// legal & privacy

Privacy Policy

Plain language. No surprises.

Last updated: May 2026
On this page
01 Who we are 02 What Snaphook collects 03 How we use your data 04 Anonymized threat intelligence 05 Data retention 06 Your rights under RA 10173 07 Security 08 Children 09 Changes to this policy 10 Contact
01

Who we are

Gérant is a Philippine-based technology company. We operate Snaphook — a community-powered mobile security application that detects rogue cell towers and SMS phishing attempts.

This policy explains what data Snaphook collects, why, how it is used, and what rights you have as a user. We've written it in plain language because we believe you deserve to actually understand it.

Contact
[email protected]
Website
thesnaphook.app
02

What Snaphook collects

Automatically collected — when monitoring is active
  • Cell tower data — Cell ID, network codes (MCC/MNC), signal strength, and radio type. Used to detect network anomalies. Never linked to your identity.
  • Approximate location — Rounded to 4 decimal places (~11 meters precision). Used to map threat zones. Stored anonymously with no connection to your account or device.
  • Threat scores — Numerical scores assigned to detected anomalies. No personal context is attached.
Optionally collected — only if you enable SMS Protection
  • A one-way hash of the sender number — We apply SHA-256 to the SMS sender's number on your device. The resulting hash is a fixed-length code that cannot be reversed back to the original number. The original number is never stored or transmitted.
  • The reason a message was flagged — For example: "suspicious URL detected" or "matches known phishing template." The content of the message itself is never stored or transmitted.
Never collected — under any circumstance
  • Your name, email address, or phone number
  • The content of your SMS messages
  • Your device ID or IMEI
  • Precise GPS coordinates
  • Any information that could identify you personally
03

How we use your data

To protect you
  • Detecting rogue cell towers and anomalous network behavior in real time
  • Identifying SMS phishing patterns entirely on your device — SMS content never leaves it
To protect the community
  • Anonymized threat sightings are aggregated to build a crowd-sourced map of dangerous zones across the Philippines
  • No individual can be identified from this aggregated data
We do not use your data for
  • Advertising, marketing, or behavioral profiling
  • Selling personal information to third parties
  • Any purpose not explicitly described in this policy
04

Anonymized threat intelligence

Snaphook may share or license aggregated, anonymized threat intelligence — such as hotzone locations, tower anomaly patterns, and detection statistics — with telecommunications companies, government agencies, or security researchers to improve public safety in the Philippines.

This data is derived from many users' reports combined together. It describes threat patterns and locations, not individuals. It cannot be traced back to any individual user.

An example: "There were 12 anomalous tower sightings near coordinates 14.55, 121.02 in the past week" is threat intelligence. It tells us about a threat zone — it does not tell us who reported it or who was in the area.
05

Data retention

  • Threat history on your device — Stored for 5 days by default. This is configurable. Older records are automatically deleted.
  • Anonymized sightings on our servers — Retained for up to 12 months, then permanently deleted. These are not linked to any individual.
  • SMS quarantine data — Stored on your device only. Never transmitted to our servers. Deleted when you clear your quarantine, or when you uninstall the app.
06

Your rights under RA 10173

Under the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), you have the following rights as a data subject:

  • Right to be informed — To know what data we hold about you. Because Snaphook is designed to collect no personally identifiable information, we hold none that is linked to you as an individual.
  • Right to erasure — To request deletion of any data associated with your usage. Contact us at [email protected] and we will process your request.
  • Right to withdraw consent — At any time, by disabling monitoring features within the app or by uninstalling Snaphook entirely. No account deletion process is required.
  • Right to lodge a complaint — With the National Privacy Commission if you believe your rights have been violated. Visit privacy.gov.ph for details.
To exercise your rights

Email us at [email protected]. We will respond within 15 business days as required by RA 10173.

07

Security

  • All data in transit is encrypted via HTTPS/TLS
  • SMS content never leaves your device — all scanning is local
  • Server-side data is stored in a secured PostgreSQL database with access controls and encryption at rest
  • We conduct regular security reviews of the application and infrastructure
08

Children

Snaphook is not intended for users under the age of 18. We do not knowingly collect data from minors. If you believe a minor has used Snaphook and data may have been collected, please contact us at [email protected] and we will take appropriate action.

09

Changes to this policy

If we make material changes to this privacy policy — meaning changes that meaningfully affect how we collect or use data — we will notify you via an in-app notification before those changes take effect.

Minor changes (typo fixes, clarifications that do not alter meaning) may be made without notice. The latest version of this policy is always available at thesnaphook.app/privacy. The "Last updated" date at the top of this page reflects when the most recent change was made.

10

Contact

Questions, concerns, or requests related to this privacy policy or your data rights can be directed to us at any time.

Company
Gérant
Email
[email protected]
Website
thesnaphook.app