PocketOps Privacy Policy

Effective: April 4, 2026

WeaveHub Technologies LLC (“WeaveHub,” “we,” “us,” or “our”) operates the PocketOps mobile application (“App”). This Privacy Policy describes how we collect, use, and protect information when you use PocketOps.

We built PocketOps with a privacy-first architecture. Your CDN provider credentials are stored exclusively on your device and are never transmitted to WeaveHub servers. We do not require account creation, collect personal information for marketing, or serve advertisements.

1. Information We Collect

1.1 Information You Provide

PocketOps does not require you to create an account, provide an email address, or sign in with any identity provider. You may configure API credentials for third-party CDN providers (such as Cloudflare, Fastly, Akamai, and Amazon CloudFront) within the App. These credentials are stored locally in the iOS Keychain on your device and are never transmitted to or accessible by WeaveHub.

1.2 Subscription Information

If you purchase a PocketOps subscription, the transaction is processed entirely by Apple through the App Store. WeaveHub receives a cryptographically signed transaction record (JSON Web Signature) from Apple’s StoreKit framework, which we verify through our licensing service at licensing.weavehub.app. This verification confirms your subscription status and includes:

  • An anonymous transaction identifier assigned by Apple
  • The product identifier of your subscription
  • Transaction timestamps and expiration dates

We do not receive your name, email address, Apple ID, payment method, or billing details through this process.

1.3 Crash Reports

PocketOps uses Firebase Crashlytics, a service provided by Google LLC, to collect crash reports when the App encounters an error. Crashlytics may collect:

  • Device model, operating system version, and device orientation
  • App version and build number
  • A Crashlytics installation UUID (a random identifier tied to the app installation, not to you personally)
  • Crash stack traces and exception information
  • Free disk space and RAM at the time of the crash

Crashlytics does not collect your location, provider credentials, API responses, DNS records, or any content you manage through PocketOps. You can learn more about Firebase’s data practices at firebase.google.com/support/privacy.

1.4 Information We Do Not Collect

To be clear, WeaveHub does not collect:

  • Your name, email address, phone number, or any personal contact information
  • CDN provider credentials, API keys, or tokens
  • DNS records, firewall rules, analytics data, or any configuration you manage through provider APIs
  • Usage analytics, behavioral data, or browsing history within the App
  • Location data
  • Advertising identifiers

2. How Your Data Flows

Understanding the architecture of PocketOps is important for understanding your privacy.

  • Device to Provider APIs: When you use PocketOps to manage your CDN configurations, your device communicates directly with the relevant provider’s API (e.g., api.cloudflare.com, api.fastly.com, cloudfront.amazonaws.com). These API calls travel directly from your device to the provider. WeaveHub does not proxy, intercept, log, or have any access to this traffic.
  • Device to Apple: Subscription purchases and management are handled by Apple’s StoreKit framework directly on your device.
  • Device to WeaveHub: The only communication between PocketOps and WeaveHub servers is subscription license verification, which transmits only the Apple-signed transaction data described in Section 1.2.
  • Device to Google (Crashlytics): Crash data, as described in Section 1.3, is transmitted to Google’s Crashlytics service when the App encounters an error.

3. How We Use Information

We use the limited information we receive for the following purposes:

  • Subscription verification: To confirm your subscription status and provide access to premium features.
  • Crash resolution: To identify, diagnose, and fix bugs and stability issues in PocketOps.
  • App improvement: To understand aggregate crash trends and prioritize engineering work.

We do not use any information for advertising, profiling, or marketing purposes.

4. How We Share Information

We do not sell, rent, or trade any information to third parties. Information is shared only with:

  • Google LLC (Firebase Crashlytics): Receives crash report data as described in Section 1.3, solely for the purpose of providing crash reporting services to us.
  • Apple Inc.: Processes subscription transactions through the App Store. Apple’s privacy practices are governed by Apple’s own privacy policy.
  • Legal obligations: We may disclose information if required by law, regulation, legal process, or enforceable governmental request.

5. Data Retention

  • Credentials and local data: Stored exclusively in your device’s Keychain and App storage. This data persists until you delete it within the App or uninstall PocketOps.
  • Subscription verification records: We retain anonymous transaction verification logs for the duration of your subscription plus 90 days, or as required for financial record-keeping.
  • Crash reports: Retained in Firebase Crashlytics for up to 90 days.

6. Data Deletion

Because PocketOps stores credentials and configuration locally on your device, you have direct control over your data:

  • Delete provider profiles: Remove any configured provider profile within the App to erase its credentials from Keychain.
  • Uninstall the App: Removing PocketOps from your device deletes all locally stored data, including Keychain entries associated with the App.
  • Request server-side deletion: To request deletion of any subscription verification records or crash data associated with your installation, contact us at the address in Section 11. We will process your request within 30 days.

7. Data Security

We implement appropriate technical measures to protect the limited information we process:

  • Provider credentials are stored in the iOS Keychain, which uses hardware-backed encryption.
  • All network communication uses TLS encryption.
  • Subscription verification uses cryptographic signature validation of Apple’s JWS tokens.
  • Our licensing server enforces HTTPS and follows security best practices.

8. Children’s Privacy

PocketOps is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information to us, please contact us and we will take steps to delete such information.

9. International Data Transfers

WeaveHub is based in the United States. Crash report data processed by Firebase Crashlytics may be transferred to and processed in the United States or other countries where Google operates. Subscription verification occurs on servers located in the United States. By using PocketOps, you acknowledge that this limited data may be processed outside your country of residence.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last Updated” date at the top of this page and, where practicable, through an in-app notice. Your continued use of PocketOps after changes become effective constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

WeaveHub Technologies LLC
Email: privacy@weavehub.app