Privacy Policy — REDIL
Application: REDIL — Digital Evidence Registry with Location
Package: cloud.wilsondev.redil
Policy version: 2.1
Effective date: June 14, 2026
Last updated: June 14, 2026
1. Who we are
REDIL (Digital Evidence Registry with Location) is an Android application developed by WilsonDev, designed for professionals who perform fieldwork investigations — investigative agents, forensic experts, inspectors, private investigators, attorneys, and audit teams.
Data Controller (Art. 5, VI of Brazilian LGPD):
Name: Wilson Souza
Brand: WilsonDev
Website: https://wilsondev.cloud
Contact e-mail: apc.wss@gmail.com
Data Protection Officer (DPO): Wilson Souza — apc.wss@gmail.com
2. About this policy
This Privacy Policy describes which personal data REDIL collects, why we collect it, how we store it, with whom we share it, and what rights you have as a user.
This policy is drafted in compliance with:
Brazilian General Data Protection Law — LGPD (Law No. 13.709/2018)
Brazilian Internet Civil Framework (Law No. 12.965/2014)
Google Play Store User Data Policy
General Data Protection Regulation (GDPR) principles, where applicable
By installing and using REDIL, you agree to the terms described in this policy. If you disagree, do not use the application.
2.A Core principle: your data stays on your device
REDIL is built around a principle of privacy by architecture (local-first):
REDIL has no server of its own. WilsonDev operates no server that receives, stores, or processes the evidence you capture.
All the evidence you produce stays exclusively on your device, written in encrypted form (SQLCipher / AES-256) to the app's internal storage. This includes: photos, videos, audio, routes, targets, addresses, coordinates, field notes, generated reports, audit logs, and the chain of custody.
This data is never sent to WilsonDev or to any central server, and the Android automatic cloud backup is disabled (allowBackup="false"). Nothing leaves the device without an explicit action by you.
The only situations in which any data leaves the device are the three below — and only these:
Login (required): your e-mail and password (always hashed, never in plain text) are sent to Firebase Authentication (Google) solely to authenticate your access. No captured evidence is sent in this process.
Crash telemetry (optional, off by default): only if you manually enable it, anonymous crash diagnostics are sent to Firebase Crashlytics (Google). This data contains neither your evidence nor your e-mail.
Export that you trigger: when you choose to use "Export to Drive", only the files you select are uploaded to your own Google Drive account.
During capture the app also queries geocoding services (to convert coordinates into an address) and an NTP time service (pool.ntp.br, for the chain of custody) — these queries do not transmit your evidence or personally identifiable data.
Sections 3 through 6 below detail each of these points.
3. What data REDIL collects
3.1 Data you provide directly
Category Item When
Identification E-mail Sign-up / login
Identification Password (stored only by Firebase, hashed, never by REDIL) Sign-up / login
Identification Professional name, organization, badge number, role, unit "Profile" tab (optional)
Visual identity Institutional logo and digital signature (images) "Profile" tab (optional)
Operational Target names, addresses, coordinates, radii and notes Route registration
Operational Field observations and annotations Post-capture form
3.2 Data automatically collected during capture
Category Item Why
Location Latitude, longitude, altitude, GPS precision Forensic stamp embedded in each photo/video
Location Address derived from reverse geocoding Forensic stamp
Sensors Compass azimuth (optional) Forensic stamp
Media Photos and videos captured by camera Core function
Audio Audio track from recorded videos Integral component of the video
Temporal Local date/time and NTP timestamp (pool.ntp.br) Evidence integrity
Integrity SHA-256 file hash, EC P-256 cryptographic signature Digital chain of custody
3.3 Data generated by Firebase Authentication
When you create an account:
User ID (UID) — unique identifier assigned by Firebase
E-mail verification status — "e-mail confirmed" flag
Login provider — e-mail/password or Google
Last login date and time
3.4 Diagnostic data (OPT-IN, default OFF)
Only if you manually enable in Settings → Telemetry:
App crash and ANR reports
App version, device model, Android version
Anonymous stack trace and logs related to the crash
This data goes to Firebase Crashlytics (Google) and is never associated with your name or e-mail.
