This Privacy Policy explains how EZ Save ("EZ Save", the "App", "we", "us", or "our"), provided by Digital Sauce Pty Ltd ("Digital Sauce"), collects, uses, stores, shares, and protects your information when you use the App.
EZ Save is a private, local-first place to save and organise anything — links, images, videos, and documents — into folders, with optional end-to-end-encrypted cloud backup. We designed EZ Save so that we never see the contents of what you save.
Note for the publisher: Before going live, complete the registered legal entity address, confirm the privacy contact email, and add your App Store / Google Play listing URLs and the public hosting URL for this policy. This document is a starting point and not legal advice — have it reviewed by qualified counsel.
Contents
1. Summary (the short version)
- Your saved content lives on your device first. Folders, bookmarks, and media are stored locally on your device.
- Cloud backup is optional and end-to-end encrypted. If you turn on cloud sync, your data is encrypted on your device before it leaves it. The encryption key never leaves your device / your private keychain, so we cannot read your saved content.
- We do not use advertising or third-party tracking/analytics SDKs. We do not sell your personal information.
- We collect the minimum needed to run accounts, billing, optional AI folder suggestions, optional cloud backup, and crash diagnostics.
- You are in control: you can use the app without cloud sync, turn AI suggestions off, and delete your account and data at any time.
2. Who we are
The data controller for EZ Save is:
Digital Sauce Pty Ltd
[Registered address — to be completed before publishing]
Contact: development@digitalsauce.io
3. Information we collect
We collect different categories of information depending on which features you use.
3.1 Information you provide
- Account information. When you sign in, we use Firebase Authentication. Depending on your chosen method (Sign in with Apple, Sign in with Google, or an anonymous session), this may include a user identifier (UID) and, where you choose to share it, your email address and/or display name. You can also use the app with an anonymous account that is not tied to a personal identity.
- Content you save. Links (URLs), images, videos, documents, and the folders, names, icons, and colours you create. This content is stored locally on your device, and — only if you enable cloud sync — backed up in encrypted form (see Section 5).
- App-lock credentials. If you set up an app PIN and/or an optional second PIN profile, only a one-way hash of the PIN is stored on your device. We never store your PIN in plain text, and it is never sent to us.
3.2 Information collected automatically
- Crash and diagnostic data. We use Firebase Crashlytics to capture crash reports and error diagnostics (e.g., device model, OS version, app version, and stack traces) so we can fix bugs. These reports are not used to identify you and do not contain the contents of your saved items.
- Subscription / purchase data. If you purchase a premium subscription, purchase and entitlement information is processed by RevenueCat together with the Apple App Store or Google Play. We receive your subscription status (e.g., active/expired) tied to your account identifier; we do not receive or store your full payment-card details — those are handled by Apple/Google.
3.3 Information processed for optional features
- Link previews. When you save a link, the App fetches that web page to extract a title, description, and thumbnail so your saved item looks useful. This request goes from the App to the website you saved.
- AI folder suggestions (optional, premium). If you enable "AI folder suggestions", when you import a link the App asks our backend (a Firebase Cloud Function that calls a third-party AI model provider) to suggest the best existing folder. For this we send only: the content "kind" (link/image/video/file), and — when available — the link's title, description, and URL, plus the names and IDs of your existing folders. We do not send the file itself, the saved media, or any other folder contents. This feature is off unless you turn it on, and you can turn it off at any time in Settings.
3.4 Permissions
The App may request the following device permissions, which you can grant or deny:
- Camera — only to take a photo to save into a folder.
- Photo Library — only to import images/videos you choose into a folder.
- Face ID / biometrics — only to unlock the app locally. Biometric data is handled entirely by your device's operating system; we never receive or store it.
4. How we use information
We use information to:
- Provide the core app: create, organise, view, and search your folders and saved items.
- Authenticate you and keep you signed in.
- Provide optional end-to-end-encrypted cloud backup and multi-device sync.
- Generate link previews for items you save.
- Provide optional AI folder suggestions (only if enabled).
- Process and validate subscriptions and entitlements.
- Diagnose crashes and improve stability and performance.
- Protect the security and integrity of the App and prevent abuse.
- Comply with legal obligations.
We do not use your information for advertising, profiling for marketing, or sale to third parties.
5. How cloud sync and encryption work
Cloud sync is optional and off by default. If you turn it on:
- Your folders and items are encrypted on your device before being uploaded. The cloud only ever stores opaque, encrypted "envelopes" — not readable content.
