iSteps iSteps iSteps iSteps

Privacy Policy for LockSnap App

Privacy Policy
  1. Home
  2. Privacy Policy for LockSnap

Privacy Policy for LockSnap App

Last Updated: November 14, 2025 

Effective Date: November 14, 2025 

1. Introduction

Welcome to LockSnap, operated by ISTEPS UK LTD ("we," "our," or "us"). LockSnap is a security monitoring application designed to help protect your device by automatically capturing photos when unauthorized unlock attempts are detected.

This Privacy Policy explains how ISTEPS UK LTD collects, uses, discloses, and safeguards your information when you use our mobile application ("App"). Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: The App does not require user registration or account creation. No personal account information is collected.
  • Purchase Information: If you purchase a premium subscription, we collect purchase tokens, order IDs, and subscription details through Google Play Billing. This information is used solely for subscription management and verification.

2.2 Information Collected Automatically

  • Photos: The App captures and stores photos locally on your device when security events are detected (e.g., unlock attempts). These photos are stored exclusively on your device and are not transmitted to our servers or any third parties.
  • Location Data (Optional): If you grant location permissions, the App may capture and store location coordinates (latitude/longitude) with photos. This data is stored locally on your device only. Location data is never transmitted to external servers.
  • Device Information: The App may collect device-specific information such as:
    • Device model and manufacturer
    • Android version
    • App version
    • Device administrator status
    • Battery optimization status
  • Audit Logs: The App maintains local audit logs of security events, service status changes, and app activities. These logs are stored exclusively on your device.

2.3 Information from Third-Party Services

  • Google Play Services: When you make in-app purchases, Google Play processes your payment information. We receive purchase verification data (purchase tokens, order IDs) but do not receive your payment card details.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Core Functionality

  • Security Monitoring: To detect and capture photos of unauthorized unlock attempts
  • Service Management: To maintain the foreground service that monitors device security
  • Subscription Management: To verify and manage premium subscriptions
  • App Functionality: To provide features such as photo viewing, settings management, and security mode configuration

3.2 Optional Features

  • Location Tagging: If enabled, to associate location data with captured photos (stored locally only)
  • SMS Detection: If enabled, to detect specific SMS messages for "Find Device" functionality (SMS content is processed locally and not transmitted)
  • Call Me Back Mode: To initiate phone calls when triggered by security events (requires CALL_PHONE permission)

3.3 Service Reliability

  • Boot Monitoring: To automatically restart the security service after device reboot
  • Service Health Checks: To monitor and maintain service reliability
  • Battery Optimization: To ensure the security service continues running reliably

4. Data Storage and Security

4.1 Local Storage

  • Photos: All captured photos are stored locally on your device in the app's private storage directory. Photos are not uploaded to any external servers.
  • Metadata: Photo metadata (timestamps, location data if enabled, capture reasons) is stored locally in an encrypted Room database.
  • Audit Logs: Security event logs are stored locally on your device.
  • Preferences: App settings and preferences are stored locally using Android's secure storage mechanisms.

4.2 Data Transmission

  • Subscription Verification: Purchase tokens and order IDs are transmitted to our backend server solely for subscription verification and fraud prevention. No photos or personal data are transmitted.
  • No Photo Upload: Photos are never uploaded to our servers or any third-party services.
  • No Analytics: The App does not use analytics services (such as Firebase Analytics or Google Analytics) that would track your usage patterns.

4.3 Security Measures

  • Device Administrator: The App uses Android's Device Administrator API to monitor security events. This is a standard Android security feature.
  • Biometric Protection: The App supports biometric authentication (fingerprint, face unlock) to protect access to the app itself.
  • Passcode Protection: You can set a passcode to protect access to the App.
  • Encrypted Storage: Sensitive data is stored using Android's encrypted storage mechanisms.

5. Permissions Explained

The App requests the following permissions. You can grant or deny most permissions, but some are required for core functionality:

5.1 Required Permissions

  • CAMERA: Required to capture security photos when unlock attempts are detected.
  • Device Administrator: Required to monitor device unlock events and failed authentication attempts. This permission allows the App to:
    • Detect when the device is unlocked
    • Detect failed unlock attempts
    • Monitor device security events
  • POST_NOTIFICATIONS (Android 13+): Required to display security alerts and service status notifications.
  • FOREGROUND_SERVICE and FOREGROUND_SERVICE_CAMERA: Required to run the security monitoring service in the background. This service must run continuously to detect security events.
  • RECEIVE_BOOT_COMPLETED: Required to automatically restart the security service after device reboot.
  • WAKE_LOCK: Required to ensure the service continues running even when the device is in sleep mode.
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS: Required to prevent the system from stopping the security service to save battery.
  • SCHEDULE_EXACT_ALARM and USE_EXACT_ALARM: Required for precise timing of security checks and service monitoring.

5.2 Optional Permissions

  • ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION: Optional. Only used if you enable location tagging for photos. Location data is stored locally only and never transmitted.
  • RECEIVE_SMS and READ_SMS: Optional. Only used for the "Find Device" feature, which allows you to locate your device by sending a specific SMS. SMS content is processed locally and not transmitted.
  • CALL_PHONE: Optional. Only used for "Call Me Back" mode, which initiates a phone call when triggered by security events.
  • USE_BIOMETRIC: Optional. Used for biometric authentication to protect access to the App.
  • MODIFY_AUDIO_SETTINGS: Used to adjust audio settings during photo capture (e.g., shutter sound).
  • VIBRATE: Used to provide haptic feedback for security events.

