NotiVault AI

Privacy Policy

Effective July 5, 2026 · Last revised July 5, 2026

Lumiora (the “Company”) respects your privacy and complies with applicable data-protection laws. This Privacy Policy applies to the mobile application NotiVault AI (the “App”). NotiVault AI is a local-first app that collects, classifies, searches, summarizes, and stores your device notifications entirely on your device.

Core principle — The content of your notifications (sender, title, body, images, etc.) is never sent to the Company's servers or to any external party. All classification, search, summarization, and AI inference happen on your device. Only certain non-notification data is sent to the third-party services in Section 5, for ads, usage analytics, app-integrity checks, in-app purchases, and AI-model downloads.

1. Information We Process

1.1 Processed only on your device (never sent to our servers)

The App collects notifications only after you grant Notification Access, and stores them in an encrypted on-device database (SQLCipher).

CategoryItems
Notification contentBody, title, sender (as shown by the source app), received time, source app package, notification images, raw notification payload. The body is stored verbatim and may contain sensitive data such as one-time codes or financial details.
Extracted dataRule-based items (amount, date, order number, links). One-time passcodes (OTP) are not stored as values — only the fact of detection is recorded (masked as ******).
Analysis metadataCategory, importance, read state, language, content hash for de-duplication.
Search dataKeyword search index (over title, body, sender) and on-device AI summary cache. Both stay on the device only.
Your settingsCustom categories, manual rules, spam allow/block senders, learned senders, blocked apps, reminder settings.
Local identifierA random install identifier generated on-device (never transmitted).

1.2 May be processed/transmitted via third-party services

PurposeDataNotes
Ads (optional)Advertising ID, device & network infoGoogle AdMob (mediation host) with Meta Audience Network and Pangle. When active, shown under UMP consent, non-personalized by default. Notification content is never sent.
Usage analytics (optional)App events (screen/button labels), app-instance ID, device/event infoFirebase Analytics. You can opt out in Settings. Notification content/senders are never sent.
Integrity checkApp/device integrity tokenGoogle Play Integrity. No personal content.
In-app purchase (optional)Purchase token & stateGoogle Play Billing. Payment details are handled by Google.
AI modelNetwork info on download (e.g., IP)Model download only from Hugging Face. No user data uploaded.

The App has no sign-up, login, or account, and does not directly collect your name, phone number, or email (except an email you provide when contacting us).

2. Purposes of Processing

  1. Notification storage & management: automatic capture, encrypted storage, de-duplication, status overview
  2. Classification & search: automatic/manual classification, keyword and natural-language search
  3. Summaries, insights & reminders: on-device AI summaries, category/fatigue insights, re-alerts for unread important notifications
  4. Spam control: keyword/learned-sender classification and allow/block
  5. Data control: export (portability), retention management, deletion
  6. Quality & security: optional analytics-based improvement, root/tamper detection
  7. Monetization (optional): ads and an ad-removal in-app purchase

3. Retention & Deletion

  1. On-device notification data is stored only on your device and is deleted when you delete it (individually, by period, or entirely), when category-based retention expires, or when you uninstall the App (the encryption key is destroyed, making data unrecoverable).
  2. Usage analytics (optional) stops immediately when you opt out; previously collected data follows the processor's (Google's) policy.
  3. Any email you provide for support is deleted without delay once handled.
  4. The Company operates no server that can access notification content, so there is no server-side copy.

4. Sharing with Third Parties

We do not share personal data with third parties beyond the stated purposes, except (i) with your prior consent, or (ii) where required by law or a lawful request from authorities. Because notification content is never transmitted, it is never shared with third parties.

5. Service Providers (Processors)

To operate the service, certain processing is delegated to the third-party SDKs below. Each provider processes data under its own policy.

ProviderTaskDataPolicy
Google LLC (AdMob)Serving adsAdvertising ID, device & network infoLink
Meta Platforms, Inc. (Audience Network)Ad serving (mediation)Advertising ID, device & network infoLink
ByteDance Pte. Ltd. (Pangle)Ad serving (mediation)Advertising ID, device & network infoLink
Google LLC (UMP)Ad-consent managementConsent stateLink
Google LLC (Firebase)Usage analyticsApp events, instance ID, device/event infoLink
Google LLC (Firebase Crashlytics)Crash diagnosticsCrash logs, instance ID, device stateLink
Google LLC (Firebase Remote Config)Remote ad-policy configurationApp instance ID, basic device infoLink
Google LLC (Play Integrity)Integrity checkIntegrity tokenLink
Google LLC (Play Billing)In-app purchasePurchase token & stateLink
Hugging Face, Inc.AI-model distributionNetwork info on download (IP, etc.)Link

6. International Transfers

The providers above are located abroad, so some data may be transferred internationally when you use those features.

RecipientCountryItemsWhen/How
Google LLCUnited States, etc.Advertising ID & device info, analytics, integrity token, purchase infoSent over the network when the feature runs
Meta Platforms, Inc.United States, Ireland, etc.Advertising ID, device & network infoWhen ads active / mediation wins
ByteDance Pte. Ltd. (Pangle)Singapore, United States, etc.Advertising ID, device & network infoWhen ads active / mediation wins
Hugging Face, Inc.United StatesNetwork info of model download requestOn first model download

You can refuse or stop some transfer-related processing by opting out of analytics, withdrawing ad consent, or purchasing ad removal.

7. Your Rights

Most rights can be exercised instantly within the App.

  1. Access & search: view and search stored notifications in the App
  2. Correct & delete: delete individually, by period, or entirely (including images)
  3. Portability (export): export your data as JSON or CSV
  4. Stop processing / withdraw consent: block collection per app, opt out of analytics, withdraw ad consent
  5. Activity log: review the in-app privacy (audit) log

To exercise rights or contact us: App settings or the contact in Section 12. We respond within the periods required by law.

8. Automated Collection & Opt-out

9. Security Measures

  1. Full encryption of stored data (SQLCipher); the key is protected by the Android Keystore (StrongBox where available).
  2. On uninstall/reinstall the key is destroyed, making prior data unrecoverable.
  3. On root/tamper detection the vault is locked; Play Integrity verifies app/device integrity.
  4. Screenshot/recording of sensitive screens is blocked in production builds.
  5. No notification content is stored on Company servers; settings are stored separately from notification data.

10. Device Permissions

PermissionPurposeType
Notification accessNotification capture & storage (core)Requires your consent
Post notificationsReminders, status overview, status-bar panelOptional
Internet & network stateAds, analytics, integrity, model downloadOptional
Foreground service (special use)Reliable capture without lossRequired
Boot completedRe-schedule reminders after rebootOptional
Wake lock / reorder tasksStable background capture/schedulingOptional
Advertising ID / billingAds and ad-removal purchaseOptional

You may revoke permissions in device settings at any time; related features may then be limited.

11. Children Under 18

NotiVault AI is intended for users aged 18 and over. We do not target children or knowingly collect children's personal data. If we learn we have, we delete it without delay.

12. Data Protection Officer & Contact

Company Lumiora
Officer / Representative Sungjin Park
Email contact@lumiora.co.kr
Phone +82 10-3262-8946
Address 119 Gireum-ro, Seongbuk-gu, Seoul, Republic of Korea
Business reg. no. 376-09-03284 · E-commerce reg. 2026-Seoul-Seongbuk-0319
Website https://lumiora.co.kr

13. Remedies (Republic of Korea)

14. International Users — GDPR/CCPA

15. Changes

We may update this Policy as laws or the service change. We will give prior notice of changes and the effective date in the App and at the published URL.

This policy is effective as of July 5, 2026.