Privacy Policy

Plain-English summary of what Renter's Vault collects, what it doesn't, and the controls you have. Effective May 16, 2026.

The short version

Renter's Vault is built around a simple idea: your evidence should stay with you. There is no Renter's Vault backend. Your photos live on your device and, if you have Lease Pass or Lifetime Pro, in your own Google Drive account.

We do send a small amount of anonymous usage and crash data to Google's Firebase service so we can diagnose bugs and improve the app, and we receive purchase events from RevenueCat when you buy Lease Pass, Lifetime Pro, or a state law pack. You can turn both off at any time in Settings → Data & Privacy.

What Renter's Vault collects

  • On your device: Property names, room notes, photo metadata (filename, capture timestamp, GPS coordinates, SHA-256 hash), and app settings. Stored in a SQLite database inside the app's private storage — inaccessible to other apps.
  • In your Google Drive (paid tier only): Full-resolution photos and videos uploaded to a "Renter's Vault" folder in the Google account you sign in with. The app uses limited drive.file scope, meaning it can only read or modify files it created.
  • Firebase Analytics (anonymous): App events such as screens opened, features used, and witness-attestation actions. Sent to Google Firebase to help us understand which parts of the app are working. Tied to a random Firebase app instance ID, not to your name, email, or Google account. You can read your own app instance ID from firebase_identifiers.json in the self-serve export described below.
  • Firebase Crashlytics (anonymous): Crash stack traces, non-fatal error reports, device model, OS version, and app version. Used to fix bugs. No photos, property data, or personal identifiers are included.
  • RevenueCat purchase events: When you buy Lease Pass, Lifetime Pro, or a state law pack, RevenueCat records the transaction so it can unlock the right features on your device and restore them on reinstall. RevenueCat sees the Google Play transaction identifier and a random app-user-id generated on install.
  • Device and locale metadata: Standard information Google Play and Firebase collect from every app (country, language, app version). We use this to prioritise which states and regions get law packs next.

What Renter's Vault does not collect

  • Your property address, landlord's name, or any free-text note you write in the app.
  • Your photos or videos. They go from your camera to your device storage and, if you opt into Drive sync, to your own Google account. They never pass through our servers.
  • Your email address. We don't run a user account system. The only time we see your email is if you contact support yourself.
  • Personal identifiers inside analytics event parameters. We tag events with things like room type and feature name, not names or addresses.
  • Your contacts, SMS, calendar, browsing history, or files outside the Renter's Vault folder.

How Renter's Vault uses this data

  • Make the app work. Property and photo data stay on your device so you can review evidence offline. Drive sync backs it up to your account.
  • Unlock what you bought. RevenueCat confirms entitlements (Lease Pass, Lifetime Pro, state law packs) so the right features are available.
  • Fix bugs. Crashlytics tells us when something crashed and on which device model, so we can reproduce and patch.
  • Understand which features matter. Firebase Analytics tells us how often screens are opened and features used, in aggregate.

We do not sell your data. We do not use it for advertising. There is no advertising in Renter's Vault.

Third-party services

Four third-party services receive data when you use the app. Each has its own privacy policy.

Self-serve data export

You can download a copy of everything Renter's Vault holds about you at any time, without contacting us. In the app, open Settings → Request Data Export. The app builds a ZIP and hands it to the system share sheet.

The ZIP contains seven entries:

  • README.txt — what is in the bundle, what is intentionally not, and where else to look.
  • database.json — your full local database (properties, rooms, inspection sessions, photos, videos, witnesses, manifest signatures, integrity audit log).
  • preferences.json — your in-app settings.
  • secure_storage.json — two whitelisted keys: onboarding_completed and your Drive root folder ID.
  • revenuecat.json — a snapshot of your RevenueCat purchase record.
  • firebase_identifiers.json — the pseudonymous identifiers Firebase Analytics and Crashlytics use for your install.
  • drive_links.json — direct URLs to your photo, video, and witness-attestation files in your own Google Drive. Empty if you haven't enabled Drive sync; in that case your photos and videos live only in the app's private storage on this device.

Three things are deliberately not in the ZIP:

  • Photo and video files. Originals live in your Google Drive under a folder you control. The export points to them via drive_links.json rather than duplicating gigabytes of media into the ZIP.
  • Your Google Drive OAuth refresh token. Including credential material in a shareable ZIP would defeat the Keystore-backed storage we use for it. To revoke the app's Drive access, sign in at myaccount.google.com/permissions.
  • Your Firebase Analytics events and Crashlytics records. These live on Google's Firebase servers, not on your device. To request a copy, email support@rentersvault.com and include the appInstanceId value from the firebase_identifiers.json file in your export — that's the key we use to locate your records, since no other user identifier is set.

Your rights and choices

Everything Renter's Vault collects, you can turn off or remove.

  • Opt out of analytics. Settings → Data & Privacy → toggle Analytics off. Firebase stops collecting events immediately.
  • Opt out of crash reporting. Settings → Data & Privacy → toggle Crash Reporting off.
  • Clear local cache. Settings → Data & Privacy → Clear local cache. Removes temporary files without touching properties or photos.
  • Revoke shared videos. Settings → Data & Privacy → Manage shared videos. Kills QR share links you've previously generated.
  • Delete everything. Settings → bottom of the screen → Delete Account & Data. Or email support@rentersvault.com. Full instructions at rentersvault.com/delete-data.
  • Revoke Drive access. You can revoke the app's Drive access any time at myaccount.google.com/permissions.

If you are in the EU, UK, or California, you also have the right to request a copy of what we hold on you, to correct it, or to have it erased. For the data Renter's Vault processes on your device, the fastest path is the self-serve export described above — it's instant, requires no support contact, and doesn't depend on us identifying you. For Firebase telemetry held on Google's servers, email support@rentersvault.com with the appInstanceId from your export and we'll respond within 30 days. For erasure, use Settings → Delete Account & Data for on-device data and contact support for Firebase records.

How long data is kept

  • On-device data is kept until you delete the app or tap Delete Account & Data.
  • Google Drive files stay in your Drive until you delete them. Uninstalling the app does not delete them.
  • Firebase Analytics events are retained per Firebase's retention settings — 2 months by default, up to 14 months maximum depending on project configuration. Google automatically purges data once the retention period elapses.
  • Firebase Crashlytics reports are retained for up to 90 days, then automatically purged.
  • RevenueCat records are kept for as long as the app is published and supported, so purchase restore works for returning users.

Security

Data is stored in the app's private storage, inaccessible to other apps on your device. Drive authentication uses OAuth tokens stored in Android Keystore-backed secure storage. Traffic between the app and Firebase, Google Drive, and RevenueCat is sent over HTTPS.

No system is perfectly secure. If you discover a vulnerability, please email support@rentersvault.com.

Children's privacy

Renter's Vault is built for adult tenants signing their own leases. It is not directed at anyone under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has used the app, email support@rentersvault.com and we will delete any data we hold.

International transfers

Firebase, Google Drive, and RevenueCat are operated by US-based companies and process data on servers around the world, including in the United States. By using the app, you agree that the anonymous analytics and crash data described above may be transferred to and stored on those providers' infrastructure. Each provider maintains its own international transfer safeguards.

Changes to this policy

We will update this page if the app starts collecting something new or uses an additional third-party service. Material changes will also be noted in the app's release notes. The effective date at the top of the page is updated each time.

Contact

Questions, requests, or concerns about your data:

support@rentersvault.com

Renter's Vault is operated by FoundFirst LLC.