From 1e1f641143d06053bc8a1b1f7259bd842bfe6db1 Mon Sep 17 00:00:00 2001
From: MM20 <15646950+MM2-0@users.noreply.github.com>
Date: Fri, 17 Jan 2025 19:08:34 +0100
Subject: [PATCH] Rewrite privacy policy

---
 docs/privacy-policy.md | 226 ++++++++++++++++++++---------------------
 1 file changed, 113 insertions(+), 113 deletions(-)

diff --git a/docs/privacy-policy.md b/docs/privacy-policy.md
index e4e79ee4..91280344 100644
--- a/docs/privacy-policy.md
+++ b/docs/privacy-policy.md
@@ -1,151 +1,151 @@
 # Privacy Policy
 
-All data collected by Kvaesitso itself are only stored locally and will never leave your device,
-unless you explicitly allow it. Some 3rd party integrations might collect additional data if you
-enable them (see below).
+This policy explains what data we collect, how we use it, and the measures we take to protect it.
 
-## Collected data
+## 1. Data Collection
 
-The following data will be collected by the launcher itself:
+Kvaesitso collects and processes data to deliver essential features and improve your experience.
+Unless otherwise specified, all data is stored locally on your device and is inaccessible to other
+apps or users.
 
-- which apps you have installed
-- usage data about installed apps (how often/how frequently you launch each individual app)
-- your current location (for weather forecasts, if you enable auto location and grant location
-  permission)
-- searchable data:
-    - installed apps and app shortcuts
-    - for calendar events: title, start time, end time, location, attendees and description of the
-      event
-    - for contacts: name, phone numbers, email addresses and contact photos
-    - for local files: file name, path, file size, file type, additional metadata (such EXIF data of
-      an image file, ID3 tags of an audio file) and thumbnail
-    - for files stored in on of the supported clouds: file name, path, file size, file type and
-      owner
-- media playback metadata
-- credentials for connected accounts
-- crash and error reports
+#### **Data Collected by Kvaesitso**
 
-All these data are only stored locally on your device, in a protected area that cannot be accessed
-by other apps or users. You can delete them at any time by uninstalling the app or by clearing the
-app's data.
+- **Installed apps:** Names of apps installed on your device.
+- **App usage:** Frequency of app launches.
+- **Location:** Your current location for weather forecasts (only if you enable automatic location
+  and grant location permissions).
+- **Searchable data:**
+    - **Apps and shortcuts**: Data for indexing installed apps and shortcuts.
+    - **Calendar events**: Title, time, location, attendees, and description.
+    - **Contacts**: Name, phone numbers, email addresses, and photos.
+    - **Local files:** File names, paths, sizes, types, metadata (e.g., EXIF, ID3 tags), and
+      thumbnails.
+    - **Cloud files:** Metadata for supported cloud services (e.g., file name, size, owner).
+- **Media playback metadata:** Details about currently playing media.
+- **Crash and error reports:** Debugging information to identify and resolve issues.
+- **Connected accounts:** Credentials for authorized third-party integrations (e.g., Nextcloud,
+  Owncloud).
 
-## Backup and restore
+## 2. How We Use Your Data
 
-The launcher has a functionality to export and import its data for backup purposes. The exported
-file might contain personal data as specified above so handle it carefully.
+- **Local Data Use:** All data is processed locally to enable features such as search, app usage
+  tracking, and weather updates.
+- **Crash Reporting:** Crash data is used to debug and improve the app. Reports are stored locally
+  and shared only if you choose to do so.
+- **Search Functionality:** Search results are generated locally. For third-party services, search
+  queries may be sent to their servers (e.g., weather providers, Wikipedia).
 
-## Crash reports
+## 3. Data Protection
 
-The launcher does not send any crash reports automatically. Crash reports are stored locally on your
-device. You can access them at settings > debug > crash reports. On this screen, you can create an
-issue on Github or share them somewhere else. Crash reports include both information about the crash
-itself and about the device (all the information are listed on the crash report screen). In most
-cases, these device information are very general and do not allow any conclusions about the user but
-in rare cases (such as if you run a self-built custom rom or if the device you use is very rare), it
-might be possible to identify you. If you decide to report a crash report on Github, they will be
-available to the public.
-The [Github Privacy Statement](https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement)
-applies.
+We take measures to ensure your data is secure:
 
-## 3rd party integrations
+- **Local Storage:** All data is stored on your device in a secure, app-specific directory that
+  cannot be accessed by other apps.
+- **Your Control:** You can delete all app data at any time by uninstalling the app or clearing its
+  storage.
 
