Privacy Policy – 11.05.2026

This is an archived version of Our Privacy Policy
We have highlighted the changes made to Our Privacy Policy
See previous versions here.

Our privacy policy was last updated on July 11th, 2025 May 11th 2026. 
See previous versions here.

1. Introduction.

This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information if You use our Applications. The Policy tells You about Your privacy rights and how the law protects You. 

We use Your data to provide and improve the Services. When installing, running, and using Appvestor applications and Caller ID technology, You agree to the collection and use of information in accordance with this Privacy Policy. 

Our Applications are not intended for or designed to attract anyone under the age of 18.

2. Interpretation and Definitions

Interpretation
Unless otherwise stated in the context, the following terms have the following meanings, and they shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions
For the purposes of this Privacy Policy:

• “Company” (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to:
      Appvestor ApS
      DK37614904,
      Gladsaxevej 342, 2860 Soeborg
      Denmark
• “Country” refers to Denmark.
• “Device” means any device that can access the Service.
• “Data” is any information that relates to a User of any of Our Services.
• “Service” refers to the Applications and their features.
• “Data Partner” means any natural or legal person to whom data is transferred making it possible for the Data Partner to – via Appvestor’s Services – provide advertising to the end-user.
• “Usage Data” refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
• “You” means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Services, as applicable. You can be referred to as the Data Subject or as the User as You are the individual using the Service.

3. Data Collection and Processing

Types of Data Collected

3.1 For end-users of an application with Our Services integrated

Technical Information
While using Our Service We may ask You to provide Us with some necessary technical information. Technical information may include, but is not limited to: IP-address, Your country, Usage Data, device language, device internet speed, and device information number from Your device so that the Services can be provided to You. This collected information is required for Appvestor to verify that Your device is accurately registered.

Other data
Appvestor accesses and processes phone numbers of, and duration of, incoming and outgoing calls and contact lists with Your explicit consent, to be able to provide You with Our Caller ID service. Appvestor also accesses and makes use of the Advertising Identifier (Advertiser ID) connected to the installed app and may access and use the documentation on Your consent within Your Google Account setting regarding personalized advertisements.

To be able to offer you certain features of the Application, Appvestor may, only with Your explicit consent, request access to your location data, which may include Your background location, approximate location, and precise location.

Documentation on this consent only entails a unique ID, which is generated when You install the mobile application and make Your choice regarding advertisements. Appvestor cannot trace advertiser IDs, or the unique ID related to a consent back to the identity of a specific user. To be able to offer you certain features of the Application, Appvestor may, only with Your explicit consent, request access to your location data, which may include Your background location, approximate location, and precise location. 

Appvestor may ask Your app provider to provide Us access to some necessary technical information. Technical information may include but is not limited to: device information number from Your device so that the Services can be provided to You. This collected information is required for Appvestor to verify that the device of the User (= You) is accurately registered.

Furthermore, when You use Our Service, Our Data Partners may, only with Your explicit consent, collect certain device and location data (this may include background location, approximate location, and precise location) to be able to offer a range of services to third parties that include, but are not limited to, a more customized ad experience, location analysis, targeted advertising as well as improved app functionality and user experience through analytics. You can withdraw Your consent at any time through the in-app settings or by contacting Us at privacy@appvestor.com. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

3.2 For end-users of an application with Appvestor Technology integrated only
If You have installed an application on Your device that exclusively integrates Appvestor Technology, We may request that Your app provider grant Us access to certain technical information necessary for the provision of Our Technology. Such technical information may include, but is not limited to, device identification numbers, usage data, and advertiser identifiers. The collection of this information is required to verify the proper registration of Your device. Appvestor does not have the capability to associate advertiser identifiers with the identity of any specific user.

For applications only using Appvestor Technology and not Our Sevices, we do not share any of Your data with Our data partners or third parties.

4. Use of Your Data

Appvestor commits itself to the terms of the Google Play Developer Program Policies and reserves the right to use anonymous data for statistics and user support without restrictions regarding applicability in time.

Appvestor may use Your Data for the following purposes:

• To provide and maintain Our Service, including monitoring the usage of Our Service for the purpose of improving the technical functionalities and provide you with the Application features.
• To contact You: To contact You through electronic communications, such as push notifications.
• To manage Your requests: To attend to, and manage a request from You on the deletion of the App and all Your personal data.
• To comply with legal obligations: To fulfill obligations under applicable law, including GDPR, CCPA/CPRA, LGPD, and PIPA.

