← Back to minSync

Privacy Policy

Last updated: March 2026

Overview

minSync is a privacy-focused mobile app for self-hosted MinIO storage. We believe your data belongs to you. This policy explains what information we collect and how we use it.

Data We Collect

Account information: When you create an account, we collect your email address and a securely hashed password. This is stored on our Cloudflare Workers infrastructure.

Device information: We store basic device identifiers (device name, platform) and push notification tokens to enable background sync notifications.

Sync metadata: We store sync job status, file ETags, and timestamps to coordinate delta sync. This is metadata only — we never store your actual file contents.

Purchase information: If you purchase a subscription or one-time upgrade, we store transaction IDs and receipt data from Apple or Google for validation purposes.

Data We Do NOT Collect

• Your files: minSync connects directly to your MinIO server. Your files never pass through our servers.
• MinIO credentials: Your server access keys are stored exclusively in iOS Keychain or Android EncryptedSharedPreferences on your device. They are never transmitted to our backend.
• Browsing or usage analytics: We do not use any analytics SDKs, tracking pixels, or telemetry.
• Advertising data: minSync has no ads and shares no data with advertisers.

How We Use Your Data

• Authenticate you and manage your sessions
• Coordinate sync state across your devices
• Send push notifications when sync events occur
• Validate in-app purchases and manage your subscription

Data Storage and Security

Account and sync metadata is stored on Cloudflare's global edge network (Cloudflare D1 and KV). All communication uses TLS encryption in transit. Passwords are hashed with bcrypt before storage.

Third-Party Services

• Cloudflare: Infrastructure hosting (Workers, D1, KV)
• Apple App Store / Google Play: In-app purchase processing and receipt validation
• Apple Push Notification service / Firebase Cloud Messaging: Push notifications

Data Deletion

You can delete your account at any time through the app settings. This permanently removes all your account data, sync metadata, and device registrations from our servers. Active subscriptions should be cancelled through the App Store or Google Play before account deletion.

Children's Privacy

minSync is not directed at children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date.

Contact

Questions about this privacy policy? Contact us at privacy@lalatendu.info.