Privacy Policy
Effective from June 30, 2026. Version 1.1
ScamGuard is a free Android app that helps prevent phone fraud. This policy explains what data the app processes, where it's stored, and what is sent outside the device. In short: the content of your SMS never leaves your device.
1. Who we are
ScamGuard is a personal non-commercial project, developed by an individual in Chiศinฤu, Republic of Moldova. Contact: scamguardrm@gmail.com.
In the meaning of EU Regulation 2016/679 (GDPR) and Law No. 133/2011 of the Republic of Moldova on the protection of personal data, the data controller within this application is the developer.
2. What data the app processes
The app works with three categories of data, and all of them stay on your device:
- Content of incoming SMS โ analyzed locally to detect one-time codes and correlate them with an active call. Not transmitted outside the device.
- Phone call status โ the app knows if there's an active call right now and what number called last. This data is used only at runtime and is not saved.
- Detection history โ list of cases when the app showed a warning. Stored only in device memory, can be cleared in Settings.
3. What is sent to the server
The app makes one outbound network request:
- Anonymous confirmation of terms acceptance. On first launch, when you accept this Policy and the Terms of Use, an anonymous record is sent to the server: terms version, acceptance date, and SHA-256 hash of the Android system identifier of the device. From this hash, it is impossible to recover your name, number, email, or any other personal information โ it's just a 64-character string.
This record is stored on Cloudflare servers (KV Storage) and used exclusively as legal proof of obtaining consent. Storage period โ indefinite, as deletion would remove the evidentiary basis. This corresponds to the exception under Article 17(3)(e) of GDPR.
4. What the app does NOT do
- Does not transmit SMS content anywhere
- Does not store data in the cloud
- Does not use analytics (Google Analytics, Firebase Analytics, etc.)
- Does not show ads
- Does not transfer data to third parties
- Does not use cookies or other tracking technologies
- Does not request access to your contacts list, photos, files, GPS location
5. Third-party services
The app uses Cloudflare Workers and Cloudflare KV to store anonymous confirmations of terms acceptance. Cloudflare processes data within the EU. Their privacy policy is available at cloudflare.com/privacypolicy.
The app is distributed via GitHub Releases and (planned) Google Play. When downloading, GitHub or Google privacy policies apply.
6. Your rights
Under GDPR and Law No. 133/2011, you have the following rights:
- Right to know what data about you is processed โ this document answers this question exhaustively
- Right to erasure โ all local data on your device can be deleted by clearing the app's data in Android system settings. The anonymous hash on the server does not personally identify you and is kept as legal proof (exception under Art. 17(3)(e) GDPR)
- Right to object โ you can stop using the app at any time, simply by uninstalling it
- Right to lodge a complaint โ to the National Center for Personal Data Protection of Moldova (datepersonale.md) or to the supervisory authority of your country of residence
7. Children
The app is intended for persons over 18 years of age. By accepting the Terms of Use, you confirm that you are at least 18 years old.
8. Security
Since the main data is stored locally on your device, security primarily depends on how well the device itself is protected (PIN code, encryption). For the server side, we use standard Cloudflare protection measures.
9. Policy changes
If this policy changes significantly, the app will display a notification and ask you to re-accept the terms. Minor corrections are published on this page with the date update at the beginning of the document.
10. Contact
For any questions related to the protection of your data:
Email: scamguardrm@gmail.com
โ Back to main page