Privacy Policy for SMS Classifier

Last Updated: May 23, 2026

Introduction

SMS Classifier ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our SMS Classifier mobile application ("the App").

The App is a Free / Pro Android SMS reader that classifies incoming messages as OTP, phishing, or general. A 14-day free trial of cloud classification starts automatically when the App detects your first OTP. Pro is an annual Google Play subscription priced at ₹199/year in India and renews yearly unless you cancel in Play Store.

Plain-English Summary

Most classification runs on your device. Your raw SMS bodies are not sent to our servers unless (a) you are inside the trial / Pro cloud-classification window, or (b) you opt in to "Help improve classification" feedback uploads.
Misclassification feedback uploads, when enabled, send a digit-redacted version of the message body. OTP codes and other digit runs of 4 or more characters are deterministically replaced before transmission.
We use Firebase services (Google) for analytics, crash reporting, anonymous install IDs, authentication, and remote configuration. Each is gated behind a consent toggle in Settings → Privacy & Data.
We never sell your personal information.
You can delete your data inside the App at Settings → Privacy & Data → Delete my data, or by emailing us.

Information We Collect

SMS Messages

What we collect: The content of SMS messages received on your device, including message text and sender phone numbers.
Why we collect it: To classify messages as OTP, likely scam, or general, and to extract OTP codes for one-tap copy.
How we use it:
- Free tier (after trial expires): classification runs entirely on your device. Raw SMS content does not leave your device.
- Trial tier (active 14-day Pro trial) and Pro tier: SMS bodies and senders are sent over HTTPS to our classification API for higher-accuracy cloud classification. They are processed in real time and are not retained after the response is returned.

Phone Numbers (Senders)

What we collect: The sender phone number or alphanumeric sender id of each incoming SMS we classify.
Why we collect it: Sender shape (numeric vs alphanumeric, length, country code) is a strong feature for OTP detection and scam warnings.
How we use it: Stored locally; transmitted to our classification API only during the trial / Pro window. Not shared with any third party other than the cloud-classification call described above.

Anonymous Install Identifier

What we collect: A random, opaque identifier generated by Firebase Installations (with a local UUID fallback). It is not derived from your hardware, your Google account, or your phone number.
Why we collect it: To group telemetry events from the same install without identifying you, to deduplicate misclassification reports, and to deliver server-side data deletion when you request it.
How we use it: Sent in the background with telemetry events, with crash reports (if you opt in), and inside misclassification reports (if you opt in). You can view your current install id in Settings → About.

App Interaction Events (Telemetry)

What we collect: App opens, screen views, button taps, and outcome counters such as first_otp_detected, default_sms_set, paywall_shown, purchase_completed, feedback_submitted, satisfaction_response. We also send your app version, OS version, device model, country, and the anonymous install id. We do not include the content of any SMS in telemetry events.
Toggle: Settings → Privacy & Data → Share usage analytics. ON by default after onboarding consent. Turning it OFF stops Firebase Analytics from collecting any further events from your install.
Why we collect it: Product analytics, conversion tracking for Google Ads campaigns we run, and to understand which features are used.
Where it goes: Firebase Analytics (Google), default 14-month retention.

Crash Reports

What we collect: Stack traces, breadcrumb logs, app version, device model, OS version, and the anonymous install id when the App crashes or hits a non-fatal error. We do not attach SMS content to crash reports.
Toggle: Settings → Privacy & Data → Share crash reports. ON by default. Turning it OFF stops further uploads.
Why we collect it: Diagnose and fix crashes.
Where it goes: Firebase Crashlytics (Google), 90-day retention.

Misclassification Feedback (Optional)

This feature is off by default (Settings → Feedback → "Help improve classification").
When it is enabled and you tap "Report as wrong", the App sends to our server over HTTPS:
- The sender of the message.
- A redacted version of the message body. Specifically, every run of 4 or more consecutive digits (typical OTPs, account numbers, amounts) is replaced with a deterministic randomised string per install. So 847291 becomes a different string for each install id, but the same string each time you report the same message. We never see your real OTP digits.
- The predicted labels shown in the app (OTP, intent, phishing, scores when available).
- Your correction note if you entered one.
- App version and the anonymous install id.
- Optionally, a feedback kind label (e.g. "actually otp", "not phishing") and a satisfaction score if you supplied one.
The App always shows you the redacted body before submission as part of the "Report as wrong" dialog so you can confirm what will be sent.
These items are stored on our servers indefinitely so we can review mistakes and train or tune future models. You may request deletion via the in-app delete flow or by emailing us.

