Pactora Logo Pactora Get the App

Pactora Privacy Policy

Version: 2.0.0
Effective Date: May 27, 2026

1. PREAMBLE AND ARCHITECTURAL SCOPE

Welcome to Pactora, a commitment tracking app built to keep your data on your device. This Privacy Policy explains what data we store and how we protect it (referred to as "the App," "we," "us," or "our").

1.1 The Privacy Manifesto

Pactora was conceived as a response to the pervasive surveillance and data aggregation common in the modern digital ecosystem. Our core philosophy is built upon the "Offline-Always" architectural paradigm. By design, Pactora does not possess a centralized cloud infrastructure for user-generated data. This fundamental technical constraint is our primary privacy safeguard: we cannot sell, share, or leak data that we never possess.

1.2 Legally Binding Agreement

By downloading, installing, accessing, or otherwise utilizing the App, you ("the User," "Data Subject," or "Controller") signify your unconditional acceptance of this Policy. This document is intended to exceed the disclosure requirements set forth by major global privacy frameworks, including but not limited to GDPR, CCPA, CPRA, LGPD, and PIPEDA.

2. GLOSSARY OF DEFINITIONS

To ensure absolute clarity, the following terms as used in this Policy shall have the meanings ascribed to them below:

  1. "App" or "Software": The Pactora mobile application in all its versions and distributions.
  2. "PFOA": Privacy-First, Offline-Always architecture.
  3. "Local Database": The Isar database instance residing within the protected sandbox of the User's mobile device.
  4. "User Data": Any information, whether personally identifiable or not, entered into the App by the User.
  5. "Controller": Under GDPR, the entity that determines the purposes and means of processing. In Pactora, the User is the primary Controller.
  6. "Processor": Under GDPR, the entity processing data on behalf of the Controller. Pactora acts as a software provider, not a remote processor.
  7. "Metadata": Data that provides information about other data, such as timestamps and record IDs.
  8. "Encrypted Storage": The use of device-level encryption (e.g., File-Based Encryption on Android) to secure the App's directory.
  9. "Third-Party SDK": Software Development Kits provided by external vendors (e.g., Google AdMob) integrated into the App.
  10. "AdID" or "IDFA": Unique identifiers provided by mobile operating systems for advertising purposes.
  11. "Commitment": A generic term for any Promise, Money Record, or Borrowed Item tracked within the App.
  12. "Isar": The cross-platform, high-performance NoSQL database engine used by Pactora.
  13. "JSON": JavaScript Object Notation, the format used for local data export and backup.
  14. "Export": The user-initiated process of creating a portable file containing local data.
  15. "Biometric Lock": The use of fingerprint or facial recognition sensors to gate access to the App.
  16. "AdMob": Google's mobile advertising platform.
  17. "Premium": The paid version of the App with enhanced features.
  18. "Lifetime License": A one-time purchase granting permanent access to Premium features.
  19. "Subscription": A recurring payment model for access to Premium features.
  20. "Notification": A local system alert triggered by the device's alarm manager.
  21. "Exact Alarm": A system permission required for precise notification delivery on Android 12+.
  22. "Isar Schema": The formal definition of the data structure within the local database.
  23. "Collection": A grouping of related records in the Isar database (e.g., the 'persons' collection).
  24. "POID": Person Object Identifier, a local unique key.
  25. "Record": A single entry within a collection.
  26. "Log": A local diagnostic record of App events.
  27. "Sandbox": The isolated environment provided by the OS where the App runs.
  28. "APK" / "IPA": The installation packages for Android and iOS respectively.
  29. "Manifest": The configuration file defining App permissions and capabilities.
  30. "GDPR": General Data Protection Regulation (EU 2016/679).
  31. "CCPA": California Consumer Privacy Act of 2018.
  32. "CPRA": California Privacy Rights Act of 2020.
  33. "LGPD": Lei Geral de Proteção de Dados (Brazil).
  34. "PIPEDA": Personal Information Protection and Electronic Documents Act (Canada).
  35. "Data Subject": The individual to whom personal data relates.
  36. "Processing": Any operation performed on personal data (in this App, primarily storage and retrieval).
  37. "Anonymization": The removal of identifying markers from data.
  38. "Pseudonymization": Replacing identifying data with artificial identifiers.
  39. "Clear All Data": The destructive App feature that purges the local database.
  40. "Backup File": The .pactora or .json file generated during export.
  41. "Proof Photo": An image captured or selected to verify a commitment.
  42. "Currency Code": The ISO 4217 code for financial records (e.g., INR).
  43. "Priority Level": The importance weight assigned to a promise.
  44. "Recurrence Engine": The local logic that regenerates repeating promises.
  45. "Timeline": The chronological view of local record changes.
  46. "Stats Engine": The local analytics module for visualizing financial and task data.
  47. "Archive": A storage state for completed or inactive records.
  48. "Person Sync": The process of importing names from the device contact list.
  49. "IAP": In-App Purchase.
  50. "IAP Token": A cryptographic string verifying a purchase status.

3. DATA ARCHITECTURE AND STORAGE INVENTORY

Pactora utilizes the Isar Database engine. Below is an exhaustive inventory of the data types stored locally on your device.