3.5 Data REDIL does NOT collect
To be clear, REDIL does NOT access and does NOT collect:
❌ Your contacts list
❌ Your calendar history
❌ Your SMS, MMS, or e-mails
❌ Your web browsing history
❌ Advertising identifiers (Advertising ID)
❌ Persistent device identifiers (IMEI, serial number)
❌ Financial, banking, or card data
❌ Health, biometric, or genetic data (the fingerprint used to unlock the app stays on your device and never leaves it)
❌ Your background location (the ACCESS_BACKGROUND_LOCATION permission was removed in version 1.1.2)
❌ Any data from other installed applications
4. Why we collect each piece of data (purpose and legal basis)
Data Purpose Legal basis (LGPD/GDPR)
E-mail and password Authentication in the app Performance of contract (LGPD Art. 7, V / GDPR Art. 6(1)(b))
Name, organization, role, etc. Professional identification on reports Consent (LGPD Art. 7, I / GDPR Art. 6(1)(a)) — optional fields
Precise location Stamping lat/long on forensic evidence Legitimate interest and contractual purpose (LGPD Art. 7, V and IX)
Photos and videos Core function of the application Performance of contract (LGPD Art. 7, V)
Video audio track Integral preservation of the evidence Performance of contract (LGPD Art. 7, V)
Hash, signature, NTP Digital chain of custody Legitimate interest — forensic integrity
Diagnostics (opt-in) Bug diagnosis and correction Explicit consent (LGPD Art. 7, I)
5. How we protect your data
5.1 At rest (on your device)
The local database is encrypted with SQLCipher (AES-256)
The database key is protected by the Android Keystore (hardware-backed key storage when available) with an AES-GCM wrapper key
Photos, videos, and exported files are kept in the app's internal storage (filesDir/), inaccessible to other applications
Optional biometric lock (fingerprint or face unlock) when opening the app
Your password is never stored by REDIL — only by Firebase, with a one-way hash
5.2 In transit
All communications with servers (Firebase, Google Drive) occur via HTTPS/TLS 1.3
The app's networkSecurityConfig blocks cleartext traffic
Queries to NTP servers (pool.ntp.br) use the standard SNTP protocol (UDP 123) without personal data
5.3 Digital chain of custody
Each piece of evidence generated by REDIL receives:
SHA-256 hash of the file (unique content identity)
NTP timestamp independent of the phone clock
EC P-256 cryptographic signature (SHA256withECDSA) generated by the Android Keystore
These elements allow detection of any subsequent alteration to the evidence and are exportable as a signed JSON manifest for use in formal proceedings.
5.4 No server of our own and no automatic backup
REDIL has no server of its own: WilsonDev does not receive or store the evidence you capture. Everything is written locally, in encrypted form, on your device.
The android:allowBackup="false" flag in the manifest prevents the Android automatic backup to Google cloud. Your evidence only leaves the device in the three situations described in section 2.A (login, opt-in telemetry, and export triggered by you).
6. With whom we share your data
6.1 Firebase Authentication (Google LLC)
Data shared: e-mail, password (hashed), UID, e-mail verification status
Purpose: authentication only
Server location: United States and European Union (default Firebase regions)
Firebase policy: https://firebase.google.com/support/privacy
Status: data processor, under standard Google contract
6.2 Google Drive (Google LLC) — only if you use the export function
Data shared: only the files (photos, videos, reports) that you explicitly export through the "Export to Drive" function
Permission used: drive.file scope — REDIL only accesses files that REDIL itself created in your Drive (it has no access to your other Drive files)
Permission used: documents scope — only to generate the consolidated Google Doc of the exported route
Who has access: only you, within your own Google account
6.3 Firebase Crashlytics (Google LLC) — only if you enable telemetry
Data shared: crash stack traces, device model, Android version, app version
Anonymized data — does not include your e-mail or personal data
Purpose: bug diagnosis
Status: explicit opt-in (default off)
6.4 Public NTP provider (pool.ntp.br)
Data shared: only your device's IP address in the standard SNTP connection
Purpose: obtain reliable timestamp for the chain of custody
No personal data is transmitted — it is a standard worldwide clock query
6.5 Who does NOT receive your data
REDIL does not share your data with:
❌ Advertising platforms (Google Ads, Meta Ads, etc.)
❌ Data brokers
❌ Third-party analytics platforms (Mixpanel, Amplitude, etc.)
❌ Social networks
❌ Any company not listed in sections 6.1 through 6.4 above
7. How long we keep your data
7.1 On your device
Data remains as long as the app is installed. If you uninstall the app without first deleting your account, local data is removed by Android along with the app, but the associated Firebase account remains.
7.2 In Firebase Authentication
Your Firebase account persists until you delete it, either:
Via the "Delete account" button inside the app (Settings → LGPD section)
By request to apc.wss@gmail.com
After deletion, all records are removed from Firebase servers within 7 business days.
7.3 Firebase operational backups and logs
Firebase may retain internal backup copies for up to 30 days after deletion, in accordance with Google policy. After this period, deletion is permanent.
7.4 Media exported to Google Drive
These files remain in your Google Drive account as long as you wish. REDIL no longer has access to these files after export — to delete them, you must remove them manually from your Drive.
