Privacy Policy

Updated: January 19, 2026

This privacy notice is to let you know how the LimitX Browser collects and processes your personal information.

This notice provides you with information regarding your rights and explains how, why and when we collect and process your personal data.

Important Update: As of our latest version, LimitX Browser requires user accounts for premium features and data synchronization. This means we collect and securely store account information on our backend servers.

If you have any questions or want to exercise any of your rights set out in this privacy notice, please contact us at privacy@limitx.app.

About us

We are LimitX Browser Development Team.

We can be contacted by email at support@limitx.app or downlabs2028@gmail.com.

Our business address is Lahore, Punjab, Pakistan.

What this notice covers

This privacy policy covers the LimitX Browser only and the way we collect, process, and store data as part of the service.

Privacy First

LimitX Browser is designed with privacy and family safety as core principles. Content filtering happens locally on your device, but account features require secure backend storage for synchronization.

LimitX Browser ("we," "our," or "the app") is committed to protecting your privacy while providing comprehensive parental control and content filtering features.

Privacy Overview
Information We Collect
App Permissions & Usage
How We Use Your Data
Data Sharing & Third Parties
Account Data & Backend Storage
Parental Controls & Children's Privacy
Advertising & Analytics
Data Security
Your Privacy Rights
International Users
Policy Updates
Contact Information

Privacy Overview

Privacy First:

LimitX Browser is designed with privacy and family safety as core principles. Content filtering and keyword detection happen locally on your device. However, to enable premium features and cross-device synchronization, we require user accounts and securely store necessary data on our backend servers.

LimitX Browser ("we," "our," or "the app") is committed to protecting your privacy while providing comprehensive parental control and content filtering features. This Privacy Policy explains how we collect, use, protect, and share information when you use our browser application.

Key Privacy Principles:

Local Processing: Content filtering and keyword detection happen on your device
Minimal Data Collection: We only collect data necessary for app functionality and account management
Secure Backend: Account and subscription data is encrypted and stored securely
User Control: Full control over privacy settings and data sharing
Child Protection: Special protections for users under 18
Mandatory Accounts: Accounts are required for premium features and data synchronization

Information We Collect

Information You Provide Directly

Account Information: Email address, name (required for account creation), preferences, settings
Configuration Data: Parental control settings, blocked keywords, website preferences
Feedback: Bug reports, feature requests, support communications

Information Collected Automatically

App Usage Data: Features used, settings changed, crash reports, session counts, usage time
Device Information: Device model, OS version, app version, device ID, Android ID
Performance Data: App performance metrics, error logs
Content Protection Data: Keyword detection events, violation logs, block actions (processed locally)
Subscription Data: Purchase tokens, order IDs, product IDs, subscription status, expiry dates

Information Stored on Our Servers

With your account, the following data is securely stored on our backend servers (Supabase):

User Profile: Name, email address, account creation date
Device Registry: Device IDs, device names, registration dates, last active timestamps
Subscription Records: Purchase history, subscription status, device limits
Usage Statistics: Streak data, violation counts, app sessions (aggregated)
Violation Logs: Keyword detection events, app names, action timestamps (for accountability)

What We DON'T Collect

Your browsing history or visited websites
Personal conversations or messages from other apps
Passwords, login credentials, or personal documents
Photos, videos, or files stored on your device
Location data or GPS coordinates
Contact lists or phone numbers
Full content of monitored text (only keyword matches and context snippets)

App Permissions & Usage

LimitX Browser requires certain Android permissions to provide parental control and security features. Here's exactly how each permission is used:

Accessibility Services

Purpose: Monitor text input across social media apps to detect inappropriate keywords and prevent bypass of parental controls
Data Access: Text content for keyword matching only (processed locally)

Device Admin

Purpose: Prevent unauthorized disabling of parental controls by tech-savvy children
Data Access: System settings access monitoring

Query All Packages

Purpose: Show installed apps in share menu when sharing web content
Data Access: List of installed app names

Install Packages

Purpose: Install browser extensions (.xpi files) and handle APK downloads
Data Access: Downloaded package files

Internet Access

Purpose: Browse websites, download content, sync settings (optional)
Data Access: Web requests for browsing

Storage Access

Purpose: Save downloads, cache web content, store app preferences
Data Access: Downloaded files and app data

Camera/Microphone

Purpose: Web-based video calls, media capture on websites
Data Access: Media content when explicitly granted by user

Notification Access

Purpose: Show download progress, parental control alerts, service status
Data Access: Notification content we create

Important: All content monitoring and keyword detection happens locally on your device. We do not transmit your browsing content, messages, or personal communications to our servers.