3.1 Personal Identifiers Collection

Element Purpose Sensitive? Storage
Name Personalization of UI No Local Isar
Email Record keeping No Local Isar
Phone Record keeping No Local Isar
Bio User profile details No Local Isar
Profile Path Link to avatar image No Local Isar

3.2 Promise Collection

Element Purpose Storage
Title Name of the commitment Local Isar
Description Detailed instructions Local Isar
Due Date Trigger for reminders Local Isar
Due Time Precise alarm trigger Local Isar
Priority UI sorting/filtering Local Isar
Recurrence Automated re-scheduling Local Isar
Proof Paths Links to evidence images Local Isar

3.3 Financial Records (Money) Collection

Element Purpose Storage
Amount Numerical value of debt/credit Local Isar
Currency Formatting and scaling Local Isar
Type (Owe/Lent) Transaction direction Local Isar
Paid Amount Tracking partial settlements Local Isar
Status Life-cycle management Local Isar

3.4 Borrowed Items Collection

Element Purpose Storage
Item Name Identity of the physical object Local Isar
Condition State of item at handover Local Isar
Handover Date Timestamp of physical transfer Local Isar
Return Date Deadline for return Local Isar
Photo Path Visual record of condition Local Isar

4. PERMISSIONS: DETAILED JUSTIFICATION

Pactora requests specific permissions from your mobile operating system. These are only utilized to provide the features you explicitly trigger.

4.1 Notifications & Exact Alarms

  • Purpose: To deliver reminders for promises and payments.
  • Android 12+ Specifics: Requires SCHEDULE_EXACT_ALARM to ensure notifications are delivered at the precise minute chosen by the user.
  • Data Flow: No data leaves the device; this is a system-level alarm registration.

4.2 Camera & Media Gallery

  • Purpose: To capture or select "Proof Photos" and "Profile Avatars."
  • Data Flow: Images are stored in the App's local directory or accessed via file URI. They are never uploaded.

4.3 Contacts Access

  • Purpose: To allow you to quickly select people from your phonebook instead of typing names.
  • Data Flow: The App reads the contact list into memory, allows selection, and saves ONLY the selected name/number to the local database. The full contact list is never stored or transmitted.

4.4 Internet Access

  • Purpose: 1. To download and display advertisements (Google AdMob). 2. To process In-App Purchases (Google Play Store).
  • Data Flow: Only technical metadata (AdID, interaction stats) is transmitted to Google. No user-generated promise or financial data is ever sent over the internet.

5. THIRD-PARTY DATA PROCESSING DISCLOSURE

5.1 Google AdMob (Advertising)

We use AdMob to monetize the free version of Pactora. Google may use your device's advertising identifier to serve personalized or contextual ads.

  • Identifiers: AdID (Android) or IDFA (iOS).
  • Control: You can reset or disable these identifiers in your OS settings.
  • Opt-Out: You can purchase Pactora Premium to remove all AdMob integrations entirely.

5.2 Google Play Billing (Payments)

All financial transactions for Premium are handled by Google.

  • Data Shared with Google: Payment methods, billing address, account identity.
  • Data Received by Pactora: Success/Failure status and a unique purchase token.

6. GLOBAL REGULATORY COMPLIANCE

6.1 EU/EEA (GDPR)

Pactora complies with the GDPR by making the user the primary Controller of their data.

  • Data Minimization: We collect only what is necessary for the App to function.
  • Right to Access/Portability: Use the "Export Backup" feature.
  • Right to Erasure: Use "Clear All Data" or uninstall the App.

6.2 California (CCPA/CPRA)

We do not "sell" or "share" personal information as defined by California law.

  • Notice at Collection: This Policy serves as the notice.
  • Request to Know: All data is visible in the App's UI.

6.3 Brazil (LGPD)

Pactora respects the LGPD principles of transparency and security. Since all data is local, users maintain full control over their Brazilian data privacy rights.

6.4 Canada (PIPEDA)

Our offline model aligns with PIPEDA's emphasis on consent and accountability. By keeping data local, we ensure it remains within the user's immediate jurisdiction.

6.5 Australia (Privacy Act 1988)

We handle information in accordance with the Australian Privacy Principles (APPs), focusing on openness and user-controlled data management.

7. DATA BREACH AND SECURITY PROTOCOLS

7.1 Local Breach Scenarios

In an offline app, a "breach" occurs if the physical device is compromised or if malicious software gains root access to the device's filesystem.

  • Our Safeguards: We use Isar's efficient storage and follow OS-level sandboxing rules.
  • Your Responsibility: You must secure your device with a strong passcode or biometric lock.

7.2 No Server-Side Breach Risk

Because Pactora does not maintain a centralized database of user promises or money records, there is zero risk of a mass data breach from our side.

8. RETENTION AND DISPOSAL

  • Active State: Data is retained indefinitely while the App is installed.
  • Manual Deletion: Users can delete individual records at any time.
  • Permanent Purge: The "Clear All Data" feature in Settings will immediately and irreversibly delete the entire Isar database.
  • Uninstallation: Standard OS behavior will delete all App data upon uninstallation.

9. CHILDREN'S PRIVACY PROTECTION

Pactora is intended for a general audience. We do not knowingly target children under 13. Given the offline nature, if a child uses the App, their data remains on the device and can be deleted by a parent or guardian directly.

10. REVISIONS TO THIS POLICY

We reserve the right to modify this Policy. Any changes will be announced within the App. Continued use of the Software after updates constitutes acceptance of the revised Policy.

11. CONTACT AND LEGAL INQUIRIES

Developer: Sourabh Singh
Email: sourabh3527@gmail.com
Mailing Address: Available upon request via sourabh3527@gmail.com
Website: https://sooubh.github.io/pactora/

End of policy.