Privacy Policy

01Who this policy covers

This policy applies to the Paperclip Relay Android App distributed through the Google Play Store. It does not cover:

• The Paperclip AI server you connect to. That server is operated by you or your organisation. The data inside it (agents, issues, budgets, comments, activity, and so on) is controlled by whoever runs that server, under their own policies. For data held on that server, you or your organisation are the data controller, and WILDSOFT is neither the controller nor a processor of it; we never receive it.
• The Paperclip platform itself, the Paperclip Relay marketing website, or any third-party websites the App may link to.

02How the App is built (and why that matters)

Paperclip Relay has no backend of its own. Every screen reads and writes directly through the documented /api interface of the Paperclip server address you provide. There is no WILDSOFT server, no separate data store, and no "shadow" copy of your data. As a result, the operational data you work with in the App flows only between your device and your own server.

03Information stored on your device

The App stores the following locally on your Android device:

Content fetched from your server (dashboards, agents, issues, approvals, costs, routines, activity, company logos) is held in memory only while you use the App and is not written to disk or cached. It is discarded when the App closes. The App does not use a local database to retain your server's content.

04Information WILDSOFT collects

For the core functionality of the App, WILDSOFT collects no personal information about you. We do not have servers that receive your activity, and the App contains no analytics or telemetry.

The limited exceptions, which are handled by Google rather than by us, are:

• Google Play distribution and purchases. When you download the App or buy a subscription, Google processes that transaction and may share with us, through the Google Play Console, aggregated and limited reports (such as download counts, subscriber numbers, order identifiers, product names, and territory/financial summaries). We do not receive your name, address, or payment-card details.
• Crash and performance diagnostics from Google. If you have enabled "Usage & diagnostics" in your Android settings, Google may provide us with aggregated, anonymised crash and stability reports through the Google Play Console (Android vitals). This is controlled entirely by your device settings and by Google.

We do not combine, enrich, or sell any of this information.

05Information we do NOT collect

To be explicit, the App does not:

• send your agents, tasks, approvals, comments, budgets, or any server content to WILDSOFT or any third party;
• include any third-party analytics, advertising, attribution, or crash-reporting SDK (for example: Firebase, Google Analytics, Crashlytics, Sentry, Amplitude, Segment, Meta, or any ad network);
• collect or use the Android Advertising ID (AAID), and it does no cross-app tracking;
• request access to your camera, microphone, photos, contacts, location, calendar, health data, or physical-activity sensors;
• request access to your phone number, call log, or SMS messages (see "Device permissions" below);
• register for or send push notifications;
• log your credentials or server content to any diagnostic or analytics system.

06How information is used

The information stored on your device is used only to make the App work: to keep you signed in to your Paperclip server (the access token); to reconnect to the right server and company when you reopen the App; to lock the App with your fingerprint, face, or device screen lock if you turn that on; and to space out Google Play's optional "rate this app" prompt. We do not use any of this for profiling, advertising, or marketing.

07You and your Paperclip server

The substantive data you see in Paperclip Relay lives on your Paperclip server: agent rosters and status, issues and comments, approvals, spend and budgets, activity logs, routines, and company details. The App is a window onto that server, using the permissions already assigned to your board-user account. Because that data never reaches WILDSOFT:

• requests to view, create, comment on, approve, or update records are sent straight from your device to your server;
• responsibility for the lawful collection, storage, retention, and deletion of that data rests with you or your organisation as the operator of the server;
• to access, export, correct, or delete that data, or to close your board-user account, use your Paperclip server (or contact whoever administers it), not WILDSOFT.

08Google Play, purchases and subscriptions

Paperclip Relay offers paid features through an auto-renewing subscription (monthly and yearly options) purchased via Google Play's billing system.

• Google is the merchant of record. Your purchase, billing, and payment details are handled by Google under Google's Privacy Policy and the Google Play terms. WILDSOFT does not see or store your payment information.
• On your device, the App uses the Google Play Billing library to check whether you currently hold an active subscription. This returns only a subscription status; it does not transmit personal data to WILDSOFT, and the App does not validate your subscription against any WILDSOFT server.
• WILDSOFT receives only the limited, largely aggregated transaction and subscriber reports that Google makes available to developers.
• To manage or cancel a subscription, open the Google Play Store app → your profile → Payments & subscriptions → Subscriptions.

