At Secretly, we respect your privacy and believe that your Personal Data is none of our business – our business is helping defend apps against hacking and piracy, not mining Personal Data. This privacy policy covers our Data Processing practices and responsibilities, as well as your rights and options:
Before getting into the details, please make sure we are speaking the same language and agree on the common terminology used in this privacy policy. Show more
Show less
Digest:
Static analysis can provide important metadata about the app, such as the libraries it links against, the architecture it's built for, and potentially even which compiler was used.
Disassembling can reveal hard-coded URLs, encryption keys, and access tokens, especially when scanned against common names, such as url, license, certificate, etc.
Compared to assembly, decompiled code is much easier to understand and work with, allowing for faster exploration of the code and a better understanding of what it does.
Looking at the function calls made by an app, especially to operating system APIs, can provide a sense of what the code does and how it interacts with the system.
Using a loosely configured compiler may allow to restore the original code with very high accuracy, including meaningful declaration names, class structures, and functions logic.
Reverse engineering tools can help automate parts of the static analysis process, using techniques such as pattern matching to identify common code structures or routines.
Definitions:
Before getting into the details, please make sure we are speaking the same language and agree on the common terminology used in this privacy policy.
“Secretly”, “we“, “our“, “us”: Secretly Services are represented and operated by MightyBits Ltd, a technology company registered in England and Wales under 15660991 number, that acts as the “Data Controller” and the “Data Processor” for your Personal Data.
“User”, “you”, “your”: A natural person who can be identified, directly or indirectly, through the Personal Data that we collect and process.
”Services”: Any products that we provide, which include, together or separately, our websites, apps, frameworks, platforms, and features available through their use, as well as any other provided services, such as their operation, maintenance, and support.
“Personal Data”: Any information that allows to, directly or indirectly, identify you as a natural person, such as your name, email address, or location.
“Data Processing”: Any manual or automated operation or set of operations performed on Personal Data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, alignment, combination, erasure, or destruction.
Our goal is to collect only the minimum amount of data necessary to provide you with the service and to operate, maintain, and improve our products and their user experience. When it comes to Personal Data, we never use automated Data Processing and don’t collect anything unless you voluntarily provide it to us. When we do process Personal Data, we do so on the following legal grounds:
Consent: We process your data when you have explicitly agreed to specific uses, such as receiving newsletters or personalized services.
Contract: We process data that is essential to provide services you have signed up for, including necessary communication and customer support.
Legal obligation: We process data that is required by law or when legal or government authorities request it, ensuring our compliance with legal duties.
Legitimate interest: We process data that is vital and reasonable to improve and develop our service, while balancing your interests with our business needs.
We do not sell, share, or use any data for advertising, targeting, or cross-site tracking purposes, see data disclosure and sharing for more details. You have the rights to access and control your data, see data access and control for more details.
We collect and store your name, email address, and any other information you voluntarily provide when you interact with us or our Services. This includes sending us an email, using a contact form or a chat widget on our website or in our app, or any other communication method, as well as creating an account, signing up for a newsletter or notifications, or using our Services in general. This data is used to provide you with the service and to assist in resolving your inquiries.
We process your source code when you voluntarily submit it throughout the use of our Services, for example when using the Secretly app. We never store your source code and use it solely for the provision of intended Services, specifically, source code obfuscation. We also process and may store your source code metadata, such as file names, paths, timestamps, project name, and bundle identifier. This data is used for operating and improving our Services.
When you interact with our apps and websites, we collect anonymized data about your usage such as your browser details, operating system and device details, your approximate geolocation, your visited, referring, and exit pages, the date, time and duration of your visit, app version, licensing details, encountered error details, and how you interact with the user interface. This data is used to gain a better understanding of interest in specific content and features, and to optimize and improve them, as well as enhance the overall user experience.
If the Secretly app crashes while you′re using it, we collect anonymized data about the crash, such as the state of the app, your operating system, and your device details. This data is used to identify and fix issues in the app, which helps to improve our Services.
When you sign into your Secretly account, we use cookies to remember your sign-in status and provide seamless access to your account without requiring to sign in every time you navigate within it. Cookies help us to provide the best user experience on our websites – we don’t use them for anything else not directly related to that, such as advertising, targeting, or cross-site tracking. You can disable cookies in your browser settings, but please note that certain features on our website will not be available as a result.
We may use pixel tags and click-through URLs in our emails to determine if they have been opened and which links have been clicked. This information is used to gain a better understanding of interest in specific content, improve the effectiveness of communication, and to optimize its frequency. You can disable remote content in your email client to disable pixel tags, and simply not click on URLs to prevent the tracking.
We do not knowingly collect Personal Data from children under 16, or equivalent minimum age in relevant jurisdictions. If we become aware that we have collected such data, we will take immediate steps to delete it.
We do not sell, trade, or rent your Personal Data to third parties. We may share your data with third-party service providers who perform specific services on our behalf, necessary for the operation of our Services, such as hosting our websites, distributing our apps, or processing payment transactions.
We do work and share your Personal Data with our authorized third-party service providers (the “Subprocessors”), who are required to maintain the confidentiality of your data and restricted from using it for any purpose other than providing intended services to us. The details of our Subprocessors, including the type of Personal Data being shared and the sharing purpose can be found on the secretly.dev/subprocessors page.
Our Subprocessors may be located in the US, EU, and UK, and your Personal Data may be transferred to countries with privacy laws that not as protective as those in your jurisdiction. That said, we are making sure that your Personal Data is adequately protected, regardless of the country it is transferred to, and that our protection measures comply with relevant legal requirements.
We may also share your data if legally required to comply with the law, respond to a court order or subpoena, or meet national security or law enforcement requirements.
We use modern technical measures and follow organizational best practices to protect your Personal Data from unauthorized access, disclosure, loss, and misuse. This includes use of encryption and secure networking for all Personal Data transfers, use of strong passwords and multi-factor authentication, and anonymizing Personal Data whenever possible.
We always follow the principle of least privilege by limiting employee access to systems, data, and other resources to only that necessary to perform their jobs. Our employees are bound by confidentiality agreements and can face disciplinary actions, including termination and criminal prosecution, if they violate these agreements.
We store and retain your Personal Data for as long as necessary for the purposes for which it was collected, or until you request us to delete it. Once your Personal Data is no longer needed for its intended purposes and there is no other legal basis for retaining it, we will promptly and securely delete it from our systems.
In some cases prescribed by law, we are required to store Personal Data for a certain period of time, such as archiving our business records. In these cases, we will store the relevant Personal Data for the duration specified by the applicable law. Once the required retention period has expired, we will delete the Personal Data.
You have the right to access and control your Personal Data that we have collected from you and currently store. You can request a copy, correction, or deletion of your Personal Data at any time by contacting us at [email protected].
To ensure the safety of your Personal Data and the legitimacy of your request, we will ask for additional information to verify your identity and will not process any requests without confirming it first. We will respond to your request within a reasonable time frame, but no later than 30 days.
In certain cases, we may be unable to completely delete your data due to legal retention periods. Additionally, we reserve the right to refuse requests that could compromise the privacy of others, are highly impractical, or are not required by law.
You have the right to withhold your Personal Data when we ask for it. In this case, we may not be able to fulfill your inquiry, such as responding to your email.
