Privacy Policy

1. Information We Collect

Agently collects minimal data necessary to provide the service:

• Device information (for subscription management and fraud prevention)
• SIM card carrier information (to identify your network operator)
• Transaction history (stored locally on your device only)
• Google Play purchase tokens (for subscription verification)

We do NOT collect:

• Mobile money PINs or passwords
• Phone contacts or call logs
• Location data
• Personal messages

2. How We Use Your Information

• To provide USSD transaction automation services
• To manage your subscription status
• To detect and prevent fraud or abuse
• To improve the App's performance and reliability

3. Data Storage

All transaction data is stored locally on your device using an encrypted database. We do not transmit your transaction history to any external server unless you explicitly opt into the cloud backup feature (see Section 9). Subscription data (expiry date, plan type) is stored in encrypted device storage. An anonymous Firebase account is automatically created on first launch to support features such as cloud backup, push notifications, and community access — no email or password is required.

4. Third-Party Services

The App uses the following third-party services:

• Google Play Billing: For secure payment processing. Google's privacy policy applies to payment transactions. All purchases are handled through Google Play's native checkout.
• Firebase Analytics: Collects anonymous usage data (screen views, feature usage patterns) to help us improve the App. No personally identifiable information is collected.
• Firebase Crashlytics: Collects crash reports and non-fatal error logs to improve stability. Your anonymous user ID may be attached to reports for debugging.
• Firebase Performance Monitoring: Collects app startup time and network latency metrics to optimize performance.
• Firebase Remote Config: Fetches app configuration parameters (pricing, feature flags) from our servers. No personal data is sent.
• Firebase App Check: Verifies that requests to our backend come from the genuine app using device attestation (Google Play Integrity).
• Supabase Storage: Used exclusively to host community voice notes uploaded by users in the Community feature. Audio files are stored on Supabase's servers and accessible via a public URL. No personal data beyond the audio content itself is transmitted. Voice notes are retained for the lifetime of the post; deleting the post (or the account) removes the underlying audio file from Supabase. Posts that violate community rules may be removed by moderators. See Supabase's privacy policy.
• Firebase Authentication: An anonymous Firebase account is created automatically on first launch. This account has no email or password and is used solely to secure access to cloud features (backup, notifications, community). Your anonymous UID may appear in crash reports for debugging.
• Firebase Cloud Messaging (FCM): Used to deliver push notifications. An FCM device token is stored on our servers and associated with your anonymous account. It is used only to send notifications you have enabled.
• Shorebird (Code Push): The App may receive over-the-air code updates via Shorebird without requiring a full Play Store update. Only the app's code is updated — no personal data is transmitted to Shorebird. See Shorebird's privacy policy.
• Vercel (Payment Verification API): Google Play purchase tokens are sent to our server-side API (hosted on Vercel) for verification with Google's servers. No financial data beyond the purchase token is transmitted or stored by us.
• Google Analytics 4 — website only: The agentlygh.com website (including this page) uses Google Analytics 4 (`gtag.js`) to measure visitor counts and page views. GA4 sets cookies and processes IP addresses for visitor analytics. GA4 is not integrated into the Android app — the app does not load gtag.js or any web-analytics SDK. The mobile app's analytics are limited to Firebase Analytics as described above.

For more information on Google services, see Google's privacy policy.

For a concise summary of what Agently never collects, see our What We Don't Collect page.

5. Accessibility Services

Agently uses Android Accessibility Services solely for USSD dialog automation. The service:

• Only interacts with USSD dialogs from phone/dialer apps (com.android.phone, com.samsung.android.phone, com.google.android.dialer, and manufacturer variants)
• Does not read or access content from any other apps
• Does not capture keystrokes, passwords, PINs, or screen content from other apps
• Stops automation at PIN entry screens. Your PIN is always entered manually
• No data is collected, transmitted, or shared through this service

For full details, see our Accessibility Service Disclosure.

6. Data Sharing

We do not sell, trade, or share your personal information with third parties. Payment information is handled by Google Play for transaction processing and is subject to Google's privacy policy. Anonymous analytics and crash data is processed by Google Firebase.

The Remote Monitoring feature is a user-controlled, in-app sharing tool — comparable to user-generated content. An agent can voluntarily grant a designated monitor (e.g., a business owner or supervisor) read access to their daily transaction summary. Sharing is opt-in, expires automatically when the agent revokes the access code, and is never visible to third parties outside the relationship the agent explicitly created. If you use this feature, your daily cash summary (total cash in, cash out, and closing balance) is visible only to the specific Agently accounts you have granted access to. You can revoke access at any time from within the App. No individual transaction details, customer phone numbers, or PINs are shared.

7. Data Retention

Transaction history is stored on your device until you uninstall the App or clear the App's data. Subscription records are retained for the duration of your subscription plus 30 days. Analytics data is retained by Firebase for up to 14 months. Crash reports are retained for 90 days.

8. Fraud Database

When you report a phone number as fraudulent:

• The phone number is converted to a cryptographic hash (SHA-256) on your device. Only the hash is stored in our cloud database — the full phone number is never transmitted or stored on our servers.
• A masked display version (showing only the first 3 and last 3 digits, e.g., "024****890") is stored for display purposes.
• No identifying information about the reporter is stored with the report.
• Reports are aggregated — individual reports are not visible to other users.
• The fraud database is synced to all Agently devices for offline checking.

When you check a number, the hash is computed locally on your device and only the hash value is used to look up the record — the actual phone number is not transmitted to our servers.

9. Cloud Backup

When you use the optional cloud backup feature:

• Transaction data is uploaded to Firebase cloud storage, secured with encryption.
• An anonymous account is created (no email or password required).
• A 12-character recovery code is the only link to your backup data.
• Backup data is not shared with any third parties.
• You can request deletion of your backup data by contacting support.

10. Marketplace & Community Data

When you use the Marketplace or Community features:

• Listings and posts you create are stored on Firebase servers and visible to other agents.
• Your agent display name is shown alongside your content.
• Deleted content is removed from our servers.
• Reported content may be reviewed by the Agently team.

11. Remote Monitoring

When you use the Remote Monitoring feature:

• Agents generate a one-time 6-digit access code to share with a designated monitor. Codes expire after 10 minutes and can only be used once.
• Once access is granted, the monitor can view the agent's daily transaction summary (total cash in, cash out, closing balance). No individual transactions or PINs are visible.
• Access relationships are stored on Firebase servers and persist until revoked by the agent.
• Agents can view and revoke all active monitor access from within the App at any time.
• Daily summaries are written by the agent's device and stored under their anonymous account. They are only accessible to accounts that have been explicitly granted access.

12. Your Rights

• You can delete all local data by clearing the App's data or uninstalling it.
• You can request information about data we process by contacting support.
• You can opt out of the service at any time by not renewing your subscription.

13. Children's Privacy

The App is intended for licensed mobile money agents and is not designed for use by individuals under the age of 18.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be communicated through the App. Continued use after changes constitutes acceptance.

15. Contact

For privacy-related questions or concerns:
Email: privacy@agentlygh.com