5.3 System Permissions

  • BIND_QUICK_SETTINGS_TILE: Allows the App to provide a Quick Settings tile for easy access.
  • BIND_DEVICE_ADMIN: Required for Device Administrator functionality.

6. Third-Party Services

6.1 Google Play Services

  • Google Play Billing: Used for in-app purchases and subscription management. Google processes your payment information according to their Privacy Policy.
  • Google Play Services Location: Used for location services if location permissions are granted. Location data is processed according to Google's Privacy Policy.
  • Google Maps: Used to display location data on maps (if location permissions are granted). Map data is provided by Google according to their Privacy Policy.

6.2 Backend Services

  • Subscription Verification Server: ISTEPS UK LTD operates a backend server to verify subscription purchases and prevent fraud. Only purchase tokens, order IDs, and product IDs are transmitted. No personal data or photos are sent to this server.

7. Data Sharing and Disclosure

ISTEPS UK LTD does not sell, trade, or rent your personal information to third parties. ISTEPS UK LTD may share information only in the following circumstances:

7.1 Service Providers

  • Google Play: For processing in-app purchases and subscription management.
  • Backend Services: For subscription verification and fraud prevention (purchase tokens only, no personal data).

7.2 Legal Requirements

ISTEPS UK LTD may disclose information if required by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

7.3 Business Transfers

In the event of a merger, acquisition, or sale of assets involving ISTEPS UK LTD, your information may be transferred as part of that transaction. ISTEPS UK LTD will notify you of any such change in ownership.

8. Your Rights and Choices

8.1 Access and Control

  • View Photos: You can view, share, and delete captured photos at any time through the App.
  • Delete Data: You can delete individual photos or all photos through the App's interface.
  • Revoke Permissions: You can revoke permissions at any time through your device's Settings. Note that revoking required permissions may disable core functionality.
  • Uninstall: You can uninstall the App at any time, which will remove all locally stored data.

8.2 Subscription Management

  • Cancel Subscription: You can cancel your premium subscription at any time through Google Play Store settings.
  • Restore Purchases: You can restore previous purchases through the App's settings.

8.3 Device Administrator

  • Disable Device Administrator: You can disable Device Administrator access through your device's Settings > Security > Device Administrators. Note that this will disable the App's core security monitoring functionality.

9. Children's Privacy

The App is not intended for children under the age of 13. ISTEPS UK LTD does not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided ISTEPS UK LTD with personal information, please contact ISTEPS UK LTD immediately.

10. International Users

The App is designed for use on Android devices. ISTEPS UK LTD is based in the United Kingdom. If you are using the App from outside the United Kingdom, your information may be transferred to, stored, and processed in the United Kingdom. By using the App, you consent to the transfer of information to the United Kingdom.

11. Data Retention

11.1 Local Data

  • Photos: Photos are stored on your device until you delete them or uninstall the App.
  • Audit Logs: Audit logs are stored locally and retained until you clear them or uninstall the App.
  • Preferences: App preferences are stored locally and retained until you reset them or uninstall the App.

11.2 Server Data

  • Purchase Records: Purchase verification data (purchase tokens, order IDs) may be retained on ISTEPS UK LTD's servers for fraud prevention and subscription management purposes, in accordance with applicable laws.

12. Changes to This Privacy Policy

##Company## may update this Privacy Policy from time to time. ISTEPS UK LTD will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or ISTEPS UK LTD's data practices, please contact ISTEPS UK LTD:

Company Name: ISTEPS UK LTD
Email: hello@isteps.net
Website: www.isteps.net
Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

14. Additional Information for Specific Regions

14.1 United Kingdom and European Economic Area (EEA) Users

If you are located in the United Kingdom or EEA, you have certain rights under the UK GDPR and EU General Data Protection Regulation (GDPR):

  • Right to Access: You can request a copy of your personal data.
  • Right to Rectification: You can request correction of inaccurate data.
  • Right to Erasure: You can request deletion of your personal data.
  • Right to Restrict Processing: You can request restriction of processing.
  • Right to Data Portability: You can request transfer of your data.
  • Right to Object: You can object to processing of your data.

To exercise these rights, please contact ISTEPS UK LTD using the information provided in Section 13.

14.2 California Users

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about what personal information we collect, use, and disclose.
  • Right to Delete: You can request deletion of your personal information.
  • Right to Opt-Out: You can opt-out of the sale of personal information (we do not sell personal information).

To exercise these rights, please contact ISTEPS UK LTD using the information provided in Section 13.

15. Consent

By using the App, you consent to this Privacy Policy and agree to its terms. If you do not agree with this Privacy Policy, please do not use the App.

Note: This Privacy Policy is specific to the LockSnap application. For information about how Google handles your data when using Google Play Services, please review Google's Privacy Policy.


iSteps

© 2020 iSteps. All Rights Reserved.