Security SPY is designed to protect your own personal device against unauthorized access by thieves, snoops, or anyone who handles your phone without your permission.
Do not install this app on any device you do not own. Using this app to capture photographs of another person without their knowledge and consent may violate stalking laws, biometric privacy statutes (such as Illinois BIPA, Texas CUBI, EU GDPR Article 9, Brazil LGPD), wiretap laws, and other applicable regulations in your jurisdiction. You, the user, are solely responsible for the legal context in which you deploy this app.
This Privacy Policy explains how Security SPY ("the app"), developed by RORE Tech LLC, a Massachusetts limited liability company ("RORE Tech LLC", "we", "us", or "our"), handles information on your device. Security SPY is a personal anti-theft and device security application for Android. It captures a single photograph from the front-facing camera when an app or system screen the device owner has marked sensitive is opened, allowing the owner to identify unauthorized access to their device.
This policy applies to all versions of the Security SPY app available on the Google Play Store under the package name com.rore.securityspy.
All data Security SPY collects stays on your device. RORE Tech LLC operates no servers that receive or store user data from this app.
| Data Type | Collected? | Where Stored | Transmitted? |
|---|---|---|---|
| Photographs (front camera, captured at the moment a tagged item is opened) | Yes โ locally | Encrypted on-device vault | Never |
| Owner facial geometry ratios (numerical, derived on device) | Yes โ locally | Device SharedPreferences | Never |
| Event log (timestamp + name of tagged item that was opened) | Yes โ locally | Local file in app private storage | Never |
| List of apps and system screens you have tagged | Yes โ locally | Device SharedPreferences | Never |
| Your PIN for app entry | Yes โ locally | Device SharedPreferences (hashed) | Never |
| Location data | No | โ | Never |
| Device identifiers (IMEI, Advertising ID) | No | โ | Never |
| Contact information (name, email, phone) | No | โ | Never |
| Screen content from other apps | No | โ | Never |
| Keystrokes, audio, video, or text from other apps | No | โ | Never |
| Crash reports | Yes โ anonymized | Google Play Services (Android Vitals) | Standard Android crash reporting only โ no personal data |
Security SPY uses the device's front-facing camera to capture a single photograph when an app or system screen the owner has marked sensitive is opened. This is the core anti-theft function of the app.
Camera access is initiated only at the moment a tagged item is opened. The camera does not stay on, the app does not record video, the app does not stream the camera to any service, and the camera is not accessed at any other time.
Camera indicator visibility. Whenever the camera is active, Android displays a green camera indicator at the top of the screen. This is a system-level Android privacy feature (Android 12 and later) and Security SPY does not โ and cannot โ disable it. On most devices the camera shutter sound also plays when a photo is captured; this is enforced by Android (and required by law in some regions such as Korea and Japan). Security SPY does not, and cannot, suppress the shutter sound or the visual indicator.
All photographs are stored immediately in an encrypted, biometric-protected vault on your device. No photograph is ever transmitted off the device under any circumstances.
Owner skip. If you have registered your face as the device owner, photographs that match your face are detected on-device using Google ML Kit and discarded immediately. Only photographs that do not match the registered owner's face are saved to the vault.
During owner registration, the app processes a photograph of the device owner's face using Google ML Kit, which runs entirely on-device. The app computes a set of numerical facial geometry ratios (not a photograph and not a raw biometric template) and stores only those ratios in your device's local storage.
The photograph taken during owner registration is processed in memory and is never stored in raw form. Raw biometric data is never transmitted to RORE Tech LLC, Google, or any third party.
The stored geometry ratios are used only to determine whether to discard a captured photograph (because it matches the owner) or save it (because it does not match). The ratios cannot be reverse-engineered into a photograph of the owner's face.
Deletion. Owner geometry ratios are deleted when you clear app data, uninstall the app, or factory-reset the device. RORE Tech LLC cannot recover this data because we do not hold a server-side copy.
Jurisdictional notice. Some jurisdictions (including Illinois under BIPA, Texas under CUBI, the European Union under GDPR Article 9, and Brazil under LGPD) regulate the collection and processing of biometric data. Although Security SPY processes biometric data exclusively on your own device and transmits nothing externally, you remain responsible for understanding and complying with biometric privacy laws applicable to you.
When the camera captures a photograph and the face does not match the registered owner, the photograph is saved to the on-device vault. This may include photographs of persons other than the device owner.
RORE Tech LLC receives none of these photographs. They are stored only on your device and are visible only to you after you authenticate with your fingerprint or face.
