Magic Home

Legal

Privacy Policy

Effective Date: April 24, 2026 | App Name: Magic Home | Publisher: Linoop K K

This Privacy Policy explains what information we collect, how we use it, how we share it, and the choices available to you.

1. Information We Collect

1.1 Account and Authentication Information

  • Email address
  • Display name and profile photo URL (if provided by your sign-in provider)
  • Firebase user ID and provider identifiers
  • Authentication tokens required to keep you signed in and authorize server requests

1.2 API Key and Server Access Data

  • API key or token associated with your account
  • Firebase ID token for server-side authentication handshake

1.3 Device and Smart-Home Data

  • Device identifiers, names, hostnames, and IP addresses
  • Relay configuration and state
  • Sensor readings such as temperature and humidity
  • Connection status and timestamps

1.4 Camera Data

The app may request camera access to scan QR codes. We do not intentionally store camera images or video on our servers.

1.5 Local Network Information

The app may access local network information, including local IP/network context and nearby device endpoints.

1.6 Support and Diagnostics

We may process technical diagnostics necessary to maintain app functionality, security, and reliability.

2. How We Use Information

  • Authenticate users and maintain secure sessions
  • Register and validate API access with our backend
  • Discover, connect, and control smart devices
  • Sync and display relay, sensor, and device status
  • Provide account recovery and email verification flows
  • Improve reliability, security, and performance

3. Legal Bases (Where Applicable)

  • Performance of a contract for core app features you request
  • Legitimate interests for security, fraud prevention, and service reliability
  • Consent where required for permissions and certain platform features
  • Legal obligations where processing is required by law

4. How We Share Information

  • Firebase Authentication (Google LLC) for account authentication
  • Google Sign-In and Apple Sign-In providers when chosen by you
  • Your configured backend services for token validation, metadata, and control APIs

We do not sell your personal information.

5. Data Storage and Security

  • Sensitive tokens are stored using platform secure storage where available
  • Additional app settings and preferences may be stored locally on your device
  • Data in transit is protected using HTTPS and secure WebSocket channels where configured

6. Data Retention

  • Operational data is retained as long as needed to provide services
  • Locally stored data remains on your device until cleared, uninstalled, or sign-out
  • You may request deletion of your account data by contacting us

7. Your Choices and Rights

  • Sign out and remove app data from your device at any time
  • Revoke camera and network permissions in system settings
  • Request access, correction, or deletion of personal data

8. Platform-Specific Notes

Android

  • Internet access is required for authentication, API validation, and device communication
  • Camera access may be requested for QR scanning features

iOS

  • Camera access may be requested for QR scanning features
  • Sign in with Apple is used when Apple authentication is selected

9. Children Privacy

The app is not directed to children under 13 (or local minimum age), and we do not knowingly collect their data.

10. International Data Transfers

Your information may be processed in countries other than your own, subject to applicable safeguards.

11. Changes to This Privacy Policy

We may update this policy from time to time and will publish revisions with a new effective date.

Compliance note: Align this policy with your App Store privacy answers, Google Play Data safety form, and backend-specific retention and security practices.