Legal
Privacy Policy
Effective date: April 1, 2026
The short version: Sensitive data is encrypted on your device using AES-256 before it ever leaves your phone. Our servers only store ciphertext — we have no ability to read your contacts, messages, or configuration. We do not sell your data, we do not use it for advertising, and we do not share it with third parties beyond the infrastructure needed to run the app. The caregiver you pair with can see your device configuration — that's the point of the app — but you remain in control and can revoke access at any time.
1. Who we are
Tether Launcher is developed and operated by On The Case Apps. If you have questions about this policy, contact us at [email protected].
2. What data we collect
We collect only what is necessary for the app to function. All sensitive fields are encrypted on your device using AES-256-GCM before being sent to our servers. Encryption keys are generated per device and stored in the Android Keystore — they never leave your device. This means our servers only ever hold ciphertext, and we have no technical ability to read the content of your data.
- Anonymous device identifier — generated automatically on first launch of the Launcher. Used solely to link the device to paired caregivers. No name, email, or personal details are required.
- Location — approximate and precise location is accessed on the Member device to calculate travel time and distance to saved destinations. Location is not stored on our servers; it is used in the moment to perform route calculations and then discarded.
- Contacts — the Launcher reads your device's contacts list so caregivers can import contacts to the app. Contact names, phone numbers, and relationships are encrypted on-device before being stored in the cloud and are only accessible to paired caregivers.
- Phone number — phone numbers are encrypted on-device before being stored as part of the contact list configuration to enable one-tap calling and SMS.
- App usage activity — a timestamp is recorded each time the user interacts with the Launcher. This is used exclusively for the caregiver inactivity alert feature and is not used for analytics or profiling.
- Caregiver account information — caregivers sign in with a Google account. We store their Google account ID and display name to identify them in the pairing relationship.
3. How we use your data
- To provide the core features of the app (home screen customisation, contacts, maps, reminders, emergency alerts)
- To enable real-time configuration sync between a caregiver's device and the Launcher
- To send push notifications for reminders, messages, and SOS alerts
- To alert caregivers when the Launcher user has not been active for a configured period
We do not use your data for advertising, profiling, or any purpose beyond operating the app.
4. Encryption & security
Sensitive data is encrypted on your device using AES-256-GCM before it is transmitted to our servers. Encryption keys are unique to each device, generated locally, and stored in the Android Keystore — they are never uploaded or accessible to us. Our servers store only ciphertext. We have no technical means to read your contacts, messages, home screen configuration, or any other personal data.
In addition to client-side encryption, all data in transit is protected by TLS and all cloud storage is encrypted at rest by our infrastructure provider.
We use Google Firebase as our cloud infrastructure provider. Firebase's security and privacy practices are documented at firebase.google.com/support/privacy.
5. Who can see your data
- Paired caregivers — can see and modify the Launcher's home screen layout, contacts, map destinations, reminders, and emergency configuration. They can see the last-active timestamp. They cannot see call history, message content, or browsing activity.
- On The Case Apps — as the operator of the cloud infrastructure, we can see that data exists in our database, but we cannot read its content. All sensitive fields are encrypted client-side and we do not hold the decryption keys.
- Google / Firebase — as our infrastructure provider, Google processes data in accordance with their terms and privacy policy.
- No one else — we do not sell, rent, or share your data with any other third parties.
6. Data retention
Data associated with a Member device is retained for as long as the device has at least one paired caregiver. When all caregivers are revoked, the device configuration data is eligible for deletion. You can request full data deletion via our account deletion page.
7. Your rights & controls
- Revoke caregiver access — at any time from the Remote Access screen on the Launcher. Revocation takes effect immediately.
- Request data deletion — visit our account deletion page and we will delete all data associated with your device within 30 days.
- Access your data — you can request a copy of the data we hold for your device by emailing us.
8. Children's privacy
Tether Launcher can be used on devices belonging to minors, with a parent or guardian acting as the caregiver. We do not knowingly collect personal information from children independently of their caregiver relationship. If you believe a child's data has been collected without appropriate consent, contact us and we will delete it promptly.
9. Changes to this policy
We may update this policy from time to time. We will notify users of material changes by updating the effective date above. Continued use of the app after changes constitutes acceptance of the revised policy.