jurisdictions.

11. Security

  • All Firebase traffic is encrypted in transit (TLS 1.2+).
  • The on-device announcement history is stored in Android's app-private DataStore, which is sandboxed at the OS level and not accessible to other apps.
  • We do not store credentials of any kind because we never see them.

No internet-connected service can guarantee absolute security; we maintain reasonable industry-standard safeguards.

12. Changes to This Policy

If we materially change what FalaPix collects, we will publish an updated policy at the same URL with a new "Last updated" date and, if the change is significant, prompt you to review it inside the app before the next session of use.

13. Contact

BinaryScript
Bangalore, India
Email: [email protected]

For privacy-specific requests, please use subject line "Privacy" or "LGPD request" so it routes correctly.