Privacy Policy

Introduction

Pynqr ("we," "our," or "the App") is committed to protecting your privacy. This Privacy Policy explains how Pynqr collects, uses, stores, and protects information when you use our network discovery application for iOS.

Information We Collect

1. Network Discovery Data (Stored Locally Only)

When you perform a network scan, Pynqr discovers and stores the following information locally on your device:

Device Information

• IP addresses (IPv4 and IPv6)
• MAC addresses
• Device hostnames
• Device manufacturers (inferred from MAC addresses)
• Device types (e.g., "Printer", "Smart TV", "Router")
• Operating system information (inferred from network fingerprints)

Network Configuration

• Network interface names
• Subnet masks
• Gateway addresses
• DHCP server information
• DNS server information

Security Analysis

• Open network ports
• Running services and their versions
• TLS/SSL certificate information
• Potential security vulnerabilities
• Security scores (calculated locally)

Discovery Metadata

• Discovery timestamps (first seen, last seen)
• Discovery sources (ICMP, Bonjour, SSDP/UPnP, HTTP)
• Confidence scores
• Scan history and metadata

Important: All of this data is stored exclusively on your device using iOS SwiftData. We never upload, sync, or transmit this data to our servers or any third party.

2. In-App Purchase Data (RevenueCat)

When you make an in-app purchase to unlock Pynqr Pro features, we use RevenueCat, a third-party service, to process and validate your purchase.

RevenueCat may collect:

• Anonymous device identifier (RevenueCat anonymous ID)
• Purchase transaction details
• Subscription, purchase, and Pro access status
• App version and platform information
• If you enable Anonymous Analytics, a random PostHog analytics ID and Apple Search Ads attribution token may be shared with RevenueCat for aggregate subscription attribution

What we use this data for:

• Validating your purchase with Apple's servers
• Providing access to Pro features
• Managing subscription, purchase, and Pro access status
• Measuring aggregate subscription and campaign performance only if you enable Anonymous Analytics

RevenueCat Privacy Policy: https://www.revenuecat.com/privacy

Important: RevenueCat does not receive any of your network scan data. Purchase validation is completely separate from network discovery functionality.

3. App Usage Data (Local Only)

Pynqr stores the following usage preferences locally on your device:

• Onboarding completion status
• Scan preferences, including Fast Scan, Deep Scan, Expanded Port Scan, and Auto Refresh settings
• Export count (for free tier limit enforcement)
• UI preferences and settings
• Anonymous Analytics preference
• User-defined device tags and custom names
• User notes on devices

Important: This data is stored in iOS UserDefaults and/or SwiftData on your device. We never access or transmit this data.

4. Optional Anonymous Analytics (PostHog, Off by Default)

If you enable Anonymous Analytics during onboarding or in Settings, Pynqr sends limited aggregate product events through PostHog so we can understand feature health and improve the app. Anonymous Analytics is off by default.

Optional analytics may include:

• App opens, onboarding completion, settings usage, and support intent
• Scan start, completion, stop, and rate-limit events using coarse duration and count buckets
• Export, paywall, purchase, and restore events using coarse product and usage categories
• App version, build number, platform, OS version, broad device type, and anonymous analytics ID
• Anonymous subscription lifecycle and Apple Search Ads attribution signals when available

Optional analytics never includes:

• IP addresses, MAC addresses, hostnames, device names, SSIDs, BSSIDs, network names, gateways, subnets, DNS servers, URLs, certificate details, open port lists, scan results, notes, tags, or exported data

You can turn Anonymous Analytics off at any time in Settings. Turning it off opts the app out of PostHog analytics, resets the anonymous analytics identity, and removes the RevenueCat/PostHog link for future events.

PostHog Privacy Policy: https://posthog.com/privacy

5. Support Communications (Crisp or Email)

If you contact support from Settings, Pynqr may open an in-app Crisp support chat when available, or your email app as a fallback. Support is optional.

Support data may include:

• Your support message and any contact details you choose to provide
• Support intent, such as issue report or feature idea
• App version, build number, iOS version, device model, locale, and support entry point
• Push notification registration only if you allow support chat notifications

Important: Crisp and email support do not receive your network scan data unless you choose to include it in a support message.

Crisp Privacy Policy: https://crisp.chat/en/privacy/

Information We Do NOT Collect

Pynqr is designed with privacy as a core principle. We explicitly do not collect:

• ✗ Your name, email address, or personal contact information unless you choose to contact support
• ✗ Your location data (GPS coordinates)
• ✗ Your photos, contacts, or calendar data
• ✗ Your network scan results or discovered devices
• ✗ Analytics or telemetry unless you explicitly enable Anonymous Analytics
• ✗ Automatic crash reports or error logs
• ✗ Your browsing history or web activity
• ✗ Any data from other apps on your device

How We Use Information

Network Discovery Data

Purpose: To provide the core functionality of discovering and analyzing devices on your local network.

