Privacy Policy
Last updated: May 9, 2026
Tracker Detector — AirTag Scan ("the App") is published by Bulpara Inc ("we", "us", "our"). This policy describes how we collect, use, and protect information when you use the App. The short version: nothing leaves your iPhone, by design.
1. Apple Privacy Nutrition Label
The App’s App Store listing carries the strongest possible privacy posture: Data Not Collected across every Apple-defined category. We do not collect contact info, health data, location, identifiers, usage data, diagnostics, or anything else.
2. Bluetooth Scans & Tracker Data
- Scans run on-device only. The App uses Apple’s CoreBluetooth framework on your iPhone to listen for nearby Bluetooth Low Energy advertisements (AirTag, Tile, Samsung SmartTag, Chipolo, Pebblebee, generic Find My accessories).
- Detected device data — identifiers, RSSI signal strength, advertised service UUIDs, tracker family classification — is stored locally in the App’s SwiftData store on your iPhone.
- The App does not upload, transmit, stream, or store scan results, device identifiers, or tracker history on our servers. We have no servers that hold user scan content.
- If you delete the App, all locally-stored detection history, sightings, and labels are removed by iOS.
3. Location Data
- To support “follow-me” detection (the same unknown tracker showing up across multiple places), the App records a coarse location stamp with each sighting.
- Location data never leaves your iPhone. It is stored in the App’s local sightings database and used only to show you a map of where a persistent tracker has been seen.
- The App uses iOS’s significant-location-change API for background monitoring (Premium only). This minimises battery use and limits how often the App is woken to scan.
- You can revoke Location permission at any time in iOS Settings › Tracker Detector › Location.
4. Permissions We Request
- Bluetooth: Required for the core scan feature. The App lists nearby BLE advertisements; iOS blocks the App from connecting to anything without your involvement.
- Location (When In Use, optional Always): Used only to tag scans with the place they happened so we can detect a tracker that follows you across locations. “Always” is required only for Premium background monitoring.
- NFC: Used only when you tap your iPhone to a physical AirTag and choose “Tap to read NFC”. NFC reads are one-tap, on-device, and never transmitted off-device.
- Notifications (optional): Used only to alert you when a tracker has been with you for the threshold you choose (15, 30, or 60 minutes). All notifications are scheduled locally by iOS — we do not run a notification server.
5. Data We Store Locally
- Detection history: Detected device records (UUIDs that may rotate, advertised service IDs, last-seen timestamps), sightings (coarse location, time, RSSI), and any labels you apply. SwiftData on your iPhone.
- Preferences: Background-monitoring toggle, alert thresholds, theme preference, daily scan counter.
- Daily scan counter: A local counter that resets at midnight to enforce the free-tier 3-scans-per-day limit. No counter data is transmitted off-device.
- Purchase status: Subscription state is managed by Apple’s StoreKit and cached locally for feature gating.
6. Third-Party Services
The App uses the following third-party services:
- Apple App Store / StoreKit: Manages subscriptions and purchases. Governed by Apple’s privacy policy.
- Google AdMob (free tier only): Displays banner and interstitial ads to free-tier users on the Dashboard, in the Following Log, and after a scan completes. AdMob may collect device identifiers for ad personalization. Tracker detections, scan results, and locations are never shared with AdMob — we never pass scan content to any ad request. See Google’s Privacy Policy.
Premium subscribers see no ads and trigger no AdMob requests. The App also disables ads on the live scan screen, on tracker detail screens, on NFC owner-info screens, and on evidence export — we do not run ads in sensitive contexts.
7. Data Storage and Security
- All scans, sightings, history, labels, and preferences are stored locally on your device.
- No tracker data, location data, or identifiable scan content is transmitted to or stored on our servers. We have no servers that hold user scan content.
- Purchase verification uses Apple’s secure StoreKit framework.
- The App’s core detection feature works completely offline.
8. Data Sharing
We do not sell your personal data. We do not share your scan results, sightings, or location history with any third party. AdMob may collect device-level data for ad personalization (free tier only); detection content is excluded from every ad request.
9. Your Rights
You can:
- Delete individual sightings, devices, or labels from inside the App at any time
- Delete the App to remove all local detection history, sightings, and preferences
- Revoke Bluetooth, Location, NFC, or Notifications permission from iOS Settings at any time
- Export a PDF of your detection evidence (Premium) and decide where to share it — we never see it
- Request information about data handling by contacting us at privacy@bulpara.com
10. Sensitive User Safety
We recognise that the App’s primary user base includes domestic-violence survivors and people who suspect they are being stalked. We have intentionally designed the App so that:
- No account is required — nothing links your scan history to your real identity
- No analytics are collected on scan content or detection outcomes
- No cloud sync exists that could be accessed by a partner with shared Apple ID access — all data is in the App’s local sandbox
- The App can be deleted at any time to remove all evidence that you ran a scan
If you believe you are in danger, contact local law enforcement or the National Domestic Violence Hotline at 1-800-799-7233 (US) or thehotline.org.
11. Children’s Privacy
The App is rated 4+ and is not intended to collect data from children under 13. Because the App does not collect personal data, this is enforced by design.
12. Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated “Last updated” date.
13. Contact Us
If you have questions about this privacy policy, contact us at: