Privacy Policy — EDIVIP
Effective date: March 5, 2026
Last updated: March 5, 2026
EDIVIP (“we,” “our,” or “us”) is an Android application that helps you prepare, validate, and submit US Diversity Visa Lottery photographs and applications. This privacy policy explains what data we collect, why we need it, how we use it, and your rights regarding your information.
Summary
We collect only the data necessary to provide the app's features. Photos and sensitive form data stay on your device. We do not sell your personal data.
1. Permissions We Request and Why
The app requests the following permissions. Below we explain each one and how it is used.
Camera
Why we need it: The core feature of EDIVIP is taking or selecting a photograph that meets US State Department Diversity Visa requirements. We use your device's front-facing camera to capture a selfie, and check head size, eye position, and centering.
What we do with it: The photo is processed on your device. No image is sent to our servers unless you choose to save it to your account.
When we ask: We request camera permission when you first try to use the camera or import a photo from your gallery.
Internet
Why we need it: EDIVIP needs internet access to:
- Let you sign in with Google or your phone number
- Sync draft application data with your account
- Upload photos to your account when you choose to save them
- Submit your DV Lottery application after review by our lawyer if you choose to use our lawyer-assisted service
- Receive push notifications about your application status
What we do with it: All internet traffic is encrypted (HTTPS). Without this permission, you cannot sign in, sync data, or use the lawyer-assisted submission feature.
Read Contacts
Why we need it: Our “Friends” feature lets you see which of your contacts have joined EDIVIP. We compare your device's contact list to our user database so we can show you which friends are using the app and invite others who are not.
What we do with it: We read phone numbers from your contacts only. We do not upload your full contact list. Instead, we send small batches of phone numbers to our server to check for matches. No contact names, emails, or other details are sent. You can use the app fully without granting this permission; you simply won't see the Friends feature.
When we ask: We request this permission only when you open the Friends tab and tap to enable contact matching.
Storage (Write to Photos / Pictures)
Why we need it: After you validate a photo, you can save it to your device's photo gallery (e.g. in a “VisaPhotos” folder). On Android 9 and below, the system requires explicit storage permission for apps to write files to shared storage.
What we do with it: We write only the visa photo you chose to save. We do not read or modify other files on your device. On Android 10 and above, we use the modern MediaStore API, which does not require this permission.
When we ask: We request storage permission only when you tap “Save Photo” on the result screen, and only on Android 9 or lower.
Notifications (Post Notifications)
Why we need it: If you sign in and use our lawyer-assisted submission service, we send you push notifications when your application status changes (e.g. form submitted or submission complete). On Android 13 and above, the system requires apps to ask for notification permission before showing such alerts.
What we do with it: Notifications contains only status messages such as “Your application was submitted successfully” — no sensitive personal data is included in the notification text.
When we ask: We request this permission when you first sign in or when you access the submission status flow, on devices running Android 13 or newer.
2. Data We Collect and How We Use It
2.1 Data Stored Only on Your Device
| Data | Purpose |
|---|---|
| Photos you capture or import | Processed for validation; stored temporarily until you save or discard |
| Draft DV application form | Saved in an encrypted database on your device so you can return later |
| Validated photos you save locally | Written to your gallery (Pictures/VisaPhotos) or internal app storage |
| Submission history | Records of your past submissions and their status, stored locally |
This data never leaves your device unless you save it to your account and use cloud features.
2.2 Data Sent to Our Servers
| Data | Why |
|---|---|
| Email or phone number | To identify you and secure your account |
| Display name | To show your name in the app and in the Friends list |
| FCM (push) token | So we can send you status updates and notifications |
| Draft metadata | To sync draft status across devices — no form content or PII |
| Photos | Only when you save a photo after signing in |
| Phone numbers (in batches) | Only when you use the Friends feature |
2.3 Data We Do Not Collect
- We do not sell, rent, or share your personal data for advertising or marketing to third parties.
- We do not track you across other apps or websites for advertising.
- We do not use your photos for training machine learning models.
- We do not store your contact list. We only use contact-derived phone numbers for matching when you use the Friends feature.
3. Security
- Encryption in transit: All data sent over the internet uses HTTPS (TLS).
- Encryption at rest: Sensitive form data on your device is encrypted and never leaves the device.
- Access control: Your cloud data are protected by cloud security rules so only you (and, where applicable, our backend) can access them.
4. Data Retention
- On-device data: Drafts and submission history stay on your device until you delete them or uninstall the app.
- Cloud data: Photos and metadata in the cloud are retained for as long as your account exists. You can request deletion by following our Delete Account process or by contacting us (see Section 8).
- Server-side submission data: Data sent to our backend is used only to submit your application and is handled according to our backend policies.
5. Your Rights
- Access: You can view and manage your data in the app (e.g. drafts, saved photos, settings).
- Correction: You can edit your profile and draft data at any time.
- Deletion: You can delete drafts and local data from within the app. To delete your account and cloud data, see our dedicated Delete Account page or contact us at the email in Section 8.
- Opt-out: You can revoke permissions (e.g. Camera, Contacts, Notifications) in your device Settings at any time. Some features will stop working if you do.
- Data portability: We can provide your data in a standard format upon request.
6. Children's Privacy
EDIVIP is not intended for users under 13. We do not knowingly collect personal information from children under 13. If you believe we have done so, please contact us and we will delete it.
7. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of material changes by updating the “Last updated” date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.
8. Contact Us
If you have questions about this privacy policy or your data, please contact our staff at: edivip86@gmail.com.
9. Third-Party Services
EDIVIP relies on industry-standard services for authentication, cloud storage, and notifications. When you use our optional lawyer-assisted submission, your data is submitted to the official US government DV program. Each provider has its own privacy policy governing how it handles data. We encourage you to review them: Gcloud, US Department of State.