How We Use Your Data

Core App Functionality

Provide web browsing capabilities
Filter inappropriate content in real-time
Block access to harmful websites
Monitor social media apps for keyword violations
Maintain parental control settings

Service Improvement

Analyze app performance and fix bugs
Understand feature usage to improve functionality
Develop new safety and security features
Optimize content filtering algorithms

Communication

Send important security updates
Provide customer support
Notify about new parental control features
Share safety tips and best practices

Legal Compliance

Comply with applicable laws and regulations
Respond to legal requests and court orders
Prevent fraud and abuse
Protect the safety of users and the public

Data We DO NOT Share

Your browsing history or website visits
Personal messages or social media content
Full text content from monitored apps (only keyword matches)
Parental control configurations (stored locally)
Any personally identifiable information without consent

Data Sharing with Service Providers

We share necessary data with trusted third-party service providers to provide our services:

Supabase (Backend Database)

Purpose: User account management, data synchronization, subscription processing
Data Shared: User profiles, device information, subscription data, usage statistics, violation logs
Security: End-to-end encryption, SOC 2 compliance, GDPR compliant
Location: Data stored in secure cloud infrastructure

Google Play Billing

Purpose: Processing premium subscriptions and purchases
Data Shared: Purchase tokens, order IDs, product information
Security: Handled through Google's secure billing infrastructure

Limited Analytics Sharing

Crash Reporting: Technical data to fix bugs and improve stability
Performance Monitoring: Aggregated, anonymized usage statistics

Legal Requirements

When required by law or court order
To protect the safety of children or prevent harm
To investigate fraud or security breaches
To enforce our Terms of Service

Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of the business transaction, subject to the same privacy protections.

Account Data & Backend Storage

Mandatory Account System

LimitX Browser requires user accounts to access premium features and enable data synchronization across devices. This account system is designed with privacy in mind:

Secure Authentication: Uses industry-standard encryption for login credentials
Data Encryption: All account data is encrypted at rest and in transit
Minimal Collection: Only essential information for account functionality
User Control: Full ability to view, update, and delete account data

Backend Data Storage

We use Supabase, a secure backend-as-a-service platform, to store account-related data:

Stored Data Types:

User Profiles: Name, email, account creation/update timestamps
Device Management: Registered device IDs, names, activity timestamps
Subscription Records: Purchase history, active subscriptions, device limits
Usage Analytics: Aggregated app usage statistics for service improvement
Accountability Logs: Content protection events for parental oversight

Security Measures:

End-to-End Encryption: All data encrypted using AES-256
Access Controls: Row-level security ensures users only access their own data
Compliance: SOC 2 Type II and GDPR compliant infrastructure
Data Minimization: Only necessary data is stored for service functionality

Data Synchronization

Account data enables seamless synchronization across your devices:

Premium subscription access on all registered devices
Parental control settings sync (where appropriate)
Usage statistics and streaks across devices
Account preferences and settings

Account Requirement: While accounts are required for premium features, you can use basic browsing functionality without an account. However, content protection features and cross-device synchronization require account creation.

Parental Controls & Children's Privacy

COPPA Compliance

LimitX Browser complies with the Children's Online Privacy Protection Act (COPPA) and takes special measures to protect children's privacy:

Parental Consent: Parents must set up and configure all monitoring features
Limited Data Collection: Minimal data collection from users under 13
Local Processing: All content filtering happens on the device
No Behavioral Advertising: No targeted ads for users under 13
Secure Storage: All child-related data is encrypted and stored locally

Parental Rights and Controls

Parents have full control over:

All app settings and configurations
Which apps are monitored for content
Keywords and content that trigger blocks
Notification preferences and alerts
Data sharing and privacy settings
Ability to disable all monitoring features

Teen Privacy (13-17 years)