09Fingerprint and face unlock

If you enable the optional app lock, Paperclip Relay uses Android's BiometricPrompt API to require your fingerprint, face, or device screen lock (PIN, pattern, or password) before the App can be opened.

• Your biometric data never leaves your device. It is processed by Android's secure hardware (the Trusted Execution Environment, or a StrongBox secure element where available); the App only receives a yes/no result of whether authentication succeeded.
• WILDSOFT never receives any biometric information.

10Device permissions

The App declares only a small set of Android permissions, none of which expose sensitive personal data:

• Internet: to reach the Paperclip server address you enter.
• Use biometric: to show the system fingerprint or face prompt for the optional app lock.
• Billing: to offer the Google Play subscription.

It requests no runtime permissions for your camera, microphone, location, contacts, or storage. The App's manifest also marks telephony hardware as required so that Google Play offers the App to phones only (matching the iPhone-only iOS version). This is a distribution setting that affects which devices can install the App; it grants the App no access to telephony data. The App does not request the phone, call-log, or SMS permissions and cannot read your phone number, call history, or messages.

11Data sharing and third parties

We do not sell, rent, or share your personal information. The App has no advertising or data-broker relationships. The only parties involved in the App's operation are:

• Your Paperclip server: the destination you choose, controlled by you or your organisation.
• Google: for Google Play distribution, in-app purchases and subscriptions, and (if you opt in via your Android settings) aggregated diagnostics. Google acts under its own privacy policy.

We may disclose information only if required by law, but note that we hold almost no information about you to disclose.

12International data transfers

WILDSOFT does not receive your operational data, so there is no transfer of that data to us across borders. Connections from the App go directly to the server address you configure, which may be located wherever you or your organisation host it. Google Play and subscription information is processed by Google, which operates globally, under Google's policies.

13Data retention

• On your device: the access token and settings remain until you sign out, change them, or uninstall the App. Fetched server content is kept only in memory and is discarded when the App closes.
• With WILDSOFT: we retain no operational data about your use of the App. Google Play and subscription reports provided by Google are kept only as long as needed for accounting, tax, and business records, in line with applicable law.
• On your Paperclip server: retention is determined by you or your organisation.

14Security

• The access token is stored in EncryptedSharedPreferences, encrypted with a key held in the Android Keystore and restricted to your device.
• Connections to remote servers are protected by TLS (HTTPS), enforced by the App's network security configuration. Plain, unencrypted connections are permitted only to local development addresses (such as localhost, 127.0.0.1, or private 192.168.x.x / .local hosts) that you choose to point the App at on your own network.
• The optional fingerprint / face lock adds a further barrier to opening the App.
• No method of storage or transmission is completely secure; we cannot guarantee absolute security, but the App is designed to keep credentials on your device and out of any third party's hands.

15Your privacy rights

Depending on where you live, you may have rights over personal data, including the rights to access, correct, delete, restrict, port, or object to processing, and (in the EU/UK) to lodge a complaint with a supervisory authority, or (in California under the CCPA/CPRA) to know, delete, correct, and opt out of "sale"/"sharing". Because WILDSOFT holds essentially no personal data about you through the App:

• For the content on your Paperclip server, exercise your rights through your server or its administrator, who is the controller of that data.
• For Google Play / subscription data, contact Google, which controls it.
• For anything WILDSOFT does hold (for example, if you email us), or to ask questions about this policy, contact us at [email protected]. We will respond within the time required by applicable law.

We do not discriminate against you for exercising any privacy right.

16Children's privacy

Paperclip Relay is a professional tool intended for operators of Paperclip AI companies and is not directed to children. It is intended for a general, professional audience and we do not knowingly collect personal information from children. If you believe a child has provided information through the App, contact us at [email protected].

17Changes to this policy

We may update this policy as the App changes. When we make a material change, we will update the "Last updated" date above and, where appropriate, provide notice in the App or on wildsoft.io. Your continued use of the App after an update means you accept the revised policy.

18Contact us

If you have questions about this Privacy Policy or about privacy in Paperclip Relay:

• WILDSOFT LTD
• Email: [email protected]
• Website: wildsoft.io