Sting Ops — Privacy Policy
Last updated: July 2025
Yadav Enterprises ("we", "our", or "us") operates the Sting Ops mobile application ("the App"). This Privacy Policy explains how we collect, use, store, and protect your information when you use the App. By using Sting Ops, you agree to the practices described here.
1. Information We Collect
The App collects the following types of information to provide its core safety functionality:
- Camera and Audio Data: The App records video and audio when you start a recording session. Video is captured using your device's camera, and audio is captured using your device's microphone. This data is used solely for the purpose of creating safety recordings.
- Device Identifier: The App uses a persistent device identifier to create an anonymous account and manage your recording quota. This identifier does not reveal your personal identity but is tied to your device.
- Recipient Contact Information: You voluntarily provide email addresses and optional phone numbers for trusted contacts who should receive recordings in an emergency. This information is stored locally on your device and in secure cloud storage.
- Reporter Name and Context Message: You may optionally provide a reporter name and a custom message (up to 500 characters) that will be included in alert emails sent to your trusted contacts.
- Language Preference: Your selected language is stored locally to personalize the App interface.
- Crash Reports: The App uses Firebase Crashlytics to collect crash reports, which may include device information, operating system version, and stack traces. This data is used solely to diagnose and fix bugs.
The App does not collect your real name, personal email, phone number, GPS location, or contacts list. The App does not access your location at any time.
2. How We Use Your Information
We use the collected information for the following purposes:
- Recording and Backup: Video and audio data is recorded, segmented into short clips, and uploaded to secure cloud storage so that evidence is preserved even if your device is seized or destroyed.
- Emergency Delivery: When a safety trigger is activated (duress code, Dead Man's Switch, or manual stop), recordings are assembled and delivered to your pre-configured trusted contacts via email.
- Account Management: Your device identifier is used to create and manage an anonymous account, track your recording quota, and maintain your session data.
- Service Improvement: Crash reports are used to identify and fix technical issues, improving the reliability of the App.
- Quota Management: Your recording usage is tracked to enforce the free-tier monthly quota limit (30 minutes per month).
3. Data Storage and Security
We take the security of your data seriously and implement the following measures:
- Anonymous Authentication: The App uses Firebase Anonymous Authentication, meaning no personal identity is required or linked to your account.
- Owner-Only Access: Cloud Firestore and Firebase Storage security rules ensure that only you (authenticated via your device) can read or write your own data.
- Encrypted Transport: All communication between the App and our servers is encrypted using HTTPS/TLS.
- Secure Code Handling: Stop and duress codes are hashed using SHA-256 with your device identifier as a salt. Plaintext codes are never stored on our servers or your device.
- Local Storage: Settings and temporary recording segments are stored locally on your device using encrypted shared preferences and secure file storage.
- Cloud Storage: Video segments and assembled recordings are stored in Firebase Cloud Storage with strict access controls.
4. Data Sharing and Disclosure
We do not sell, trade, or rent your personal information. Your data is shared only in the following circumstances:
- Trusted Contact Delivery: When a safety trigger is activated, recordings are sent to the email addresses you configured. These emails are sent via our secure email service (SMTP) and may include video attachments or time-limited secure links.
- Firebase Services: Your data is processed by Google Firebase services (Firestore, Cloud Storage, Cloud Functions, Crashlytics) in accordance with Google's privacy practices.
- Legal Requirements: We may disclose your data if required by law, regulation, or legal process.
- Service Providers: We use third-party service providers (such as email and cloud infrastructure) who are contractually obligated to protect your data and use it only for the purposes we specify.
5. Data Retention
We retain your data for different periods depending on the type of data and how it is used:
- Recording Segments (local): Temporary upload segments are deleted from your device immediately after successful upload to the cloud.
- Recording Segments (cloud): Segments are retained in cloud storage during an active session. After delivery to trusted contacts, they are assembled into a single video file. Secure download links expire after 7 days.
- High-Quality Recordings (local): Full-quality recordings are stored on your device and remain there until you choose to delete them. We do not have access to these local files.
- Session Data: Session metadata in Firestore is retained indefinitely. You may request deletion of your session data by contacting us.
- Account Data: Your anonymous user profile (device ID, quota usage) is retained as long as the App is installed on your device.
- Crash Reports: Crash data is retained by Firebase Crashlytics for up to 90 days.
6. Your Rights and Choices
You have the following rights regarding your data:
- Access: You can view your settings and session history within the App.
- Correction: You can update your recipient contacts, reporter name, and other settings at any time within the App.
- Deletion: You can delete local recordings from your device using the recordings gallery. To request deletion of your server-side data (account, sessions, cloud recordings), contact us at the email below.
- Stop Using: You may stop using the App at any time. Uninstalling the App will remove local data, though server-side data will persist unless you request deletion.
- Safe Stop: Using the correct stop code during a recording will immediately terminate the session and trigger server-side deletion of cloud-stored recordings for that session.
7. Third-Party Services
The App uses the following third-party services:
- Google Firebase: Provides authentication, database, cloud storage, cloud functions, and crash reporting. See Google's Privacy Policy.
- Firebase Crashlytics: Collects anonymous crash reports to help us fix bugs. No personally identifiable information is collected by Crashlytics.
These services collect data in accordance with their own privacy policies. We encourage you to review their policies.
8. Children's Privacy
The App is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information promptly.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.
10. Contact Us
If you have any questions about this Privacy Policy or wish to request deletion of your data, please contact us:
- By email: support@yarktech.in
- By phone: +91 62849 86841
- By mail: 3/225-AB, Thanneer Pandal, Chinnathadagam Main Road, Chinnathadagam, Coimbatore, Tamil Nadu - 641108, India