We may share Your Data in the following situations:

• With business partners (Data Partners): We may – with Your consent – share Your information with Our business partners. Our business partners may merge the collected data elements to offer You certain services when You click on ads delivered via Our Service in accordance with their stated purposes in their respective privacy policies.
• See our list of data partners below.
• With authorities: Where required by applicable law or valid court order, We may disclose Your data to public authorities.

We do not sell Your personal data to third parties for monetary compensation. We do not share Your personal data for cross-context behavioural advertising without Your explicit consent.

5.  Legal Basis for the Processing of Your Data

Appvestor processes personal data to pursue Our legitimate interest in managing Our business – including being able to handle contracts and purchases of various products and licenses for Our business and to improve, develop and market Our Services, and comply with Our legal obligations. The legal basis for Our processing is thus the following articles in the general data protection regulation:

• Article 6(1)(a): Personal data may be processed with express consent.
• Article 6(1)(b): Personal data may be processed if necessary to fulfill a contract.
• Article 6(1)(c): Personal data may be processed if this is necessary to comply with a legal obligation.
• Article 6(1)(f): Personal data may be processed if necessary to pursue a legitimate interest unless the interests of the data subject precede this.
• Article 9(2)(a): Where processing involves Sensitive Personal Data (e.g. precise location data that may indirectly reveal sensitive characteristics), processing is based on explicit consent only.

Note: Because We process Your data partly on basis of Article 6 (1) litra f, (legitimate interests) You may in certain cases object to Our otherwise lawful processing of Your personal data if You find that Your interests in not having Your data processed exceeds Our legitimate interests in processing Your data, cf. article 21 GDPR. See further below on Your rights under the data protection regulation.

6. Retention of Your Data

Appvestor will process and retain anonymized Usage Data for analysis purposes. Your Data will be retained until the purpose of use is achieved or You choose to have it deleted. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods. How long specific personal data is retained depends on the purpose for its use, however, As a general rule, personal data linked to a specific device or user is retained for no longer than 24 months from the date of collection, after which it is anonymized or deleted, unless a longer retention period is required by applicable law. We will delete your personal data in accordance with applicable law.

7. Transfer of Your Data

Your Data (the advertiser ID and unique ID regarding consent), may be processed in any place where Our Data Partners are located. It means that this information may be transferred to — and maintained on — servers located outside of Your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of Your jurisdiction.

If Your data is transferred to a country outside the EU/EEA, and if the country in question has not been approved by the European Commission as providing adequate protection, (See list of adequacy decisions here) Our data transfers will be based on Standard Contractual Clauses (SCC) also approved by the European Commission.

Furthermore, Appvestor will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Where data is transferred to the United States, We rely on Standard Contractual Clauses (SCCs) as the applicable transfer mechanism in accordance with GDPR Chapter V. We conduct Transfer Impact Assessments (TIAs) where required.

We have agreements with the following Data Partners. These third-party vendors collect, store, use, process, and transfer information about Your activity on Our Service in accordance with their own Privacy Policies. We are currently partnered with the following Data Partners who all act as independent Data Controllers to whom Your data will be transferred:

• AdMob (Google) Privacy Policy
• Facebook Audience Network Privacy Policy
• The Umlaut InsightCoreSDK Privacy Policy
• Tutela Privacy Policy
• Outlogic Privacy Policy
• Cell Rebel Privacy Policy
• Cuebiq Privacy Policy
• OpenSignal Privacy Policy
• AppLovin Privacy Policy
• OpenWeather Privacy Policy
• GNews Privacy Policy
• Pangle Privacy Policy
• Amazon Privacy Policy
• Gamezop Privacy Policy
• Liftoff Privacy Policy

Important note – Outlogic: In January 2024, the U.S. FTC issued a final consent order prohibiting Outlogic from selling or sharing sensitive location data. Appvestor only transfers non-sensitive, explicitly consented data to Outlogic in strict accordance with the FTC order and applicable GDPR requirements. Users may withdraw consent at any time through in-app settings.

All of Our Service Providers reserve the right to use and merge the transferred information for statistics, customizing ads in the Application and other advertising, and user support without restrictions regarding applicability in time and in accordance with their stated privacy policy. We will therefore only transfer data with Your specific consent. 

8. Other Disclosure of Your Data

Law Enforcement
Under certain circumstances, Appvestor may be required to disclose Your Data in accordance with law or in response to valid requests from public authorities (e.g. a court or a government agency). Appvestor may also disclose information associated with You, as well as contact information to third parties if required by law. Appvestor will comply with all applicable data protection provisions, including section 5 of the Danish Act on Personal Data.