8. Your rights (LGPD Art. 18 / GDPR Chapter III)
As a data subject, you have the right to:
8.1 Access to data — LGPD Art. 18, II
You can export all your data in structured JSON format at any time:
App: Settings → "My Data" → Export
The file is saved locally and can be shared
8.2 Correction — LGPD Art. 18, III
Profile data (name, organization, etc.) can be edited in Settings → Profile
To correct registered e-mail, log out and register a new one, or contact apc.wss@gmail.com
8.3 Anonymization, blocking, or erasure — LGPD Art. 18, IV
App: Settings → LGPD section → "Delete account" → immediate deletion
E-mail: apc.wss@gmail.com with subject "REDIL — Delete account" + registered e-mail
Web: detailed instructions at https://wilsondev.cloud/post/17/
Deletion removes:
Firebase account
All routes, targets, captured media, reports, audit logs, cryptographic signature key, settings, and profile data
Deletion does NOT remove:
Media you shared or uploaded to your Google Drive (we do not have access to delete them — you must remove them manually from Drive)
Media you shared via WhatsApp, e-mail, or other channels
8.4 Portability — LGPD Art. 18, V
The "My Data" export (item 8.1) generates an open and readable JSON, in the redil.my-data.v1 schema format, which can be imported by other tools that adopt the same format.
8.5 Information about data sharing — LGPD Art. 18, VII
This policy, section 6, lists all third parties with whom your data is shared. There are no others.
8.6 Withdrawal of consent — LGPD Art. 18, IX
You can disable telemetry (Crashlytics) at any time in Settings → Privacy → Disable Telemetry. Withdrawal does not affect processing based on other legal grounds (such as performance of contract — authentication).
8.7 How to exercise your rights
All requests can be made:
In the app: through Settings options
By e-mail: apc.wss@gmail.com with subject "REDIL — LGPD Rights"
Response timeframe: up to 15 calendar days
9. Android permissions and why
REDIL requests the following permissions. Each one is only requested when you use the corresponding functionality:
Permission Purpose
Camera Capture photos and videos
Microphone Record audio in videos
Precise location (ACCESS_FINE_LOCATION) Embed GPS in evidence (foreground only, during capture)
Approximate location (ACCESS_COARSE_LOCATION) Fallback when precise GPS is unavailable
Internet (INTERNET) Authentication, geocoding, Drive export, NTP
Network state (ACCESS_NETWORK_STATE) Detect connectivity
Biometric (USE_BIOMETRIC) Optional lock when opening the app
External storage (READ_EXTERNAL_STORAGE, Android ≤ 32 only) Import CSV/XLSX spreadsheets on older Android versions
Permissions NOT requested as of version 1.1.2:
❌ ACCESS_BACKGROUND_LOCATION — removed (no more geofencing)
❌ POST_NOTIFICATIONS — removed (no more automatic notifications)
❌ READ_MEDIA_IMAGES / READ_MEDIA_VIDEO — removed (now uses Android Photo Picker, which does not require permissions)
10. Children and adolescents
REDIL is not intended for users under 18. It is a professional operational tool. We do not knowingly collect data from minors.
If you are a legal guardian of a minor and believe they have provided data to REDIL, please contact apc.wss@gmail.com and we will remove the information within 7 business days.
11. Cookies and tracking technologies
REDIL is a native Android application and does not use cookies.
There is no pixel tracking, device fingerprinting, or advertising identifiers.
12. International data transfer
The data you provide to Firebase Authentication may be processed on Google servers located in the United States, European Union, Asia, or other regions, according to the service's standard architecture.
Google adopts standard contractual clauses and internationally recognized safeguard mechanisms for this transfer.
For Google's official position on international data transfer, see: https://policies.google.com/privacy
13. Updates to this policy
This policy may be updated periodically to reflect changes in the application or in legislation. Major changes will be communicated:
On the app's home screen after an update that changes data handling
In the header of this page (the "Effective date" field)
Previous versions remain archived at https://wilsondev.cloud/post/15/historico (if applicable).
We recommend consulting this page periodically. Continued use of the app after a policy update means acceptance of the new terms.
14. How to file a complaint with regulators
Brazil — ANPD
If you believe your rights have not been respected, you may file a complaint with the Brazilian National Data Protection Authority (ANPD):
Website: https://www.gov.br/anpd
Data subject complaint channel: https://www.gov.br/anpd/pt-br/canais_atendimento/cidadao/peticao-do-titular
Other jurisdictions
Users in the European Union may contact their local Data Protection Authority. A list is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en
15. Contact
For any question, request, or complaint regarding the handling of your data:
E-mail: apc.wss@gmail.com
Website: https://wilsondev.cloud
Account deletion: https://wilsondev.cloud/post/17/
This policy complies with Brazilian LGPD (Law No. 13.709/2018), Brazilian Internet Civil Framework (Law No. 12.965/2014), Google Play Store User Data Policy, and aligns with GDPR principles.
Version 2.1 — effective as of June 14, 2026.
Versão em português / Portuguese version: https://wilsondev.cloud/post/15/