Privacy Policy

Last updated: March 30, 2026

This Privacy Policy describes how HQPDcontrol ("the App"), operated by Aleš Procházka ("we", "us", "our"), handles information when you use our mobile application for Android and iOS.

We are committed to protecting your privacy. The App is designed to keep your data on your device whenever possible.

1. Information Stored Locally on Your Device

The following data is stored exclusively on your device and is never transmitted to us:

• Music library metadata — album, track, artist, genre, and audio format information synchronized from your HQPlayer instance to a local SQLite database.
• User preferences — display settings (theme, column count, sort order), playback preferences (shuffle, repeat), and other configuration choices, stored in platform-native preferences (SharedPreferences on Android, UserDefaults on iOS).
• HQPlayer connection settings — the IP address and port of your HQPlayer instance.
• Album artwork cache — cover art images cached locally with a user-configurable size limit.
• HIGHRESAUDIO credentials — if you use the HRA streaming integration, your HRA username and password are stored in platform-native secure storage (Android Keystore / iOS Keychain). These credentials are only transmitted to the HIGHRESAUDIO API for authentication and are never sent to us or any other party.

2. Information Transmitted to Third-Party Services

2.1 HQPlayer (Local Network)

The App communicates with your HQPlayer instance over a direct TCP connection on your local network. Data exchanged includes playback commands, library synchronization requests, and audio status updates. This communication stays within your local network and uses encrypted session authentication (ECDH key exchange with ChaCha20-Poly1305) to protect sensitive data such as streaming URLs.

2.2 HIGHRESAUDIO (HRA)

If you use the HRA streaming feature, the App communicates with the HIGHRESAUDIO API (streaming.highresaudio.com) to:

• Authenticate with your HRA account credentials.
• Browse your albums and playlists.
• Search the HRA catalog.
• Retrieve streaming URLs for playback via HQPlayer.

This data is governed by the HIGHRESAUDIO Privacy Policy.

2.3 RevenueCat (Subscription Management)

We use RevenueCat to manage in-app subscriptions. RevenueCat processes:

• An anonymous device-based identifier (no personal account is created with us).
• Subscription status and purchase transactions via the Apple App Store or Google Play Store.

RevenueCat does not receive your name, email, or any data about your music library. For details, see the RevenueCat Privacy Policy.

2.4 Sentry (Crash Reporting)

We use a self-hosted Sentry instance located in the European Union to collect crash reports and error logs. When the App encounters an error, the following may be sent:

• Error messages and stack traces.
• Basic device information (OS version, device model).

Sentry does not collect user behavior analytics, personally identifiable information, or any data about your music library. Automatic session tracking is disabled. Only 1% of performance transactions are sampled.

2.5 Network Discovery (Local Network)

The autodiscovery feature sends a UDP multicast message on your local network to find HQPlayer devices. This communication is entirely local and no data leaves your network.

3. Information We Do Not Collect

We want to be explicit about what the App does not collect:

• No user accounts are created with us — we do not collect your name, email, or any personal identity.
• No analytics or behavioral tracking of any kind.
• No advertising identifiers or ad-related data.
• No location data.
• No access to your contacts, camera, microphone, or personal files.
• No data about your music library is ever transmitted to us.

4. Data Storage and Security

• On-device data is stored using platform-standard mechanisms: SQLite for the music library, SharedPreferences/UserDefaults for settings, and Keychain/Keystore for sensitive credentials.
• Crash reports are stored on our self-hosted Sentry instance in the European Union.
• Subscription data is managed by RevenueCat and the respective app store (Apple/Google).
• Communication with HQPlayer is protected by ChaCha20-Poly1305 authenticated encryption with ECDH key exchange and Ed25519 signatures.

5. Data Retention

• Local data persists on your device until you clear the App data or uninstall the App.
• Crash reports are retained on our Sentry instance for up to 90 days.
• Subscription records are retained by RevenueCat and the app stores according to their respective retention policies.

6. Children’s Privacy

The App is not directed at children under the age of 16. We do not knowingly collect personal information from children.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access — request information about what data we hold.
• Deletion — request deletion of crash report data from our Sentry instance.
• Portability — your local data is stored on your own device and is under your control.
• Objection — you can disable crash reporting by contacting us.

Since almost all data stays on your device, you have direct control over it. Uninstalling the App removes all locally stored data.

For data held by third-party services (RevenueCat, HIGHRESAUDIO), please refer to their respective privacy policies to exercise your rights.

8. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. We encourage you to review this page periodically.

9. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

• Email: Aleš Procházka