Opt-Out from Data Collection and Inquiries
Users have the right to ask Appvestor not to continue the processing of Personal Data. Users can exercise their rights to prevent processing by contacting Appvestor at privacy@appvestor.com or go to the system settings within the mobile application and disable data collection and data transfer. However, we may not be able to provide You with access to certain specific functionalities of the Service if You choose to opt-out. California residents (CCPA/CPRA): You have the right to opt out of the “sale” or “sharing” of Your personal information for cross-context behavioural advertising. To exercise this right, contact us at privacy@appvestor.com or use the opt-out mechanism within the app settings.

The Service may present and contain links to and from the websites of partners and affiliates. If You follow a link to any third-party websites, please note that these websites have their own privacy policies and that Appvestor does not accept any responsibility or liability for these policies. You may check such policies before submitting any personal data to such websites at Your own discretion.

Security of Your Data
The security of Your Data is important to Us. We have implemented the appropriate technical security measures to ensure data protection in all contexts, also taking into consideration the category of the Personal Data that We process. We have further ensured contractual-based instructions to Our Data Partners regarding necessary security measures to supplement the Standard Contractual Clauses approved by the European Commission.

We implement appropriate technical and organisational measures Technical and Organisational Measures (TOMs) in accordance with GDPR Article 32, including encryption of data in transit and at rest, access controls, and regular security reviews.

9. SDK Data Collection and Consent Requirements

In accordance with Google Play Developer Program Policies and applicable data protection law (including GDPR and ePrivacy), Appvestor ensures that no third-party SDK integrated into Our Applications will collect, transmit, or process personal data before the user has been presented with a clear consent interface and has actively provided their consent.

This means:

• No SDK initialises in a data-collecting mode prior to consent being obtained. SDKs that require consent (e.g. AdMob, AppLovin, Meta Audience Network, Pangle, Liftoff) are only activated after the user has made an affirmative consent choice.
• Consent is granular — users are offered individual choices per purpose and cannot be forced to accept all-or-nothing.
• If a user declines consent, no non-essential tracking or data collection takes place.
• Users may withdraw consent at any time through in-app settings or by contacting privacy@appvestor.com.
• Appvestor maintains consent records including the timestamp, version of the consent notice shown, and the user’s choice, in accordance with GDPR Article 7(1).

Appvestor accepts full responsibility as data controller for the data collection practices of all SDKs integrated into Our Applications.

10. Prominent Disclosure – Sensitive App Permissions

Our Applications may request access to certain sensitive device permissions in order to deliver core features. In accordance with Google Play Developer Program Policies and GDPR, We provide the following explicit disclosures:

Caller ID – Phone and Call Log Permissions

To provide the Caller ID service, Our Application requests the following Android permissions, which are classified as “dangerous permissions” under Android and require explicit user grant:

• READ_CALL_LOG: Access to incoming and outgoing call history, including phone numbers and call duration, for the purpose of identifying callers.
• READ_CONTACTS: Access to the device contact list, for the purpose of matching incoming callers against saved contacts and enriching the Caller ID display.
• PROCESS_OUTGOING_CALLS (where applicable): Access to outgoing call information, used solely to provide real-time Caller ID functionality during an active call.

These permissions are requested only at the point of use, and only after the user has been shown a clear, prominent in-app disclosure. Call log and contact data accessed via these permissions is never shared with Data Partners for advertising or analytics purposes.

Location Permissions

Where the Application requests access to location data, a prominent in-app disclosure is shown prior to the permission request, explaining the specific purpose and which Data Partners may receive this data. Location access is always optional and consent-based.

11. Data Breach Notification

In the event of a personal data breach, Appvestor will act in full accordance with GDPR Articles 33 and 34 and any other applicable data breach notification requirements.

Notification to the Supervisory Authority (Datatilsynet)

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of natural persons, Appvestor will notify Datatilsynet without undue delay and, where feasible, no later than 72 hours after becoming aware of the breach, in accordance with GDPR Article 33.

The notification will include: a description of the nature of the breach; the DPO’s contact details; the likely consequences; and the measures taken or proposed to address the breach.

Notification to Affected Users

Where a personal data breach is likely to result in a high risk to the rights and freedoms of the affected individuals, Appvestor will notify those individuals directly, without undue delay, via one or more of the following methods:

• In-app notification displayed prominently when the user next opens the Application
• Push notification to affected devices, where technically possible
• Publication of a prominent notice on https://legal.appvestor.com

The notification to affected users will be in plain language and will include: a description of the breach; the DPO contact details (John Lisek, dpo@appvestor.com); the likely consequences; steps Appvestor is taking to address the breach; and recommended actions the user can take to protect themselves.

