Effective Date: June 19, 2026
Last Updated: June 19, 2026
1. Introduction
Deltavant ("we", "our", "us") is developed by CYBERTVLAB LLC, a limited liability company registered in the United States. Deltavant is an Android TV anti-malware application that provides on-device threat detection, DNS-level network protection, and cloud-powered security analysis.
This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding your data. By using Deltavant, you agree to the practices described in this policy.
Contact: privacy@cybertvlab.com
2. Information We Collect
2.1 Information You Provide
| Data | Purpose | Storage |
| Purchase tokens (Google Play) | Validate Premium subscription status | Encrypted locally (EncryptedSharedPreferences); transmitted to Google Play for verification |
2.2 Information Collected Automatically
| Data | Purpose | Storage | Retention |
| Installed package names | Malware scanning and threat detection | Encrypted local database (SQLCipher AES-256) | Until scan history is cleared |
| App display names | Identify scanned applications in reports | Encrypted local database; sent to backend for analysis | Until scan history is cleared |
| Threat scores (ML inference results) | Display security status to user | Encrypted local database | Until scan history is cleared |
| DNS query domain names | DNS Guard network protection (malware/phishing/tracker blocking) | Encrypted local database (verdict cache with TTL-based auto-expiry) | TTL expires automatically (1–24 hours by category) |
| App signing certificate hashes (SHA-256) | Whitelist/blacklist verification | Encrypted local database | Until whitelist/blacklist is cleared |
| Threat events (type, detail, threat family, playbook ID) | Track detected threats and remediation status | Encrypted local database | Until manually cleared or app uninstall |
| Remediation logs (status, actions, duration, device info) | Record remediation outcomes and device context | Encrypted local database | Until manually cleared or app uninstall |
Device identifier (deviceId, random UUID) | API authentication and rate limiting | Encrypted local preferences | Until app uninstall |
| Device info (OS version, device model, SDK version, root status) | Remediation playbook generation and reporting | Sent to backend; not persistently stored locally | