Privacy Policy for Anvil

Last Updated: 18 November 2025

1. Introduction

Welcome to Anvil ("we," "our," or "us"). This Privacy Policy explains how we handle information when you use our mobile application ("App").

We are committed to protecting your privacy. This policy describes our practices regarding data collection, use, and disclosure.

2. Data Collection

Anvil collects the following types of data:

2.1 Personal Information

Email Addresses: Collected when you sign in using Google Sign-In (OAuth). This is required for account creation and authentication. Your email is stored by Firebase Authentication and is used solely for account management purposes.

2.2 Usage Analytics

App Activity Data: We collect anonymous usage analytics through PostHog, including:
- Screen views and navigation patterns
- Feature usage (button presses, interactions)
- Session duration and app lifecycle events
This data is anonymous and does not include personal information or the content of your reading insights.

2.3 Crash Reports

Error Logs: We collect anonymous crash reports and error logs through Firebase Crashlytics to help us identify and fix bugs. These reports do not include personal information or user content.

2.4 User Content

Reading Insights ("Ingots"): All reading insights, categories, and app preferences you create are stored locally on your device only. This content is never transmitted to our servers or third parties.

            Important: Your reading insights and personal notes are stored exclusively on your device and are never transmitted over the internet or shared with third parties.
        

3. Account Creation

Anvil supports account creation through:

OAuth (Google Sign-In): You can create an account by signing in with your Google account. This uses Firebase Authentication and requires your Google email address.

The app does not support traditional username/password authentication.

4. Data Storage

All data entered into Anvil is stored as follows:

User Content (reading insights, categories, preferences): Stored locally on your device using Android's standard app-specific storage mechanisms. This data is never transmitted over the internet or stored on external servers.
Email Address: Stored by Firebase Authentication (Google's service) for account management.
Analytics Data: Stored by PostHog in anonymized form.
Crash Reports: Stored by Firebase Crashlytics in anonymized form.

5. Data Sharing

Anvil shares data with the following third-party service providers:

5.1 PostHog Analytics

Purpose: To understand app usage and improve the app experience
Data Shared: Anonymous usage analytics (screen views, feature usage, session data)
Personal Information: None
User Content: None
Privacy Policy: https://posthog.com/privacy

5.2 Firebase (Google)

Purpose: Authentication (Google Sign-In) and crash reporting
Data Shared:
- Email addresses (for authentication only)
- Anonymous crash reports and error logs
Privacy Policy: https://firebase.google.com/support/privacy

When you export insights as PDF or share content via Android's native share sheet, you have complete control over what is shared and with whom. The app does not facilitate sharing through its own servers or services.

6. Data Security

6.1 Encryption in Transit

All data transmitted over the internet is encrypted in transit using HTTPS/TLS:

PostHog Analytics uses HTTPS for all data transmission
Firebase services use HTTPS by default
All network traffic is encrypted

6.2 Data at Rest

User content stored locally on your device is protected by:

Android's file system encryption
Your device's security measures (screen lock, device encryption, etc.)
App-specific storage directory (isolated from other apps)

7. Account and Data Deletion

How to Delete Your Account and Data

You can request deletion of your account and associated data in the following ways:

7.1 In-App Deletion (Recommended)

You can delete your account and all associated data directly from within the app:

Open the Anvil app
Go to Settings
Scroll to the Account section
Tap Delete Account
Confirm the deletion (you will be asked to confirm twice)

What gets deleted:

Your Firebase Authentication account (email)
All local app data (reading insights, categories, preferences)
Analytics user identity (reset in PostHog)

What may be retained:

Anonymous analytics data in aggregated form (cannot be linked to you)
Anonymized crash reports (cannot be linked to you)

7.2 Contact Us for Deletion

If you prefer, you can also request account deletion by contacting us at:

Email: kavanthosani2003@gmail.com
Subject: Account Deletion Request

Please include your email address associated with the account in your request. We will process your deletion request within 30 days.

7.3 Alternative Methods

You can also delete all app data by:

Uninstalling the app (this removes all local data from your device)
Clearing app data from Android Settings → Apps → Anvil → Storage → Clear Data

Note: These methods will delete local data but may not delete your Firebase Authentication account. For complete account deletion, use the in-app deletion feature or contact us.

7.4 Partial Data Deletion

The app does not currently support partial data deletion (deleting some data while keeping your account). However, you can:

Delete individual reading insights ("ingots") from within the app
Delete categories (which removes associated insights)

For complete data deletion, you must delete your account.

8. Permissions

Anvil requires no special permissions. The app uses:

Standard Android storage mechanisms for local data persistence (no permission required on Android 10+)
Google Sign-In authentication (uses standard Android authentication flows)

If you choose to export insights as PDF or share content via Android's native share sheet, you have complete control over what is shared and with whom.

9. Children's Privacy

Anvil is suitable for users of all ages. We do not knowingly collect personal information from anyone, including children under 13 years of age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

10. Your Rights

You have the following rights regarding your data:

Access: You can access all your data through the app. Your reading insights are stored locally and accessible at any time.
Deletion: You can delete your account and all associated data using the methods described in Section 7.
Export: You can export your reading insights as PDF using the app's export feature.
Correction: You can edit or delete individual insights and categories within the app.

11. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The "Last Updated" date at the top of this policy will reflect any changes.

We encourage you to review this policy periodically to stay informed about how we handle your information. Continued use of the app after changes to this policy constitutes acceptance of those changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: kavanthosani2003@gmail.com

We will respond to your inquiry within 30 days.

13. Consent

By using Anvil, you consent to this Privacy Policy. If you do not agree with this policy, please do not use the app.

If you have already created an account and no longer agree with this policy, you can delete your account using the methods described in Section 7.

This privacy policy is effective as of 18 November 2025 and applies to all versions of the Anvil app.