Privacy Policy

Effective date: June 7, 2026

This Privacy Policy explains how DriveNest ("the App", "we", "our") collects, uses, stores, and shares information when you use our mobile application. We are committed to protecting your privacy and being fully transparent about our data practices.

DriveNest requires you to sign in with an existing Google account in order to function. Your Google account is created and managed by Google, and its use is subject to Google's Privacy Policy and Google's Terms of Service. DriveNest does not create, manage, or store Google account credentials.

1. Information We Collect

1.1 Google Account Information

When you sign in with your Google account, we receive the following from Google's authentication service:

Email address — used to identify your account within the App.
Display name — shown in the user interface for personalization.
OAuth access token — a short-lived credential (approximately 60 minutes) used to communicate with the Google Drive API on your behalf. Tokens are held in volatile memory only and are never written to disk.

1.2 Google Drive Metadata

The App requests the drive.metadata.readonly OAuth scope. This grants read-only access to file and folder metadata. We retrieve:

File and folder names, IDs, MIME types, and parent folder relationships.
File sizes, creation dates, modification dates, and last-viewed dates.
MD5 checksums (used locally for duplicate detection).
Sharing status and permission IDs (used for security audit features).
Whether a file is trashed and whether you are the owner.
Your Drive storage quota (total, in-Drive, in-trash, and limit).

We never access, read, download, or modify the actual content of your files. The metadata-readonly scope makes this technically impossible.

1.3 Locally Stored Preferences

The App stores your preferences on your device, including:

Color theme and dark/light mode selection.
Dashboard layout and tab order customization.
Auto-save and auto-load scan settings.
Whether the guided tour has been completed.

These preferences contain no personal or identifying information and are stored using the platform's standard local preferences mechanism.

1.4 Saved Scan Data

When you run a scan, the resulting metadata snapshot may be saved as a compressed file on your device's local application storage. Saved scans contain the folder tree structure and file metadata described in Section 1.2, along with a unique scan identifier and timestamp.

Saved scans are never uploaded to any external server automatically.

1.5 In-App Purchase Information

The App offers optional in-app purchases (Premium and Ultimate tiers) processed entirely by the Google Play Store. We receive only the purchase status (purchased, pending, or restored) and the product identifier.

We never receive or store payment details, credit card numbers, or billing addresses. All payment processing is handled by Google.

1.6 Voluntary Feedback Data

The App includes an optional feedback form that lets you submit a price proposal or a feature request. Submitting feedback is entirely voluntary. When you choose to submit, the following information is collected and transmitted to a developer-controlled Google Sheet via Google Apps Script:

Anonymous device fingerprint — a randomly generated UUID created on first launch and stored on your device. It is not linked to your Google account, name, or email address, and is used solely to enforce a per-device daily submission limit. No submitted feedback is ever associated with your Google account or any other account-identifying information.
Billing country — the country associated with your Google Play account (e.g. “HU”), retrieved from the Play Store billing configuration.
Device locale — your device’s language and region setting (e.g. “hu_HU”).
App version — the version of DriveNest installed on your device.
Subscription tier — your current plan (Free, Premium, or Ultimate).
Price proposal details (price proposals only) — the plan tier, currency, and suggested price you enter.
Feature description (feature requests only) — the free-text description you write.

Feedback submissions are optional and always user-initiated. No feedback data is collected passively or in the background. Submitted feedback is never associated with your Google account, email address, or any other account-identifying information. This data is never shared with any third party and is used exclusively to inform DriveNest pricing and feature development decisions.

2. How We Use Your Information

We use the information described above solely to:

Authenticate you with Google and communicate with the Google Drive API.
Display your Drive's storage breakdown, folder hierarchy, and file statistics.
Detect duplicate files by comparing MD5 checksums locally on your device.
Generate cleanup suggestions based on file age, size, and usage patterns.
Perform a security audit of sharing permissions across your Drive.
Produce PDF and CSV reports when you explicitly request an export.
Save and restore scan snapshots so you can track storage trends over time.
Remember your display preferences across app sessions.
Verify your in-app purchase tier to unlock the appropriate features.
Review voluntary price proposals and feature requests to inform pricing decisions and product development priorities.

3. Data Storage and Security

3.1 On-Device Storage

All scan data, preferences, and exports are stored locally on your device in the App's private application directory. No scan data is transmitted to any external server.

3.2 Encrypted Backups

When you export a scan backup, the data is bundled into a ZIP archive and encrypted using AES-256 (CBC mode) before being saved. You control where the encrypted backup file is shared or stored via the operating system's share functionality.

3.3 Network Security

All communication with Google APIs is conducted over HTTPS (TLS-encrypted connections). OAuth access tokens are transmitted only to Google's servers and are held in volatile memory for the duration of your session.