Usage:

• Display discovered devices in the app interface
• Calculate security scores and risk assessments
• Generate network insights and recommendations
• Create export reports (CSV, JSON, PDF, XML)
• Track device history over multiple scans

Storage: All data is stored locally on your device using iOS SwiftData. Data persists until you delete the app or manually clear scan history.

Purchase Data (RevenueCat)

Purpose: To validate in-app purchases and manage subscription, purchase, and Pro access status.

Usage:

• Verify your purchase with Apple's servers
• Grant access to Pynqr Pro features
• Manage subscription renewal and cancellation where applicable
• Measure aggregate subscription and campaign performance only if you enable Anonymous Analytics

Storage: RevenueCat stores purchase data on their secure servers. See RevenueCat's Privacy Policy for details.

Optional Anonymous Analytics (PostHog)

Purpose: To understand aggregate product health without receiving network scan data.

Usage:

• Measure activation and retention of privacy-preserving features
• Understand scan completion rates, export usage, paywall health, purchase funnel health, and opted-in campaign attribution
• Identify which features need clearer design or reliability improvements

Storage: PostHog stores optional analytics events if you enable Anonymous Analytics. These events use coarse buckets and do not contain network scan data.

Support Communications (Crisp or Email)

Purpose: To answer support requests, troubleshoot issues, and receive feature ideas.

Usage:

• Respond to support conversations you start
• Attach basic app, OS, device, and locale context so we can diagnose issues
• Send support chat notifications only if you grant notification permission

Storage: Crisp or your email provider stores support messages according to their policies. We do not include scan data unless you choose to send it.

Data Storage and Security

Local Data Storage

All network discovery data is stored using:

• SwiftData: Apple's modern data persistence framework
• Encryption: iOS automatically encrypts all app data when your device is locked (encryption at rest)
• Sandboxing: iOS prevents other apps from accessing Pynqr's data
• No server-side scan storage: Scan data is not synced to our servers. If an iCloud sync feature is enabled by you in the app, syncing is handled through Apple's private iCloud/CloudKit services under your Apple ID.

Data Protection Measures

We implement the following security measures:

1. Network Security

• All network scans are performed locally on your device
• No external API calls for device discovery
• HTTPS used for RevenueCat purchase validation, optional PostHog analytics, and optional Crisp support
• No transmission of network scan data

2. App Security

• Secure coding practices to prevent vulnerabilities
• No secrets for accessing your network scan data
• Proper memory management to prevent data leaks
• Regular security audits of code

3. iOS Security Features

• Leverage iOS sandboxing
• Use iOS Keychain for sensitive configuration (when applicable)
• Respect iOS privacy permissions

Data Sharing and Third Parties

Third-Party Services

Pynqr uses the following third-party services:

1. RevenueCat (In-App Purchase Management)
   • Purpose: Purchase validation and subscription management
   • Data shared: Anonymous device ID, purchase transactions, subscription status, and an anonymous PostHog attribution ID only if you enable Anonymous Analytics
   • Privacy Policy: https://www.revenuecat.com/privacy
2. PostHog (Optional Anonymous Analytics)
   • Purpose: Aggregate product analytics only if you opt in
   • Data shared: Sanitized event names, coarse usage buckets, and opted-in subscription attribution events
   • Privacy Policy: https://posthog.com/privacy
3. Crisp (Optional Support Chat)
   • Purpose: In-app support conversations you initiate
   • Data shared: Support message, support intent, app version, build number, iOS version, device model, locale, and notification token only if support notifications are allowed
   • Privacy Policy: https://crisp.chat/en/privacy/

Data We Never Share

We never share, sell, rent, or trade your data with:

• ✗ Advertisers
• ✗ Data brokers
• ✗ Advertising or tracking analytics companies
• ✗ Social media platforms
• ✗ Marketing companies
• ✗ Any other third parties (except RevenueCat, optional PostHog analytics, optional Crisp support, and Apple services as described above)

iOS Permissions

Pynqr requests the following iOS permissions:

Local Network Access (Required)

Permission: NSLocalNetworkUsageDescription

Why we need it: To discover Bonjour-enabled devices and services on your local network.

What we do: Scan for devices using Bonjour/mDNS, SSDP/UPnP, ICMP ping, and HTTP requests.

What we don't do: We never upload network scan data. External connections are limited to purchase validation, optional analytics, optional support, and Apple system services such as App Store billing or iCloud if you enable an iCloud sync feature.