Internal Breach Response

All suspected or confirmed breaches must be reported immediately to the DPO (dpo@appvestor.com) who is responsible for assessing the breach, determining notification obligations, and coordinating the response.

12. Changes to the Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

Where changes are material — such as changes to the types of data collected, new third-party data sharing, changes to retention periods, or changes to user rights, We will provide prominent notice, which may include in-app notifications or, where required by applicable law, renewed consent will be sought.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective from when they are posted on this page.

13. Contact Us

If You have any questions, requests, or comments about this Privacy Policy, You can contact Us by sending an e-mail to: privacy@appvestor.com
Appvestor ApS, Gladsaxevej 342, 2860 Søborg, Denmark.
We aim to respond to all privacy-related enquiries within 30 days as required by GDPR Article 12.

14. Data Protection Officer (DPO)

In accordance with Article 37 of the GDPR, Appvestor ApS has appointed a Data Protection Officer (DPO). The DPO is responsible for overseeing Appvestor’s data protection strategy and ensuring compliance with applicable data protection legislation.

Name: John Lisek
E-mail: dpo@appvestor.com
Organisation: Appvestor ApS, Gladsaxevej 342, 2860 Søborg, Denmark

You have the right to contact the DPO directly at any time regarding the processing of Your personal data, to exercise Your data subject rights, or to raise any concerns or complaints relating to data protection. The DPO operates independently and is bound by confidentiality.
The appointment of the DPO has been registered with the Danish Data Protection Authority (Datatilsynet) as required under GDPR Article 37(7).

15  For Users Within the European Economic Area (EEA)

Appvestor undertakes to respect the confidentiality of Your Data and to guarantee You can exercise Your rights.

You have the right under this Privacy Policy, and by law, if You are within the European Union (EU), to:

• Access Your Personal Data and update or delete the information We have on You. Please contact Us to assist You.
• Correct the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
• Object to the processing of Your Personal Data.. This right exists where We are relying on legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to Our processing of Your Personal Data on this ground. You also have the right to object to where We are processing Your Personal Data for direct marketing purposes.
• Erasure. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
• Request the transfer of Your Personal Data. We will provide to You, or to a third party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format (data portability). Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
• Withdraw Your consent. You have the right to withdraw Your consent on using Your Personal Data at any time. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
• Restrict processing. You have the right to request that We restrict the processing of Your personal data in certain circumstances as set out in Article 18 GDPR.
• Lodge a complaint with your local data protection supervisory authority.

You may exercise Your rights of access, rectification, cancellation, and opposition by contacting Us. Users can exercise their rights to prevent processing by contacting Appvestor at privacy@appvestor.com. Please note that We may ask You to verify Your identity before responding to such requests.

We will respond to all valid data subject requests within 30 days of receipt. Where necessary, this period may be extended by a further two months, and We will inform You of any such extension.

You have the right to complain to the Danish Data Protection Authority about Our collection and use of Your Personal Data. For more information You can contact (Datatilsynet) at: 
Carl Jacobsens Vej 35, DK 2500 Valby | Tel: +45 33 19 32 00 | dt@datatilsynet.dk 

16. For Users Within State-Specific Areas in the United States

If You are a resident in specific states in the United States click here to read Your rights, in addition to this Privacy Policy. Supplemental information applicable solely to all visitors, users, and others who reside in the specified states.

Additional Privacy Notice for US Residents.

California (CCPA / CPRA)

If You are a resident of California, You have additional rights under the CCPA as amended by the CPRA:

• Right to Know: What personal information we collect, use, disclose, and sell about you.
• Right to Delete: Personal information we have collected from you, subject to certain exceptions.
• Right to Correct: Inaccurate personal information that we maintain about you.
• Right to Opt Out of Sale / Sharing: You have the right to opt out of the “sale” or “sharing” of your personal information for cross-context behavioural advertising.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
• Right to Limit Use of Sensitive Personal Information: You may limit Our use of sensitive personal information to purposes necessary to perform the services you requested.

Categories of personal information collected in the past 12 months: identifiers (device ID, IP address, advertising ID), geolocation data, internet and network activity information, and inferences drawn from such information.

We do not knowingly sell or share the personal information of consumers under 16 years of age without affirmative authorisation.

To exercise your California privacy rights contact us at: privacy@appvestor.com or visit: https://legal.appvestor.com/us_resident/

Other US States

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), Montana (MCDPA), Oregon (OCPA) and other states with applicable privacy laws have rights including access, correction, deletion, data portability, and opt-out of targeted advertising. Contact us at privacy@appvestor.com to exercise these rights.