Phone Number for Pro Account Recovery (Optional)

After a successful Pro subscription or legacy purchase, the App offers a one-screen prompt where you may optionally enter and verify a phone number via Firebase Phone Authentication.
The flow is entirely optional — tapping Skip for now dismisses it and the App continues to work as Pro.
If you proceed, the phone number is stored by Firebase Authentication. The App does not store the phone number in local preferences. We use it only to recover your Pro entitlement if you reinstall the app or switch devices.
We also store the resulting Firebase Authentication UID (an opaque identifier) so we can look up your account.

Purchase History (Pro Tier)

What we collect: The fact that you subscribed to "SMS Classifier Pro" (product id pro_yearly), the purchase token, subscription expiry, currency, and price tier. We may also keep legacy pro_lifetime purchase records for users who bought the earlier one-time product.
Why we collect it: To enforce active paid access, restore your subscription or legacy purchase across reinstalls, and report aggregated revenue figures back to ourselves and to Google Ads as a conversion event.
Where it goes: Google Play Billing (Google) handles payment. We mirror an aggregated purchase_completed event into Firebase Analytics. We do not collect or store your name, billing address, or card details.

Data Processing

On-Device Processing

Heuristic classification runs on your device. After your trial expires, all classification is performed on-device by default.
When processed on-device, your SMS content never leaves your device.
No SMS content is transmitted to external servers in this mode.

Cloud Processing (Trial / Pro)

During the 14-day trial that begins automatically with your first OTP, and for users with active Pro access, SMS content is sent to our classification API hosted on Google Cloud Run.
Messages are sent over encrypted HTTPS connections (TLS 1.2+).
Classification requests are processed in real time. SMS content sent only for classification is not retained on our servers after processing.
Misclassification feedback (described above), when you explicitly opt in, is stored separately for improving the classifier — not limited to ephemeral processing.

Local Storage

SMS messages and their classifications are stored locally in the App's database.
You can delete all stored messages at any time through Settings → Privacy & Data → Delete my data.
Uninstalling the App removes all locally stored data from your device.

Permissions

The App requests the following permissions:

READ_SMS: Read incoming and stored SMS messages so they can be classified.
RECEIVE_SMS: Receive SMS broadcasts so new messages can be classified as they arrive.
SEND_SMS: Required if you choose to send messages from the App while it is your default SMS handler.
WRITE_SMS: Required when the App is set as your default SMS handler so it can save messages back to the system SMS database.
RECEIVE_WAP_PUSH and RECEIVE_MMS: Required for the App to function as a default SMS handler (delivery of MMS notifications).
SEND_RESPOND_VIA_MESSAGE: Required by Android for any default SMS handler.
READ_CONTACTS: Used to display contact names alongside phone numbers in the inbox UI. Contact data is never transmitted off your device.
POST_NOTIFICATIONS: Show notifications for new messages and OTP detections (Android 13+).
INTERNET: Required for cloud classification, telemetry, crash reporting, Play Billing, and optional misclassification feedback uploads.
ACCESS_NETWORK_STATE: Check network connectivity so the App can fall back to on-device classification when offline.

Data Security

We implement the following security measures:

Encryption in Transit: All API communications use HTTPS encryption (TLS 1.2+).
Local Storage: The local message database lives in the App's private storage. It is not encrypted at the database level — we rely on Android's per-app sandbox and on the user's device unlock credential to gate access.
No Data Sharing: We do not share your SMS content or phone numbers with third parties beyond the processors described under "Third-Party Services" below.
Backend Secrets: Backend service-account keys are stored in Google Secret Manager and rotated periodically.
Identity: We do not maintain a separate user database; identity for paid users is delegated to Firebase Authentication.

Third-Party Services

Google — Firebase Suite

Firebase Analytics (telemetry events, anonymous install id).
Firebase Crashlytics (crash reports).
Firebase Installations (anonymous install id provider).
Firebase Authentication (Pro account phone-number linking, optional).
Firebase Remote Config (feature flags).
Each is processed under Google's Firebase data processing terms.