Bonjour Services (Required)

Permission: NSBonjourServices

Why we need it: To discover specific device types (printers, smart TVs, media players, etc.) on your network.

What we do: Query for specific Bonjour service types like _http._tcp, _printer._tcp, _googlecast._tcp, etc.

Children's Privacy

Pynqr is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

Age Restriction: Pynqr is rated 4+ on the App Store and does not contain age-restricted content.

Data Retention

Network Scan Data

Retention: Data is stored indefinitely on your device until you:

• Delete the app
• Manually clear scan history in Settings
• Reset your device

Deletion: When you delete Pynqr, iOS automatically removes all app data, including:

• All discovered device profiles
• All scan history and metadata
• All user preferences and settings

Purchase Data (RevenueCat)

Retention: RevenueCat retains purchase data according to their privacy policy and legal requirements.

Deletion: To delete purchase data, contact RevenueCat support or request deletion through our support email.

Optional Analytics Data (PostHog)

Retention: PostHog retains optional analytics events according to its privacy policy and project settings. These events do not include network scan data.

Deletion/Opt-Out: Turn off Anonymous Analytics in Settings to stop sending events and reset the anonymous analytics identity.

Support Data (Crisp or Email)

Retention: Support conversations are retained only as needed to provide support and maintain records of requests. Crisp and email providers retain data according to their policies.

Deletion: Contact us at hello@vanthstudio.com to request deletion of support messages we control.

Your Rights and Choices

Data Access

You can access all your network scan data directly within the Pynqr app:

• View discovered devices
• Export data to CSV, JSON, PDF, or XML
• Review scan history
• Check security findings

Data Deletion

You can delete your data at any time:

• Delete Individual Devices: Swipe left on any device in the device list
• Clear Scan History: Settings → Clear All Scan History
• Delete All Data: Uninstall the Pynqr app from your device

Opt-Out of Data Collection

Network scan data is stored locally and is not transmitted to our servers. Anonymous Analytics is off by default and can be turned off at any time in Settings. Support chat and email are optional. If you don't want Pynqr to discover devices, simply don't run scans.

Export Your Data

You can export all your network scan data at any time:

• Go to Export view
• Choose format (CSV, JSON, PDF, XML)
• Export includes all device information, security findings, and metadata

California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

1. Know: Request information about the personal information we collect and how we use it
2. Access: Request a copy of your personal information
3. Delete: Request deletion of your personal information
4. Opt-Out: Opt out of the sale of personal information

Important: Pynqr does not sell your personal information. All data is stored locally on your device, so you have complete control over access and deletion by managing the app directly.

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have the right to:

1. Access: Request access to your personal data
2. Rectification: Request correction of inaccurate data
3. Erasure: Request deletion of your data
4. Restriction: Request limitation of processing
5. Portability: Request transfer of your data to another service
6. Objection: Object to processing of your data

Important: Since Pynqr stores all data locally on your device, you can exercise most of these rights directly:

• Access: View all data in the app
• Rectification: Edit device information, add custom names and notes
• Erasure: Delete devices or clear all scan history
• Portability: Export data in multiple formats (CSV, JSON, XML)

International Data Transfers

Pynqr is developed by VANTH Studio.

Network Scan Data: All network discovery data is stored locally on your device and is never transferred internationally (or anywhere else).

Purchase Data (RevenueCat): RevenueCat may transfer purchase data internationally as described in their privacy policy. RevenueCat complies with applicable data protection laws.

Optional Analytics Data (PostHog): If you opt in, PostHog may process sanitized analytics events according to its privacy policy and the configured PostHog project region.

Support Data (Crisp or Email): If you contact support, Crisp or your email provider may process support data internationally according to their privacy policies.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our practices
• Changes in applicable laws
• New features or functionality
• User feedback

Notification of Changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify you of material changes through the app or via email (if we have it)
• Continued use of Pynqr after changes indicates acceptance of the updated policy

Review Regularly: We encourage you to review this Privacy Policy periodically to stay informed about how we protect your privacy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Developer: VANTH Studio
Email: hello@vanthstudio.com
Website: vanthstudio.com

Response Time: We aim to respond to all privacy inquiries within 30 days.

Legal Compliance

Pynqr complies with:

• Apple App Store Review Guidelines
• iOS Privacy Best Practices
• California Consumer Privacy Act (CCPA)
• General Data Protection Regulation (GDPR)
• Children's Online Privacy Protection Act (COPPA)

Pynqr - Network Discovery, Privacy-First
© 2025 VANTH Studio. All rights reserved.