-Kvaesitso optionally integrates with a number of third party services which might collect data on
-their own:
+## 4. Built-In Integrations
 
-### OpenWeatherMap
+Kvaesitso includes built-in integrations that may connect to external services. These are optional
+and can be enabled or disabled in the app settings.
 
-If have OpenWeatherMap selected as weather provider, Kvaesitso will periodically query
-OpenWeatherMap servers. If you have your location mode (settings > widgets > weather > automatic
-location) set to auto, your current location will be transmitted to OpenWeatherMap. If you have set
-it to manual, the manually selected location will be transmitted instead.
-The [OpenWeatherMap privacy policy](https://openweather.co.uk/privacy-policy) applies.
+### Weather Providers
 
-### Norwegian Meteorological Institute (Met.No)
+Kvaesitso integrates with several weather providers:
 
-If have MET Norway selected as weather provider, Kvaesitso will periodically query MET servers. If
-you have your location mode (settings > widgets > weather > automatic location) set to auto, your
-current location will be transmitted to OpenWeatherMap. If you have set it to manual, the manually
-selected location will be transmitted instead.
-The [MET privacy policy](https://www.met.no/en/About-us/privacy) applies.
-
-### HERE
-
-If have HERE selected as weather provider, Kvaesitso will periodically query HERE servers. If you
-have your location mode (settings > widgets > weather > automatic location) set to auto, your
-current location will be transmitted to OpenWeatherMap. If you have set it to manual, the manually
-selected location will be transmitted instead.
-The [HERE End User Terms](https://legal.here.com/us-en/terms/here-end-user-terms) applies.
-
-### Deutscher Wetterdienst / Brigh Sky
-
-Deutscher Wetterdienst forecast data are provided by the [Bright Sky API](https://brightsky.dev/).
-If have Deutscher Wetterdienst selected as weather provider, Kvaesitso will periodically query
-Bright Sky servers. If you have your location mode (settings > widgets > weather > automatic
-location) set to auto, your current location will be transmitted to OpenWeatherMap. If you have set
-it to manual, the manually selected location will be transmitted instead.
+- **OpenWeatherMap, MET Norway, HERE, Bright Sky (Deutscher Wetterdienst):** Location data (current
+  or manually set) is transmitted periodically to these services to provide accurate weather
+  forecasts.
+- Each provider’s privacy policy applies.
 
 ### Wikipedia
 
-You can optionally enable Wikipedia search to show search results from Wikipedia. While you have
-this feature enabled, your search requests will be sent to Wikipedia servers.
-The [Wikipedia privacy policy](https://foundation.wikimedia.org/wiki/Privacy_policy) applies.
+When enabled, search queries are sent to Wikipedia servers to display search results. Wikipedia’s
+privacy policy applies.
 
-### Nextcloud / Owncloud
+## 5. Plugins
 
-You can optionally connect Kvaesitso with a Nextcloud<sup>[^3]</sup> or Owncloud<sup>[^4]</sup>
-account and enable Nextcloud / Owncloud search. While you have this feature enabled, your search
-requests will be sent to the selected Nextcloud or Owncloud server. Depending on which hosting
-provider you use, additional terms might apply.
+Kvaesitso supports plugins that extend the app's functionality. These plugins can be first-party (
+developed by Kvaesitso developers) or third-party (developed by external developers). Plugins are
+optional and can be enabled or disabled in the app settings.
 
-## Plugins
+### Data Shared with Plugins
 
-Kvaesitso's functionality can be extended by plugins. The launcher shares the following data with
-plugins (as long as they are enabled in launcher settings):
+When you enable a plugin, the following data may be shared with it, depending on the plugin’s
+functionality:
 
-- all search queries that are typed into the search bar
-- your current location (if the plugin is a places search or weather provider plugin and you have
-  granted the location permission to the launcher)
+- **Search Queries:** The search queries you enter into the app’s search bar may be shared with
+  plugins
+  to generate results.
+- **Location Data:** If a plugin requires location information (such as a weather or places search
+  plugin), your current location may be shared with that plugin (only if you have granted location
+  permissions).
 