4. Data Sharing and Disclosure

We do not sell, rent, trade, or otherwise share your personal data with any third party — ever. Feedback data submitted through the App is stored exclusively in developer-controlled storage and is never disclosed to outside parties.

The App communicates exclusively with the following external services:

Google Drive API — to retrieve your Drive metadata using your OAuth token. Google's use of your data is governed by Google's Privacy Policy.
Google Play Billing — to process in-app purchases. Payment data is handled entirely by Google and is subject to Google's terms.
Google Apps Script / Google Sheets — when you voluntarily submit a price proposal or feature request, the data described in Section 1.6 is transmitted over HTTPS to a Google Apps Script web app and stored in a Google Sheet controlled by the developer. This communication occurs only when you explicitly tap Submit in the feedback form. The data is used solely by the developer and is never shared with third parties.

The App does not include any third-party analytics, advertising, crash reporting, or tracking SDKs. No data is collected passively or shared with any party other than as described above.

5. User-Initiated Exports and Sharing

You may choose to export data from the App in the following formats:

CSV files — containing file metadata (names, paths, sizes, dates, sharing status) for specific views such as duplicates, cleanup targets, or security findings.
PDF reports — containing charts, statistics, and summaries of your Drive analysis.
Encrypted scan backups (.dnbak files) — containing your full scan snapshot, AES-256 encrypted.

Exports are shared via the operating system's share sheet. You are responsible for choosing where exported files are stored or sent. The App does not automatically upload exports to any service.

6. Data Retention and Deletion

Session data (access tokens, in-memory state) is discarded when you sign out or close the App.
Saved scans are retained on your device until you manually delete them via the Saved Scans manager in Settings, or until you uninstall the App.
Preferences are retained until you reset them in Settings or uninstall the App.
Signing out clears your authentication state immediately. Saved scans and preferences remain on-device for your convenience but can be deleted at any time.
Uninstalling the App removes all locally stored data, including saved scans, preferences, and any temporary export files.

7. Children's Privacy

DriveNest is not directed at children under 13. We do not knowingly collect personal information from children. The App requires a Google account to function, and Google account creation is subject to Google's age requirements. Users must meet Google's minimum age requirement in their country to create and use a Google account.

8. Your Rights and Choices

Access: All data the App holds is visible to you within the App itself (scan results, saved scans, preferences).
Deletion: You can delete saved scans, reset preferences, and sign out at any time. Uninstalling the App removes all data.
Revoke access: You can revoke DriveNest's access to your Google account at any time via your Google Account permissions page.
Portability: You can export your scan data as CSV, PDF, or encrypted backup files at any time.

9. Promotional Code Distribution (Website)

From time to time we run limited promotional campaigns on our website (the pages served under falcondrivelabs.com) through which a one-time promotional code may be issued to you. This section applies only to that promotional-code feature of the website and is separate from the in-app data practices described in the preceding sections.

9.1 What we collect

When a promotional code is issued to you, we record an approximate geographic location — country, and where available region and city — derived from your IP address by our hosting provider at the moment the code is issued. We also store a randomly generated visit identifier and the code that was issued. We do not store your IP address itself, your name, your email address, or any Google account information in connection with the promotional code.

9.2 Why we collect it, and the legal basis

This approximate location is used solely for our own internal, aggregate statistics — to understand the geographic distribution and reach of a promotional campaign. The legal basis for this processing is our legitimate interest (Article 6(1)(f) GDPR) in measuring and improving our promotional activities. The data is never used to build a profile of you, to make any automated decision about you, or for advertising.

9.3 Who can access it

This data never leaves our own hosting backend. It is not sold, rented, traded, published, or otherwise shared with any third party. It is accessible only to the developer, over an authenticated connection, and only for the aggregate statistical purpose described above.

9.4 Retention and your rights

Promotional-code records are retained only for as long as needed to administer and evaluate the relevant campaign, after which they are deleted. The location is linked only to a random visit identifier and not to your name, email, or account, so we generally cannot single you out or identify you from it. You may nonetheless contact us at drivenestapp@gmail.com with any question or request regarding this data — including access or erasure — and we will assist wherever we are reasonably able to locate the relevant record. Under the GDPR you also have the right to object to processing carried out on the basis of legitimate interest.

9.5 General website logs

Separately from the above, our hosting provider may process standard server-log information (such as IP address and request timestamps) as a normal part of operating and securing any website. This is ordinary technical processing common to all hosted sites.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by an updated effective date at the top of this document. We encourage you to review this policy periodically. Continued use of the App after changes constitutes acceptance of the revised policy.

We consider ads a digital cancer. You will never see advertising in DriveNest — not now, not ever.

DriveNest is developed by Falcon Drive Labs. Google Drive is a trademark of Google LLC. This app is not affiliated with or endorsed by Google.