Google — Play Billing

Used to process and renew the annual Pro subscription.
Receives your Google Play account, region, transaction amount, and the purchase token.
Governed by the Google Play Billing terms and Google's standard privacy policy.

Google — Google Ads

If we run paid acquisition campaigns, Google Ads receives aggregated conversion events such as purchase_completed, default_sms_set, and first_otp_detected via Firebase Analytics linkage.
No SMS bodies, sender numbers, or your phone number are shared with Google Ads.
This data flow only activates if you have left analytics consent ON and a paid campaign is live.

Google Cloud Run & Cloud Storage

Our classification API and optional misclassification feedback ingestion run on Google Cloud Run in us-central1.
Misclassification reports (when you opt in) are persisted to Google Cloud Storage for offline analysis and model retraining.
Routine classification traffic is processed without long-term storage.
Google's privacy policy applies to their infrastructure: Google Privacy Policy.

Groq API (for explaining what a code is for)

When an OTP is detected during a cloud-classification request, our backend may call Groq's llama-3.1-8b-instant to predict what the code is for (e.g. "login", "transaction", "delivery").
Only the OTP message text is forwarded to Groq, and only inside the cloud-classification flow. Groq states it does not retain prompts for training.
Groq's privacy policy applies: Groq Privacy Policy.

We do not share data with Meta / Facebook, advertising networks, data brokers, or analytics resellers in the current build.

Data Retention

Data	Retention
On-device messages and classifications	Until you tap "Delete my data" or uninstall.
Real-time cloud classification requests	Not retained after the response is returned.
Misclassification feedback you opted in to upload	Indefinite (until you request deletion). Already-trained models will not be re-trained automatically when you delete.
Firebase Analytics events	14 months (Firebase default).
Firebase Crashlytics reports	90 days.
Phone number / Firebase Auth UID (Pro accounts only)	Until you delete the account or 24 months after your last app open, whichever is sooner.
Purchase and subscription records	7 years for tax purposes; we retain only the anonymised purchase row, subscription status, and expiry, not your name or address.

Your Rights

You have the following rights regarding your data:

Access: You can view all messages stored on your device inside the App.
Deletion (in-app): Settings → Privacy & Data → Delete my data. This wipes the local database, signs you out of Firebase Authentication, and sends a deletion request to our backend that purges your misclassification reports and any phone number we hold. Your Google Play subscription or legacy purchase is preserved — reinstalling and tapping Restore will recover active Pro access.
Deletion (email): Email us at gandharv@musicaigeneration.com with the subject line Delete my data — <your install id>. Your install id is shown in Settings → About. We action deletion requests within 14 days.
Opt-Out: Toggle off any of "Share usage analytics", "Share crash reports", or "Help improve classification" at any time in Settings → Privacy & Data.
Uninstall: Uninstalling the App removes all locally stored data from your device. It does not remove anything you have already uploaded; use the in-app delete flow first if you want server-side deletion as well.
GDPR / UK GDPR / CCPA: If you reside in the EEA, the United Kingdom, California, or another region with comprehensive privacy law, you also have the right to request a copy of your data (data portability), to request correction of inaccurate data, and to lodge a complaint with your local data protection authority. Email us with proof of association (your install id and approximate purchase date if you are a Pro user) to exercise these rights.
Personalised ads: The current build does not show ads. You can still opt out of Google's personalised advertising at the device level via Android Settings → Privacy → Ads.

Children's Privacy

Our App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Updating the "Last Updated" date at the top of this policy.
Posting a notice in the App for significant changes (for example: a new third-party SDK or a new data category) and asking you to re-confirm consent.

Your continued use of the App after any changes constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: gandharv@musicaigeneration.com
For privacy or data-deletion requests, please include your install id (Settings → About) so we can route the request correctly.

Compliance

This Privacy Policy is designed to comply with:

Google Play Store Developer Program Policies and Data Safety requirements.
General Data Protection Regulation (GDPR) for EU users.
UK Data Protection Act / UK GDPR for UK users.
California Consumer Privacy Act (CCPA) for California users.

Note: This privacy policy is specific to the SMS Classifier app. By using the App, you agree to the collection and use of information in accordance with this policy.