This Privacy Policy describes how the DoneProof mobile application ("DoneProof", "we", "us", or "our") handles information when you use the app on your Android device. We designed DoneProof to be private by default — most data never leaves your device.
1. Information We Collect
DoneProof is built around an on-device, privacy-first model. The app does not require an account and does not upload your data to any server by default. The categories of information the app handles are described below.
a) Photos and images
- Photos captured through DoneProof are stored locally on your device inside the app's private storage area.
- Each photo is fingerprinted with a SHA-256 hash at the moment of capture so later modifications can be detected.
- We do not transmit your photos to our servers.
b) Location data
- When you take a photo, DoneProof reads your device's GPS location (latitude, longitude, accuracy, and where available altitude and heading) and embeds it into the photo's metadata and proof record.
- Location is collected only at the moment of photo capture. DoneProof does not track your location in the background.
- Location data is stored locally with the associated photo.
c) Job and note data
- Job names, site labels, notes, and task statuses you enter are stored locally on your device.
d) Device and diagnostic data
- DoneProof may log non-identifying crash and diagnostic information locally to help you report issues. This data is not transmitted unless you explicitly choose to share a diagnostic report with us.
2. Permissions We Request
Camera
Required to capture photo evidence of completed work. The camera is only active while you are using the in-app capture screen.
Location (Fine / Precise)
Required to GPS-stamp each photo with accurate coordinates. Used only at the moment of capture — never in the background.
Storage / Photos & Media
Used to save proof photos and exported PDF reports to your device, and (only when you choose) to attach photos to a job from your gallery.
Notifications (optional)
Used to remind you about scheduled jobs. You may decline or revoke this permission at any time without losing core functionality.
3. How Your Information Is Used
- To produce GPS-stamped, hash-verified photo evidence.
- To organize photos under the jobs and sites you create.
- To generate exportable PDF reports at your explicit request.
4. Data Sharing
We do not sell, rent, or share your personal information with third parties. Photos and job data leave your device only when you explicitly export, share, or send them through another app (e.g. email, messaging, cloud storage) using Android's standard share sheet.
5. Data Retention & Deletion
All data is retained on your device until you delete it. You can:
- Delete individual photos or jobs from inside the app.
- Clear all DoneProof data by going to Android Settings → Apps → DoneProof → Storage → Clear data, or by uninstalling the app.
6. Children's Privacy
DoneProof is not directed to children under 13 and we do not knowingly collect personal information from children.
7. Security
Data is stored within the app's private storage sandbox provided by Android. Cryptographic hashes (SHA-256) are used to detect tampering with captured images. No security system is perfect; we encourage you to keep your device updated and use a screen lock.
8. Your Rights
Because data is stored on your device, you control it directly — you can access, export, or delete it at any time. Where applicable laws (such as GDPR or CCPA) provide additional rights, you may contact us to exercise them.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above and, where appropriate, notifying you within the app.
10. Contact Us
For questions about this Privacy Policy or your data, please reach out through the support channel listed on the app's Google Play Store page.