Privacy
Policy

1.Introduction and Scope

This Privacy Policy (the "Policy") governs the privacy practices of the Android application known as "WiFi File Server" (package identifier me.ibrahimrafi.wififileserver) (the "App"), published by Ibrahim Rafi (the "Developer", "We", "Us", "Our"). It applies to all individuals who install, launch, or otherwise use the App ("You", "Your", or the "User") on a device running the Android operating system. By installing or using the App, You acknowledge that You have read and understood this Policy. If You do not agree with this Policy, do not install or use the App.

2.Definitions

App

The "WiFi File Server" Android application as defined in Section 1.

Device

The Android-powered device on which You have installed the App.

Local Network

The Wi-Fi network to which Your Device is connected and on which the App's server is reachable.

Personal Data

Any information relating to an identified or identifiable natural person.

Service

The functionality the App makes available, namely a Local Network HTTP file server.

Third Party

Any person or organisation other than You and the Developer.

3.Information the App Processes

The App processes only the categories of information described below. All such information is stored exclusively on Your Device and is never transmitted to the Developer or any Third Party by the App.

3.1. Configuration data

The App stores Your configured server preferences (including but not limited to: TCP port, shared folder URI, optional username and password for HTTP Basic Authentication, theme preference, idle-timeout, throughput limits, and feature toggles) in Android's SharedPreferences, in the App's private storage area.

3.2. Transfer history

The App maintains a record of upload and download transfers performed through the Service, including file names, file sizes, timestamps, peer IP addresses on the Local Network, and throughput metrics. This record is stored as a JSON file in the App's private files directory on the Device and persists across App restarts so that You may consult it. You may clear this record at any time from within the App's "Transfers" tab.

3.3. User content (files)

Files served, uploaded, or otherwise transferred via the Service reside in the folder You select using Android's Storage Access Framework. The App does not copy, index, or transmit those files anywhere other than to the recipient devices on Your Local Network to which You have voluntarily disclosed the App's URL or QR code.

4.Information the App Does Not Collect

The App does not collect, generate, or process any of the following:

• Personally identifying information about You (e.g., name, email address, phone number, government identifiers);
• Account credentials or authentication tokens for any external service;
• Location data, whether precise or approximate;
• Contacts, calendar entries, SMS messages, or call history;
• Device advertising identifiers, hardware identifiers, or persistent device fingerprints;
• Crash reports, telemetry, analytics events, or usage metrics transmitted off-device;
• Health, biometric, financial, or other categories of sensitive personal data.

The App contains no advertising libraries, no analytics or crash-reporting Software Development Kits, and no Third-Party network clients that initiate connections to external services.

5.Purposes of Processing

The limited information described in Section 3 is processed solely for the following purposes:

• To configure and operate the Service in accordance with Your preferences;
• To present transfer history to You within the App's user interface;
• To enforce optional HTTP Basic Authentication that You have configured;
• To display a foreground-service notification while the Service is running, as required by Android.

6.Legal Bases

To the extent applicable data-protection laws (including but not limited to the General Data Protection Regulation of the European Union, Regulation (EU) 2016/679) require identification of a legal basis for processing, the legal basis on which the App processes the information described in Section 3 is the User's voluntary act of installing the App, configuring it, and starting the Service. No data is shared with the Developer; the Developer acts neither as a "controller" nor as a "processor" of Your Personal Data within the meaning of such laws.

7.Disclosure to Third Parties

The App does not disclose any information to any Third Party. The App does not embed or call any Third-Party advertising network, analytics provider, cloud back-end, telemetry endpoint, or content-delivery network at runtime. The only network communication the App initiates or accepts is HTTP traffic between Your Device and other devices on Your Local Network that You voluntarily allow to connect.

8.Data Retention and Deletion

Configuration data and transfer history are retained on Your Device for as long as the App is installed and You have not cleared them. You may delete all such data at any time by one or more of the following actions: (a) using the "Clear All" button on the Transfers screen; (b) using Android's "Clear data" function for the App via system Settings; or (c) uninstalling the App. Uninstalling the App removes the App's private files directory in its entirety.

9.Your Rights

Because the App does not transmit Personal Data to the Developer, the Developer holds no User Personal Data with respect to which You could exercise rights of access, rectification, erasure, restriction, portability, or objection. You retain full and exclusive control over all data processed by the App by virtue of its residing entirely on Your Device. Should applicable law nevertheless entitle You to make such a request to the Developer, the Developer will respond in good faith within a reasonable time.

10.Android Permissions

The App declares only the Android permissions strictly necessary to provide the Service. Each permission, its identifier, and its purpose is described below.

• INTERNET — Required to bind a server socket on the Device. The App does not initiate outbound connections to remote hosts.
• ACCESS_WIFI_STATE & ACCESS_NETWORK_STATE — Required to obtain the Device's IP address on the Local Network and to detect network-change events so that the Service may terminate cleanly when the Local Network becomes unavailable.
• CHANGE_WIFI_STATE — Required to hold a Wi-Fi performance lock while the Service is running, so that the radio remains active during transfers.
• WAKE_LOCK — Required to prevent the Device's CPU from suspending while the Service is actively serving requests.
• FOREGROUND_SERVICE and FOREGROUND_SERVICE_DATA_SYNC — Required, in accordance with the requirements of Android version 14 (API 34) and later, to operate the HTTP server as a user-initiated foreground service.
• POST_NOTIFICATIONS — Requested at runtime on Android version 13 (API 33) and later, to display the foreground-service notification. Denial does not prevent the Service from operating; only the notification will not be shown.

11.Children's Privacy

The App is a general-purpose utility intended for adult users. It is not directed at children under the age of thirteen (13), and the Developer does not knowingly collect any information from children. Because the App does not collect any User information at all (see Section 4), this position is structural rather than merely declaratory.

12.Security

The Service transmits HTTP traffic in cleartext over the Local Network and does not implement Transport Layer Security (TLS) for that traffic. The App is intended for use on networks the User trusts (for example, a private home or office Wi-Fi network). The User should not operate the Service on public, untrusted, or shared networks. Optional HTTP Basic Authentication is provided as a convenience and is itself transmitted in cleartext over the Local Network; it should not be relied upon as a substitute for network-level security. The Developer makes no representation or warranty as to the security of the Local Network or of any third device that You permit to connect to the Service.

13.Open-Source Notice

The App is distributed as open-source software. The complete source code, including all network, storage, and configuration logic, is publicly available at https://github.com/rafiibrahim8/android-wifi-fileserver. Users and independent reviewers may verify the representations made in this Policy by inspecting that source code. The applicable open-source licence terms, if any, are set out in the LICENSE file of that repository and are independent of this Policy.

14.Changes to This Policy

The Developer may update this Policy from time to time to reflect changes in the App, in applicable law, or in operational practices. The current version of the Policy will always be available at the URL at which You are reading this document. The "Effective Date" and "Last Updated" fields at the top of this Policy will indicate when the Policy was most recently revised. Material changes will be reflected in an incremented version number. Your continued use of the App following any revision constitutes Your acceptance of the revised Policy.

15.Governing Law and Severability

This Policy and any dispute or claim arising out of or in connection with it shall be governed by and construed in accordance with the laws of the People's Republic of Bangladesh, without regard to its conflict-of-laws principles. If any provision of this Policy is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, that provision shall be severed and the remainder of the Policy shall continue in full force and effect.

16.Contact

Questions, comments, or requests concerning this Policy may be directed to the Developer at me@ibrahimrafi.me.