Your responsibility regarding third-party photographs. Many jurisdictions regulate the photographing of individuals without their consent, particularly in private settings or when biometric data is involved. You are solely responsible for ensuring that your use of Security SPY complies with all applicable consent, privacy, biometric, wiretap, and stalking laws in your location. RORE Tech LLC provides this app as a personal device security tool intended for use on the owner's own device against unauthorized access; the legal responsibility for the captured content rests with you, the device owner.
Do not use Security SPY to capture photographs of any person you do not have a lawful basis to photograph. Do not install this app on any device you do not own.
The app uses Android's Accessibility Service API (BIND_ACCESSIBILITY_SERVICE) for one purpose only: to detect the package name of the application or system screen that is currently in the foreground.
This is the only Android API that reliably provides this capability across all Android versions and device manufacturers. The app does not use any other capability of the Accessibility Service.
Specifically, the Accessibility Service used by Security SPY:
The package name detected by the service is checked in memory against your tagged-items list. If the detected package matches a tagged item, the camera capture function is triggered. If it does not match, nothing happens. The package name is then discarded โ it is not stored or logged.
Before any monitoring is enabled, the app shows you a separate in-app consent dialog explaining what the Accessibility Service accesses and how it is used. You must affirmatively consent before the monitoring function is activated. Camera capture requires its own separate consent dialog. You can revoke either consent at any time by disabling the Accessibility Service in Android Settings, by re-opening the camera consent dialog from the dashboard, or by clearing app data.
To remove ambiguity, Security SPY does not include any of the following functionality:
Security SPY uses the following on-device libraries. None of them transmit user data to external services as used in this app:
| Library | Purpose | Data Shared with the Library Vendor |
|---|---|---|
| Google ML Kit (Face Detection โ bundled model) | On-device face detection and geometry computation | None โ runs entirely on device, no network access |
| AndroidX CameraX | Camera capture | None โ local only |
| AndroidX Biometric | Vault authentication (fingerprint / face unlock via Android OS) | None โ handled entirely by the Android OS |
| Google Play Billing Library | Pro subscription purchases through Google Play | Standard Google Play purchase data โ handled by Google |
| Google Play Services (Android Vitals) | Standard anonymous crash reporting | Anonymized crash data only โ no personal information |
Security SPY offers an optional Pro subscription. All subscription purchases, renewals, refunds, and cancellations are processed and managed exclusively by Google Play Billing.
RORE Tech LLC does not collect, store, process, or have access to your payment information. Credit card details, billing addresses, and transaction records are handled solely by Google in accordance with the Google Privacy Policy.
To manage or cancel your subscription, visit Google Play Store โ Menu โ Subscriptions on your Android device, or visit play.google.com/store/account/subscriptions.
Subscriptions auto-renew unless cancelled. You can cancel at any time through Google Play. The app receives only an anonymous entitlement signal from Google Play indicating whether your subscription is active. This signal contains no personal information.
All data stored by Security SPY โ including photographs in the vault, the event log, owner geometry ratios, your PIN, and your list of tagged items โ is stored exclusively on your device and remains entirely under your control.
RORE Tech LLC has no ability to access, retrieve, or delete data stored on your device, as we do not have any server-side copy of your data.
How to delete your data
To delete all data stored by Security SPY, use either of the following methods:
Option 1 โ Clear app data:
Android Settings โ Apps โ Security SPY โ Storage โ Clear Data
This deletes all photographs, the event log, owner geometry ratios, your PIN, and all tagged-item settings.
Option 2 โ Uninstall the app:
Long-press the Security SPY icon โ Uninstall
This removes the app and all associated data permanently.
Data types deleted: All captured photographs, facial geometry ratios, event log, PIN, tagged-items list, and all app settings. No data is retained after deletion as RORE Tech LLC holds no server-side copy.
For deletion assistance, contact us at privacy@roretech.com
Security SPY is not directed at children. We do not knowingly collect personal information from children. The app is intended for adults to protect their own personal devices. Parents and guardians should not install Security SPY on a child's device for the purpose of monitoring the child โ Google Play offers a separate category of parental control applications designed for that purpose.
We may update this Privacy Policy from time to time. Any changes will be reflected by an updated "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.
If you have any questions about this Privacy Policy or how Security SPY handles data on your device, please contact us:
RORE Tech LLC
4 Canton St, Sharon, MA 02067, United States
Privacy inquiries: privacy@roretech.com
General support: support@roretech.com