Halo Theme Pack

1. Data we collect

Halo only collects what is strictly required to make the app work and to operate it as a sustainable free service. We group the data we handle into four categories.

1.1 Data you provide directly

• Language preference — stored locally on your device.
• Theme + accent + unlocked premium items — stored locally on your device only; never transmitted to our servers.
• Wallpaper rotation queue + cached weather snapshot — stored locally on your device only.

1.2 Data collected automatically

• Approximate location (city level) — derived from your public IP address via ipinfo.io the first time the Weather widget runs. Used solely to fetch the local forecast. Cached locally; never sent to our servers.
• Current weather — temperature, sky condition and day/night flag fetched from Open-Meteo.
• Diagnostics & crash reports — anonymised stack traces, device model, OS version and a session identifier are sent to Firebase Crashlytics when the app crashes or records a non-fatal exception. We use these only to fix bugs.
• Usage analytics — screen views, button taps, session duration and similar product-improvement signals are sent to Firebase Analytics in an aggregated form.
• Advertising identifiers — Google Mobile Ads SDK reads your Advertising ID (AAID) to show relevant ads and to enforce frequency caps. You can reset or limit it from your Android Settings → Privacy.

1.3 Data fetched from our backend

• Catalog content (widget configurations, wallpaper URLs, theme metadata, ad configuration) is fetched read-only from Halo’s private content API. The request includes only the application identifier so we can deflect random scrapers — it does not include any personal identifier and does not send any data about you.

1.4 Data we never collect

• We do not collect your name, email, phone, contacts, photos, calendar events or microphone input.
• We do not request precise GPS location.
• We do not track your activity in other apps or on the web.

2. Why we use this data

• Operate core features — apply wallpapers, render widgets, deliver the curated catalog.
• Provide weather information — convert your IP-derived city into a current-weather snapshot.
• Fix crashes & bugs — Crashlytics stack traces and breadcrumbs.
• Improve the product — aggregated Analytics events tell us which widgets and themes resonate.
• Show ads & offer rewarded unlocks — funded entirely by ads; rewarded video unlocks premium items per device.

3. Third parties we share data with

We do not sell your personal information. We do, however, rely on the following processors to deliver the app. Each acts under its own privacy policy, linked below.

4. Legal basis (EU/UK GDPR)

• Performance of contract — providing the app's features.
• Legitimate interests — security, fraud prevention, aggregate analytics for product improvement.
• Consent — personalised ads in the EU/UK, gathered via Google's User Messaging Platform on first launch and revisitable from Settings → Privacy preferences.

5. Data retention

• On-device data — kept until you uninstall the app or clear its storage from Android Settings.
• Crashlytics & Analytics — retained per Google's defaults: typically 90 days for crash data, up to 14 months for Analytics events. Aggregated reports may be kept longer.
• AdMob logs — handled per Google's policies.
• Weather + IP geolocation — cached locally on device only; the third-party processor's retention applies to their own logs.

6. Your rights

Depending on where you live (EU, UK, California, Brazil, Canada and others), you may have the right to:

• Access the data we process about you.
• Rectify inaccurate data.
• Delete your data — uninstalling the app + resetting your Advertising ID effectively removes everything we hold.
• Withdraw consent for personalised ads at any time via Settings → Privacy preferences in the app.
• Object to processing or restrict it.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at the address below. We respond within 30 days.

7. Children's privacy

Halo is rated for general audiences. It is not directed to children under 13 (or 16 in some EU jurisdictions). We do not knowingly collect data from children. If you believe a child has used the app, contact us and we will delete any data linked to that device.

8. Security

Network calls use HTTPS. The app’s local storage uses Android’s standard application sandbox — your data cannot be accessed by other apps on your device. Our internal infrastructure is access-restricted to authorised personnel only.

No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but commit to investigate and notify you of any incident affecting your data without undue delay.

9. International transfers

Our processors (Google, Firebase, ipinfo.io, Open-Meteo) may store and process data on servers located outside your country, including in the United States. Transfers are covered by the EU Standard Contractual Clauses or equivalent safeguards.

10. Changes to this policy

We may update this policy when we add features, change processors or improve disclosures. The "Last updated" date at the top reflects the latest revision. Material changes will be highlighted in the app on next launch.

11. Contact us

Questions, requests or concerns about your data? Reach the Halo privacy team at:

• Email — contact@bloksymedia.com
• App publisher — Halo Studio