Privacy Policy

Last updated: May 2026

This Privacy Policy explains how Spyzero ("we", "us", or "our") handles information when you use the Spyzero mobile application (the "App"). Spyzero is built as a local, on-device tool — there is no Spyzero server processing your scans.

By using Spyzero, you agree to the practices described below.

1. What Spyzero Does

Spyzero is a counter-surveillance utility for iOS. It provides three tools:

Scanner — discovers devices on the local Wi-Fi network using Bonjour mDNS, active TCP probes, and Bluetooth.
Camera — uses the rear camera to display a live preview with a reticle overlay to help spot lens reflections.
Magnetic — reads the device magnetometer to flag local magnetic-field anomalies.

2. Information We Collect

Spyzero is built to minimize data collection. We do not require an account, and the App does not transmit your scan results to us.

a. On-Device Sensor Data

Camera feed: processed in real time on your device for the live preview only. No frames are recorded, saved, or transmitted.
Magnetometer samples: read at ~10 Hz, used only to render the in-app readout. Samples are not persisted or transmitted.
Local-network observations: hostnames, IPs, MAC addresses, open ports, and Bluetooth advertisements visible to your device. These remain on your device.

b. Preferences Stored Locally

Settings — such as magnetic baseline, threshold preferences, and UI choices — are stored locally on your device using iOS user defaults. They are not transmitted to us.

c. Support Correspondence

If you contact us by email, we retain that correspondence to respond to your inquiry.

d. Automatically Collected Data

Crash and performance diagnostics may be collected via Apple's standard reporting if you have opted in at the iOS level. These reports go to Apple, and to us only in aggregated form via App Store Connect.
App Store metrics (downloads, regions, anonymized engagement) provided by Apple. We cannot identify individual users from these.

3. What We Do Not Do

We do not maintain a Spyzero account system. There is nothing to sign in to.
We do not upload your scan results, camera frames, magnetometer readings, or device lists to any server.
We do not sell, rent, or share your personal data with third parties for marketing or any other purpose.
We do not include third-party advertising SDKs in the App.
We do not use the iOS Identifier for Advertisers (IDFA), and we do not request authorization under Apple's App Tracking Transparency (ATT) framework, because we do not track you across apps or websites owned by other companies.
We do not engage in any conduct that meets Apple's definition of "tracking."

This corresponds to the "Data Not Collected" disclosure visible on our App Store listing.

4. Permissions Spyzero Requests

Camera — required for the Camera tool's live preview. Used only while the tool is active.
Motion & Fitness — required to access the magnetometer for the Magnetic tool.
Local Network — required for the Scanner to enumerate devices on the Wi-Fi you are connected to.
Bluetooth — optional. Used to surface nearby BLE-advertising devices in the Scanner.

Each permission can be revoked at any time in iOS Settings. The corresponding feature will stop working until the permission is restored.

5. Data Storage and Security

Because Spyzero processes data on-device, the security of that data follows your device's standard protections (passcode, biometric unlock, full-device encryption).

Should we introduce optional cloud-backed features in the future (for example, syncing scan history between your own devices), any such transfer would be encrypted in transit and at rest, and disclosed in an updated version of this policy.

6. Third-Party Services

Spyzero may rely on the following third parties for operational reasons:

Apple App Store — distribution, subscription management, and standard analytics.
Apple-provided crash reporting — if enabled at the OS level.

These services are governed by their own privacy policies.

7. Data Retention

On-device data: retained until you uninstall the App or clear it from iOS Settings. We have no control over this data and cannot access it.
Support correspondence: retained for up to 24 months from your last contact, then deleted, unless a longer retention period is required by law.
Apple-provided aggregate App Store metrics: retained for the period Apple makes them available; we cannot identify individuals from them.

8. Managing and Deleting Your Data

Because Spyzero has no account system, account-deletion is unnecessary — uninstalling the App removes all data associated with you. Specifically:

Delete all local data: uninstall Spyzero from iOS, or use Settings → General → iPhone Storage → Spyzero → Delete App.
Revoke permissions: iOS Settings → Spyzero.
Delete support correspondence: email hello@spyzero.app and we will delete any messages on file within 30 days.

9. Children's Privacy

Spyzero is intended for users aged 13 and above. We do not knowingly collect personal data from children under 13. If we learn that we have inadvertently collected such data, we will delete it promptly. Parents or guardians who believe their child under 13 has provided us with personal data should contact us at hello@spyzero.app.

10. International Users

Spyzero is designed to operate locally on your device regardless of jurisdiction. To the extent we process any limited data (such as support email), we do so in compliance with applicable data-protection laws, including the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA).

a. For users in the EU, UK, and EEA (GDPR / UK GDPR)

The legal bases on which we process your limited personal data are:

Legitimate interests — to respond to support requests and to operate the App.
Performance of a contract — to deliver the App's functionality to you.
Consent — where you have given it (for example, granting an iOS permission such as Camera).

You may lodge a complaint with your local supervisory authority. We do not appoint a Data Protection Officer because we do not process personal data at the scale that requires one.

b. For California residents (CCPA / CPRA)

In the past 12 months, we have not sold or shared personal information as those terms are defined under the CCPA/CPRA. We do not engage in cross-context behavioral advertising. We do not use or disclose sensitive personal information for purposes that require an opt-out right.

You have the right to know what personal information we hold about you, to request deletion, to request correction, and not to be discriminated against for exercising these rights. To exercise any right, email hello@spyzero.app from the address you wish to verify.

11. Your Rights

Depending on your jurisdiction, you may have the right to:

Access any personal data we hold about you
Request correction of inaccurate data
Request deletion of your data ("right to be forgotten")
Object to or restrict certain processing
Withdraw consent at any time, without affecting prior processing
Request a portable copy of any data we hold about you
Lodge a complaint with a supervisory authority

To exercise these rights, contact us at hello@spyzero.app. We will respond within 30 days (or any shorter period required by your local law). We will not discriminate against you for exercising any of these rights.

12. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. The "Last updated" date at the top of this page will always reflect the current version. Material changes will be communicated via the App or the App Store listing. Continued use of Spyzero after changes constitutes acceptance of the updated policy.

13. Contact

For any privacy questions or data requests, contact us at:

hello@spyzero.app