1. Who we are
Invonix ("we", "us", "our") is the publisher of the Invonix Android application
(package com.srtech.invonix), available on Google Play. For privacy
questions, deletion requests, or complaints, write to
srtech.app20@gmail.com.
2. What information Invonix processes
2.1 Data you enter into the app (stays on your device)
These records are stored locally in a Room database on your device and never sent to any server controlled by us. They include:
- Business profile — name, phone, email, address, GST number, logo, signature image.
- Customers — name, phone, email, address, GSTIN.
- Invoices — number, line items, prices, taxes, discounts, status, due date, notes, optional per-invoice signature.
- Quotations — number, line items, prices, notes, conversion status.
- Expenses — title, category, amount, date, notes.
- Signatures — drawn or imported signature images.
- App settings — selected template, accent colour, font, currency, dark-mode preference, recent/favourite templates, custom PDF branding line (Premium).
- AI history — prompts you typed into the AI Assistant and the generated text the app showed you. Stored locally only.
2.2 Account data (only when you sign in for cloud backup)
Cloud backup is optional. If — and only if — you tap Connect to Google Drive in the Backup & Sync screen, the app uses Google's Credential Manager and Identity Services to:
- Identify you by your Google account email and (where Google provides it) display name and profile photo URL.
- Request the
drive.appdatascope, which lets the app read and write only the app's own hidden folder inside your Google Drive. Invonix cannot see, read, or modify any of your other Drive files.
This account information is held only on your device. We do not transmit it to any server we control.
2.3 Data uploaded to Google Drive (when you enable cloud backup)
If cloud backup is enabled, the app builds a single ZIP archive of your local database and app preferences and uploads it to your Google Drive AppDataFolder. The ZIP contains everything in section 2.1 above. It is stored inside your own Google Drive — Invonix never receives a copy. Only the Invonix app on a device signed in to the same Google account can read this file. You can delete it any time from Drive Settings → Manage Apps → Invonix → Delete hidden app data.
The auto-backup feature runs in the background through Android WorkManager. It is gated on (a) an active Premium subscription, (b) the Auto-backup toggle being on, (c) Google Drive being authorised, and (d) network + battery + storage constraints being satisfied. When any of those is false the worker silently skips.
2.4 Data sent to third-party services
Invonix uses the following Google-owned services, and only these:
| Service | What it receives | When |
|---|---|---|
| Google Play Billing | Subscription purchase tokens, product IDs, your Play account identifier | Only when you subscribe / restore / cancel |
| Google AdMob | Standard ad-request information (device advertising ID, coarse device data, app info) and limited interaction events | Free-tier users only, while ads are shown |
| Firebase Crashlytics | Crash stack traces, app version, OS version, device model, anonymous installation ID | Only when the app crashes |
| Google Drive | The cloud backup ZIP and its metadata | Only when you enable cloud backup |
| Google Sign-In / Credential Manager | Your Google account ID token | Only when you tap Connect to Google Drive |
We do not integrate any of the following: advertising networks other than AdMob; third-party analytics SDKs; behavioural-profiling vendors; AI / LLM APIs; CRM tools; email marketing platforms.
3. Permissions Invonix requests
| Permission | Required? | Why |
|---|---|---|
INTERNET, ACCESS_NETWORK_STATE |
Always | Play billing, cloud backup, ads, crash reports |
com.android.vending.BILLING |
Always | In-app subscriptions |
WRITE/READ_EXTERNAL_STORAGE (Android 9 and below only) |
Optional | Saving exported PDFs into the public Downloads/Invonix/
folder. Android 10+ uses scoped storage and asks for nothing. |
| Camera (system-managed) | Optional | Only when you tap "Take a photo" while creating a signature. The OS handles the capture; the app never accesses the camera directly. |
Invonix does not request: contacts, location, microphone, phone state, calendar, SMS, body sensors, accounts list, manage external storage, biometrics, USB, or any background-location permission.
4. How we use your information
- To run the app. Almost all processing happens on your device with no network involved.
- To back up your data, when you ask us to, into your own Google Drive AppDataFolder.
- To process subscriptions through Google Play Billing.
- To show ads to free users through Google AdMob.
- To improve stability by receiving anonymous crash reports through Firebase Crashlytics.
We do not use your data for advertising profiling, for sale to data brokers, for credit scoring, or for any purpose other than running the features you see in the app.
5. Legal basis (EEA / UK / GDPR regions)
- Performance of contract — to provide the invoice-maker functionality.
- Consent — for cloud backup, ads personalisation, and any non-essential processing. You can withdraw consent at any time (disconnect Drive, upgrade to Premium to remove ads, or uninstall).
- Legitimate interest — to keep the app stable through anonymous crash reports.
6. International transfers
Google's services (Drive, Play Billing, Firebase, AdMob) operate globally. Data routed through them may be stored or processed on Google's servers outside your country. Google publishes the relevant safeguards at policies.google.com/privacy.
7. Data retention
- On-device data stays until you delete it or uninstall the app.
- Cloud backup ZIP stays in your Google Drive AppDataFolder until you sign out, delete it, or revoke Invonix's Drive permission at myaccount.google.com/permissions.
- Crashlytics reports are retained by Google for up to 90 days by default.
- AdMob data retention follows Google's terms.
8. Your rights
You can, at any time:
- Access every piece of data Invonix has about you — it is all visible inside the app and inside your own Google Drive AppDataFolder.
- Export your data — Settings → Backup & Restore →
Local Export writes a ZIP to
Downloads/Invonix/. - Disconnect Drive at Settings → Backup & Sync → Disconnect. Your existing Drive backup is not deleted by this — you control it.
- Withdraw consent for ads by upgrading to Premium, or for crash reports by uninstalling.
- Lodge a complaint with your local data protection authority.
To exercise any of these rights, write to srtech.app20@gmail.com. We respond within 30 days.
9. Children's privacy
Invonix is intended for users 13 years of age and older (or the relevant minimum age in your country). We do not knowingly collect information from children. If you believe a child has used the app, contact us and we will remove any account-linked data.
10. Security
- All network traffic to Google services uses TLS (HTTPS). Clear-text traffic is disabled by the app's network security configuration.
- Drive access tokens live only in memory; they are never written to disk.
- The backup ZIP itself is not encrypted by Invonix — it relies on Google Drive's at-rest encryption. A future release may add client-side encryption with a user-controlled key; until then, treat your Google account credentials as the protection boundary.
11. Changes to this policy
When we make material changes we update the date at the top and, where appropriate, surface a notice inside the app on next launch. The latest version is always at
12. Contact
srtech.app20@gmail.com — privacy questions, deletion requests, complaints.