Privacy Policy

Effective date: 22 May 2026 · App: codes. — Vouchers & Promo Manager · Publisher: EVDiag

Short version: codes. stores everything locally on your device. We do not track you, collect analytics, or run any servers that receive your data. The only external service is RevenueCat for processing one-time in-app purchases.

1. Who we are

codes. is an application published by EVDiag. For privacy questions, contact us at service@evdiag.net.

2. What data the app collects

On-device data: The app stores your promo codes, voucher templates, customer contact entries, team configuration, and category settings locally on your device. This data is held in your device's local storage and never transmitted to any server controlled by us.

No analytics or telemetry: We do not embed any analytics SDK, crash reporting service, or telemetry collector in the application. We do not know how often you open the app, what features you use, or what data you create.

No account: The app does not require you to create an account or log in. We do not maintain any user profile or identifier under our control.

3. Permissions the app requests

The app may request these device permissions, all used exclusively for the stated purpose:

Camera: to scan QR codes for voucher redemption and team setup. Scans are processed entirely on your device.
Notifications: to schedule local reminders (e.g. daily team status reports). Notifications originate from your device, not from any remote server.
Photo library / storage: to save voucher images and PDF exports you choose to create. We do not read existing files except those you specifically open with codes..
Internet: used only for in-app purchase processing (see Section 4) and for opening external links you explicitly tap (such as this privacy policy).
Bluetooth (Android only): reserved for future thermal-printer support. Currently unused. Declared with the neverForLocation flag — never used to determine location.

4. Third-party services

RevenueCat (privacy.revenuecat.com) processes in-app purchases. When you make a purchase, RevenueCat receives:

A randomly-generated anonymous identifier for your device
The product purchased (in our case: pro_team_unlock)
The receipt from Apple App Store or Google Play, used to verify the purchase is genuine
Standard transaction metadata (country, price, currency, purchase date)

RevenueCat does not receive any of your code, voucher, customer, or team data. Its role is limited to verifying purchase receipts with Apple/Google and informing the app whether you have an active Pro entitlement.

Apple App Store / Google Play: when you install or update the app, or make an in-app purchase, your interaction with these stores is governed by Apple's and Google's respective privacy policies. We do not control what data they collect.

5. Team transfers (peer-to-peer)

The Pro tier supports a team mode where you can share codes with another device by exchanging encrypted .pcm files (codes. package format). These transfers happen device-to-device through whatever channel you choose (AirDrop, WhatsApp, email, file sharing apps, etc.). The payload is encrypted with AES-GCM using a shared team key that you create. No server controlled by us is involved at any point in this transfer.

Important: if you use a third-party channel like WhatsApp or email to transfer a .pcm file, that channel's privacy policy applies to the file in transit. Once received and opened in codes., the payload is decrypted on-device and processed locally.

6. Data retention

Your local data persists as long as codes. is installed on your device. Uninstalling the app deletes all locally-stored data, with the standard caveats of mobile operating systems (Android and iOS occasionally retain app data backups in iCloud or Google Drive backups if you have enabled them — see Section 9).

Purchase records at RevenueCat are retained per RevenueCat's policy. You may request deletion of your RevenueCat anonymous identifier by contacting us at service@evdiag.net.

7. Children's privacy

codes. is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has interacted with the app and you wish to report a concern, contact service@evdiag.net.

8. Your rights (GDPR, CCPA, and similar laws)

Because we do not collect or store any personal data about you on our servers, most rights under GDPR, CCPA, and similar privacy regulations are satisfied by the fact that there is no data to access, port, or delete on our side.

For data held by RevenueCat (an anonymous device identifier and your purchase history with that identifier), you can:

Request a copy of the data RevenueCat holds about you
Request deletion of your RevenueCat record
Withdraw consent for processing by ceasing to use the app

Contact service@evdiag.net to exercise these rights and we will coordinate with RevenueCat on your behalf.

9. Device backups

If you have enabled iCloud Backup (iOS) or Google Drive Backup (Android), your device's operating system may include codes.'s local data in those backups. Those backups are encrypted by Apple or Google respectively, and we have no access to them. Refer to Apple's and Google's documentation for details on managing your backups.

10. Changes to this policy

If we change this policy, we will update the effective date at the top and post the revised policy at this URL. Material changes will be highlighted in the app's release notes.

11. Contact

For any privacy-related question: service@evdiag.net.