-For plugins developed by third parties, additional privacy policies might apply. Please refer to the
-respective plugin's documentation for more information.
+- **First-Party Plugins:** Developed by the Kvaesitso team.
+- **Third-Party Plugins:** Developed by external developers.
 
-For first party plugins, the following policies apply:
+### Data Stored by Kvaesitso
 
-### Google Apps plugin
+Kvaesitso may store copies of the data it receives from plugins locally in its own local storage
+directory. This data is used to enhance performance and provide offline access.
 
-This plugin allows you to search your files on Google Drive™<sup>[^1]</sup>, your calendars on
-Google Calendar, and
-your tasks on Google Tasks.
+### Plugin Policies
 
-The following data is shared with the plugin:
+For more detailed information on how data is handled by specific first-party plugins, please refer
+to **Appendix A: Plugin Policies**.
 
-- your search queries
+For third-party plugins, please consult the respective plugin's privacy policy for additional
+details on data usage and protection.
 
-The following data on your Google account is accessed by the plugin:
+## 6. Crash Reports
 
-- Metadata of your files on Google Drive (i.e. file name, file type, file size, owner)
-- Calendar lists and events on Google Calendar (i.e. event title, start time, end time, location,
-  attendees, description)
-- Task lists and tasks on Google Tasks (i.e. task title, due date, notes, completed status)
+Crash reports are stored locally and never shared automatically. They include:
 
-The launcher uses this data to provide search results from your Google Drive, Calendar, and Tasks.
-Copies of this data may be stored locally in the launcher's database to enhance search accuracy and
-offer quicker access to your files, events, and tasks. This data is stored exclusively on your
-device, within the launcher's private storage, which is inaccessible to other apps or users. It will
-never leave your device without your consent. You can delete the stored data anytime by uninstalling
-the launcher or clearing its app data.
+- Technical details about the crash.
+- Device information (e.g., model, operating system).
 
-The following data is shared with Google:
+You can share crash reports manually (e.g., via GitHub). Note that shared reports may become public
+and subject to the **GitHub Privacy Policy**.
 
-- your search queries (only while online results are enabled)
+## 7. Your Rights and Control
 
-The [Google privacy policy](https://policies.google.com/privacy) applies.
+- **Data Access:** All data resides on your device, ensuring you retain full control.
+- **Data Deletion:** Uninstalling the app or clearing its data removes all stored information.
+- **Opt-Out:** Optional integrations and plugins can be enabled or disabled at any time.
 
-## Footnotes
+## 8. Contact Us
 
-- [^1]: Google and Google Drive are trademarks of Google LLC. Use of this trademark is subject to
-  Google Permissions.
-- [^2]: Microsoft and OneDrive are trademarks of the Microsoft group of companies.
-- [^3]: Nextcloud is a registered trademark of Nextcloud GmbH. in Germany and/or other countries.
-- [^4]: ownCloud is a registered trademark of ownCloud GmbH in the United States, other countries or
-  both.
+For questions or concerns about this privacy policy, please contact us at [support email].
+
+## Appendix A: Plugin Policies
+
+### Google Apps Plugin
+
+The Google Plugin enables integrations with Google Drive, Calendar, and Tasks.
+
+#### Data Accessed by the Plugin
+
+- **General Google Account Information:** Account name, email address.
+- **Google Drive:** File metadata (e.g., names, types, sizes, owners).
+- **Google Calendar:** Event details (e.g., title, time, location, attendees, description).
+- **Google Tasks:** Task lists, due dates, and notes.
+
+#### How the Data is Used
+
+The data accessed by the plugin is used to provide search results from your Google Drive, Calendar,
+and Tasks within the Kvaesitso app. This allows you to quickly search for and access your files,
+events, and tasks directly from the app. Kvaesitso may store copies of this data locally, in
+accordance with its own privacy policy. The plugin may also cache data locally for performance
+reasons.
+
+#### How the Data is Protected
+
+All data and credentials are stored securely on your device and in an isolated storage directory
+inaccessible to other apps or users. HTTPS is used to encrypt data transmitted between the app and
+Google services. You can always delete local data by clearing the plugin’s data or uninstalling
+the plugin.
+
+#### Data Shared with Third Parties
+
+Search queries may be sent to Google servers if online results are enabled. Google’s Privacy Policy
+applies.