Privacy Policy

1) What HDown is

HDown is an Android download manager. It downloads files from URLs you provide and saves them to your device. It can use multi-threaded downloading when the server supports HTTP range requests, and it can fall back to single-stream downloading when the server does not provide a file size or does not support ranges.

2) Data we collect

We do not collect personal information to any developer server because the app does not run a server-side account system, analytics backend, or advertising network integration. There is no sign-in and no cloud sync.

What we do NOT collect

HDown is built to work without user accounts and without remote telemetry. We do not collect or transmit to the developer:

• your name, email address, phone number, or contacts,
• your precise location,
• your microphone/camera data,
• your messages, photos, or other personal files,
• your advertising ID or cross-app identifiers.

Diagnostics

The app may write diagnostic logs locally (for example to Android’s log system) to help during development and troubleshooting. These logs are not uploaded to a developer server by the app.

3) Data the app stores on your device (local only)

To perform downloads reliably, HDown stores some data locally on your device:

• Download request details: URL, file name, destination path, and optional request headers you provided.
• Resume metadata: server response identifiers such as ETag and/or Last-Modified (when provided), plus chunk boundaries/offsets needed to continue an interrupted download.
• Temporary download files: in-progress data such as .tmp and .part files stored in app-private storage (cache) until the download completes.
• Local “secure resume store”: resumable state is stored under the app’s internal storage (for example filesDir/hdown_secure_store). This data is encrypted/obfuscated locally to reduce casual inspection on a rooted device, but it remains on your phone.

Where the data lives

• App-private storage (cache and internal files): used for in-progress parts and resume state. Other apps normally cannot read this folder.
• Public Downloads: after completion, the app may move the finished file into the system Downloads collection so you can access it from file managers. On modern Android, this is typically done via MediaStore.

Backups

Your Android device or Google backup may back up some app-private data depending on your device settings and OS version. This is controlled by the operating system and your Google/Android settings, not by a developer backend. If you want to avoid keeping any private download state, use Clear All Private Data in Settings.

4) Data shared with third parties

HDown necessarily communicates with the servers you download from. When you download a file:

• The destination server will receive your IP address and standard HTTP request details (User-Agent, Range headers, cookies if required, etc.).
• Your ISP, network administrator (for example a corporate Wi‑Fi), or VPN provider may observe network traffic as per their policies.

HDown itself does not send your download history, file contents, or identifiers to a developer-owned server.

5) Cookies and website session data

Some download servers require cookies or session headers (for example to authorize a download link). HDown may store cookies for a given website to keep the download working. Cookie data is used only for the network requests your device makes to that website.

You can remove such local data by using Settings → Clear All Private Data, which deletes app-private cache and the secure resume store.

6) Permissions (no hidden permissions)

HDown requests only the permissions required to function as a download manager. There are no “hidden” permissions beyond what Android shows in the app’s system permission list. Current permissions include:

• INTERNET: required to download files.
• ACCESS_NETWORK_STATE: used to detect network availability and improve error handling.
• FOREGROUND_SERVICE and FOREGROUND_SERVICE_DATA_SYNC: used to keep downloads running reliably in the background with a foreground notification.
• POST_NOTIFICATIONS (Android 13+): used to show download progress notifications. This may require a runtime prompt. You can deny it; downloads can still run, but notifications may not appear.
• READ/WRITE_EXTERNAL_STORAGE (Android 9 and below only): declared for legacy devices (maxSdkVersion=28). On those older versions, Android may ask for storage permission depending on where files are saved. Newer Android versions typically use scoped storage / MediaStore instead.

Sensitive permissions we do not request

HDown does not request sensitive permissions like location, contacts, SMS, microphone, or camera permissions.

7) Security

• Downloads occur over standard HTTP/HTTPS as provided by the URL. HTTPS provides encryption in transit; HTTP does not.
• Resume state is stored locally and encrypted/obfuscated to reduce casual reading. This is not a substitute for full device encryption.
• You are responsible for verifying downloads (for example by checksum) and scanning files before opening them.

8) Data retention

Temporary files and resume metadata may remain on the device if a download is paused, interrupted, or fails. You can remove them at any time via Settings → Clear All Private Data.

9) Children’s privacy

HDown is a utility app and does not knowingly collect personal information from children. Because the app does not provide accounts or developer-hosted services, there is no child profile data stored by the developer.

10) Changes to this policy

We may update this policy to reflect product changes, permission changes, or regulatory requirements. The “Last updated” date will be updated when changes are made.

11) Contact

For privacy questions, contact: rajji9221@gmail.com