NoID Privacy | Effective: 05.03.2026
1. Introduction
The protection of your personal data is important to us. This privacy policy informs you about the nature, scope and purpose of the processing of personal data when using our software NoID Privacy and our website noid-privacy.com.
Controller (Art. 4(7) GDPR)
Fabio Mantegna (NoID Privacy)
c/o Autorenglück #52020
Albert-Einstein-Straße 47
02977 Hoyerswerda
Germany
Email: privacy@noid-privacy.com
2. Zero Tracking Principle
NoID Privacy was developed with a strict zero-tracking approach:
❌ We do NOT collect:
- Usage statistics
- Behavioral analytics
- Telemetry data
- Location data
✅ We ONLY collect:
- Data strictly necessary for contract fulfillment
- Data you voluntarily provide
Necessity of Data Provision (Art. 13(2)(e) GDPR): Without certain information (e.g., email address for purchase, Hardware ID for license activation), contract fulfillment or use of the software is not possible.
3. Payment Processing
3.1 NoID Privacy for Android (Mobile App)
Purchases within the Android app are processed exclusively by Google Play Billing. Google Ireland Limited acts as the Merchant of Record.
- Data processed by Google: Payment method, purchase history, Google Account ID
- Our access: We only receive a purchase confirmation token to unlock Premium features. We do NOT receive your payment details, credit card number, or billing address.
- Legal basis: Art. 6(1)(b) GDPR (contract performance)
- Google Privacy: policies.google.com/privacy
3.2 NoID Privacy for Windows (Desktop)
Payment processing for the Windows desktop version is handled by Lemon Squeezy, LLC (USA) as an independent controller (Merchant of Record). Lemon Squeezy processes: Name, email, payment data, IP address.
Legal basis: Art. 6(1)(b) GDPR (contract performance)
Lemon Squeezy Privacy: lemonsqueezy.com/privacy
4. License Activation
4.1 NoID Privacy for Android (Mobile App)
The Android app does NOT use license keys or Hardware IDs. Premium status is managed entirely through Google Play:
- Your purchase is tied to your Google Account
- Premium status is verified via Google Play Billing API
- No personal identifiers are stored by us
- Works across all devices logged into the same Google Account
4.2 NoID Privacy for Windows (Desktop Only)
Data: License key, Hardware ID (hashed value)
Purpose: License validation, activation limit (1 device)
Legal basis: Art. 6(1)(b) GDPR
Validation: On each application startup (offline use up to 90 days possible)
The Hardware ID is a one-way hashed value that is designed so it cannot reasonably be reverse-engineered. No profiling.
Retention: License data is retained for the duration of the license plus 2 years for enforcement of potential legal claims.
5. Website
Server Logs
IP address (anonymized after 7 days), date/time, browser, operating system.
Legal basis: Art. 6(1)(f) GDPR
Cookies
This website (noid-privacy.com) sets no cookies. We use neither session cookies nor tracking cookies. Note: External services linked from our site (e.g. Lemon Squeezy for payments) may set their own cookies.
Contact Form & Support
Data: Email address, name (optional), message content
Purpose: Responding to your inquiry
Legal basis: Art. 6(1)(b)/(f) GDPR
Retention: Until resolution of inquiry, max. 2 years
6. Data Recipients
Independent Controllers
Lemon Squeezy, LLC (USA) – Payment processing
Processors
webgo GmbH (Germany) – Website hosting, email delivery
7. International Data Transfers
Lemon Squeezy (USA): EU Standard Contractual Clauses (SCC)
GitHub/Microsoft (USA): EU-U.S. Data Privacy Framework (DPF)
8. Your Rights
- Access (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
- Withdrawal of consent (Art. 7(3) GDPR)
- Complaint to supervisory authority (Art. 77 GDPR)
Supervisory Authority
The Saxon Data Protection Commissioner
Devrientstraße 5, 01067 Dresden, Germany
www.saechsdsb.de
9. Contact
Email: privacy@noid-privacy.com
10. NoID Privacy for Android (Mobile App)
The "Zero Tracking" principle described in Section 2 applies fully to the NoID Privacy mobile application for Android.
10.1 Declared Permissions
The app requests only minimal Android system permissions. ALL data is processed locally on your device and is NEVER transmitted to our servers or any third party.
- NFC: Checks NFC radio state. Normal permission, auto-granted at install (no runtime dialog).
- INTERNET: Used ONLY for Google Play Billing (Premium verification). No analytics or tracking.
- ACCESS_NETWORK_STATE: Checks network connectivity for VPN detection. No data transmission.
10.2 Permission-Free Security Checks
The app performs additional security checks using permission-free Android system APIs:
- Bluetooth status: Via Settings.Global (no permission required since Android 12)
- Location services status: Via LocationManager (no permission required since Android 12)
- SIM card & device security status: Via TelephonyManager (no permission required)
These APIs only return on/off status — no personal data is accessed.
10.3 Local Data Storage
- Encryption: Your settings (Expert Mode, Manual Verifications) are encrypted using Google Tink with AES-256-GCM, with keys stored in Android Keystore (hardware-backed when available).
- Storage: Jetpack DataStore is used for async, non-blocking preference storage.
- No Cloud Sync: Your data never leaves your device. There is no cloud backup of app data.
- No Analytics: We do not use Firebase Analytics, Crashlytics, Sentry, or any tracking SDKs.
10.4 Payment Processing (Google Play)
Purchases made within the Android app are processed by Google Play Billing.
- Our Access: We only receive a confirmation of your purchase status to unlock Premium features. We do not see your credit card details or bank information.
- Google Privacy: policies.google.com/privacy
Last updated: 05.03.2026