- The master encryption key is generated on your device and stored in your device's secure keychain (on iOS, it is stored in the iCloud Keychain so a new device signed in to the same Apple ID can recover it). The key is not held by Digital Sauce, which is why we cannot read your saved content.
- On iOS, encrypted data is stored in your own private Apple iCloud (Apple CloudKit private database), which Apple scopes to your iCloud account.
- On Android / cross-platform (where available), encrypted data and encrypted media blobs are stored using Firebase (Cloud Firestore and Firebase Storage) under a path scoped to your account.
- If you turn cloud sync off, you can choose to delete the encrypted backup from the cloud; your data on the current device is retained.
Because of this design, if you lose access to your encryption key / recovery method, we will not be able to recover your encrypted content for you.
6. How we share information
We share information only with service providers ("processors") who help us run the App, and only as needed to provide the features above. These include:
| Provider | Purpose | Data involved |
|---|---|---|
| Google Firebase (Authentication, Cloud Functions, Crashlytics, and on Android: Firestore & Storage) | Sign-in, backend functions, crash reporting, and encrypted cloud storage | Account identifiers, crash diagnostics, encrypted content envelopes/blobs |
| Apple (Sign in with Apple, iCloud/CloudKit, App Store) | Authentication, your private encrypted cloud store, billing | Account identifier, encrypted content (in your private iCloud), subscription data |
| Google (Sign in with Google, Google Play) | Authentication, billing | Account identifier, subscription data |
| RevenueCat | Subscription management | Account identifier, subscription/entitlement status |
| AI model provider (via our Cloud Function, only if AI suggestions are enabled) | Suggest the best folder for an imported link | Link metadata (kind, title, description, URL) and your folder names/IDs — never files or saved content |
We may also disclose information if required by law, to enforce our terms, or to protect the rights, safety, and security of our users or the public. If Digital Sauce is involved in a merger, acquisition, or asset sale, information may be transferred, subject to this Policy.
We do not sell your personal information, and we do not "share" it for cross-context behavioural advertising.
7. Data retention
- On-device data remains until you delete it or uninstall the App.
- Encrypted cloud data remains until you turn off sync and choose to delete it, or until you delete your account.
- Crash diagnostics are retained for a limited period per the provider's defaults.
- Subscription records are retained as required for billing, tax, and accounting purposes.
8. Your rights and choices
Depending on where you live, you may have rights under laws such as the EU/UK GDPR and the California Consumer Privacy Act (CCPA/CPRA), including the right to:
- Access the personal information we hold about you.
- Correct inaccurate information.
- Delete your information ("right to be forgotten").
- Object to or restrict certain processing.
- Data portability.
- Withdraw consent for optional features at any time.
- Not be discriminated against for exercising your rights.
You can exercise key choices directly in the App:
- Use without cloud sync — keep everything on your device.
- Turn AI folder suggestions off in Settings.
- Turn off cloud sync and delete the cloud backup.
- Delete your account, which permanently deletes your account and associated data, including the encrypted cloud backup on all your devices.
To make any other request, contact us at development@digitalsauce.io. We will respond within the timeframes required by applicable law. You also have the right to lodge a complaint with your local data protection authority.
9. Security
We protect your information using end-to-end encryption for cloud backup, encryption in transit (HTTPS/TLS) for network requests, platform secure-keychain storage for keys, and on-device hashing of app-lock PINs. No method of transmission or storage is 100% secure, but we work to protect your information using industry-standard safeguards.
10. International data transfers
Our service providers may process information in countries other than your own, including the United States. Where required, we rely on appropriate safeguards (such as the EU Standard Contractual Clauses) for international transfers.
11. Children's privacy
EZ Save is not directed to children under the age of 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will delete it.
12. Third-party content
Items you save may link to third-party websites and services that have their own privacy practices. We are not responsible for the content or privacy practices of those third parties.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, notify you in the App. Your continued use of EZ Save after an update means you accept the revised Policy.
14. Contact us
If you have questions or requests regarding this Privacy Policy or your data:
Digital Sauce Pty Ltd
[Registered address — to be completed before publishing]
Email: development@digitalsauce.io
This document reflects how the EZ Save app is built and what data it processes. It is not legal advice. Please have it reviewed by qualified legal counsel and complete all placeholders before publishing.