Transparent notifications when monitoring is active
Age-appropriate privacy controls
Gradual increase in privacy as teens mature
Educational resources about online safety

Advertising & Analytics

Advertising

LimitX Browser may display advertisements to support free features. Our advertising practices:

Age-Appropriate Ads: No adult content or inappropriate ads
Family-Safe Content: All ads are vetted for family appropriateness
Limited Tracking: Minimal use of advertising identifiers
Opt-Out Available: Premium versions available without ads

Advertising Partners:

Google AdMob: Serves contextual advertisements
Data Shared: Device type, app usage patterns, general location (country/region)
Tracking: Uses advertising ID for frequency capping and attribution

Analytics

We use analytics to improve app performance and user experience:

Usage Analytics: Which features are used most often
Performance Monitoring: App crashes, load times, errors
User Feedback: Feature requests and satisfaction surveys
Anonymization: All analytics data is anonymized and aggregated

Data Security

Security Measures

We implement industry-standard security measures to protect your data:

Encryption: All sensitive data is encrypted at rest and in transit
Local Storage: Most data is stored securely on your device
Access Controls: Strict access controls for any server-side data
Regular Audits: Regular security audits and vulnerability assessments
Secure Communication: All network communications use HTTPS/TLS

Data Retention

Local Data: Stored on your device until you uninstall the app or clear app data
Account Data: Retained for the lifetime of your account, deleted upon account deletion
Subscription Data: Retained for billing compliance and subscription management
Violation Logs: Retained for 2 years for accountability and service improvement
Analytics Data: Aggregated data retained for 24 months maximum
Support Data: Customer support communications retained for 2 years
Legal Data: Data required for legal compliance retained as required by law

Data Breach Response

In the unlikely event of a data breach, we will:

Notify affected users within 72 hours
Report to relevant authorities as required by law
Take immediate action to secure systems
Provide clear information about what data was affected
Offer assistance and remediation measures

Your Privacy Rights

Access and Control

You have the right to:

Access: View all data we have about you
Correct: Update or correct inaccurate information
Delete: Request deletion of your personal data
Export: Download your data in a portable format
Restrict: Limit how we process your data
Object: Opt out of certain data processing activities

How to Exercise Your Rights

To exercise your privacy rights:

Email us at: privacy@limitx.app
Use the in-app privacy settings menu
Contact our support team through the app
We will respond within 30 days

Account Deletion

To delete your account and all associated data:

Go to Settings → Account → Delete Account in the app
Or email privacy@limitx.app with your request
We will delete all your data from our servers within 30 days
Local data on your device will be removed when you uninstall the app
Some data may be retained for legal compliance or fraud prevention

International Users

GDPR Compliance (EU Users)

For users in the European Union, we comply with the General Data Protection Regulation (GDPR):

Legal Basis: Processing based on legitimate interests and consent
Data Subject Rights: Full GDPR rights as outlined in Section 9
Data Protection Officer: Available at dpo@limitx.app
Supervisory Authority: You may file complaints with your local DPA

Other International Laws

CCPA (California): Full compliance with California Consumer Privacy Act
PIPEDA (Canada): Compliance with Personal Information Protection Act
Privacy Act (Australia): Compliance with Australian Privacy Principles

Data Transfers

When data is transferred internationally, we ensure:

Adequate protection measures are in place
Standard contractual clauses are used
Data is encrypted during transfer
Recipient countries have adequate protection laws

Policy Updates

We may update this Privacy Policy from time to time to reflect:

Changes in our data practices
New features or functionality
Legal or regulatory requirements
User feedback and suggestions

Notification of Changes

When we update this policy, we will:

Update the "Last Updated" date at the top
Notify users through the app
Email registered users about significant changes
Provide 30 days notice for material changes
Highlight what has changed

Acceptance

Continued use of LimitX Browser after policy updates constitutes acceptance of the new terms. If you don't agree with updates, you may stop using the app and delete your account.

Questions or Concerns?

If you have questions about this Privacy Policy or our data practices:

Business Address:

LimitX Browser Development Team
downlabs2028@gmail.com
Lahore, Punjab, Pakistan

GitHub:

github.com/HamzaaAkmal/LimitX-Browser

Response Time: We aim to respond to all privacy inquiries within 30 days.