Supplemental information for US state residents is available at: https://legal.appvestor.com/us_resident/

17. LGPD – For Users in Brazil

If You are a resident of Brazil, You have rights under the Lei Geral de Proteção de Dados (LGPD – Law No. 13,709/2018). Appvestor ApS acts as the data controller in relation to the processing of Your personal data.

Your Rights Under the LGPD

In accordance with Article 18 of the LGPD, You have the following rights regarding Your personal data:

• Confirmation of processing: The right to confirmation of the existence of processing of Your personal data.
• Access: The right to access Your personal data held by Appvestor.
• Correction: The right to correct incomplete, inaccurate, or outdated personal data.
• Anonymisation, blocking, or deletion: The right to request anonymisation, blocking, or deletion of unnecessary, excessive, or unlawfully processed personal data.
• Data portability: The right to receive Your personal data in a structured, interoperable format for transfer to another service provider, subject to commercial and trade secrets.
• Deletion of consented data: The right to request the deletion of personal data processed on the basis of Your consent, except where retention is required by law.
• Information about sharing: The right to information about which public and private entities Your personal data has been shared with.
• Information about consent: The right to information about the possibility of not providing consent and the consequences of refusal.
• Revocation of consent: The right to revoke Your consent at any time through a simple and free procedure, by contacting privacy@appvestor.com or through the in-app settings.
• Objection to processing: The right to object to processing carried out on grounds other than consent, where non-compliant with the LGPD.
• Review of automated decisions: The right to request a review of decisions made solely on the basis of automated processing of personal data that affect Your interests.

Legal Basis for Processing Under the LGPD

Appvestor processes personal data of Brazilian residents on the following legal bases as set out in Article 7 of the LGPD:

• Consent (Art. 7(I)): Where You have provided free, informed, and unambiguous consent for a specific purpose, such as personalised advertising, location analytics, or network analytics.
• Legitimate interest (Art. 7(IX)): For purposes such as fraud prevention, service improvement, and security, provided Your fundamental rights and freedoms are not overridden.
• Compliance with a legal obligation (Art. 7(II)): Where processing is necessary to comply with applicable law.

Supervisory Authority – ANPD

If You believe that the processing of Your personal data violates the LGPD, You have the right to lodge a complaint with the Brazilian National Data Protection Authority:

Autoridade Nacional de Proteção de Dados (ANPD)

Website: https://www.gov.br/anpd | E-mail: comunicacao@anpd.gov.br

To exercise any of Your LGPD rights, please contact Our DPO: John Lisek at dpo@appvestor.com or privacy@appvestor.com. We will respond within 15 days of receipt of Your request, as required under the LGPD.

18. PIPA – For users in South Korea

You have the right under this Privacy Policy, and by law, if You are within South Korea, to:

• Access Your Personal Data and update or delete the information We have on You. Please contact Us to assist You.
• Correct the Personal Data We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
• Object to the processing of Your Personal Data. This right exists where We are relying on legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to Our processing of Your Personal Data on this ground. You also have the right to object to where We are processing Your Personal Data for direct marketing purposes.
• Erasure. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.

Appvestor and Our Data Partners will not collect, process, share, or access any location data from South Korea.

You may exercise Your rights of access, rectification, cancellation, and opposition by contacting Us. Users can exercise their rights to prevent processing by contacting Appvestor at privacy@appvestor.com. Please note that We may ask You to verify Your identity before responding to such requests.

18. Deletion of Your Data

All data that has fulfilled its purposes will be identified by Appvestor and deleted without delay in accordance with this privacy policy. Appvestor will take all commercially and technologically reasonable measures to ensure personal data will practically not be recoverable or reproducible. Data will specifically be deleted depending on how the data was collected, stored, and your interaction with Our Services. Digital documents containing personal data will be deleted via a technical method that will make it reasonably impossible to recover, retrieve, or become re-identifiable. Appvestor does not store personal data on non-digital documents or files.

20. Overseas Transfer of Your Data – South Korea (PIPA)

Appvestor may share personal data as described in this privacy policy. We may share data with the following third-party service providers outside of Korea as described.

Users have the right to ask Appvestor not to continue overseas transfer of Personal Data. Users can exercise their rights to prevent overseas transfers by contacting Appvestor at privacy@appvestor.com or disabling data collection in the app’s system settings. go to the system settings within the mobile application and disable data collection and data transfer. However, Appvestor may not be able to provide You with certain specific functionalities of the Service if You choose to opt-out.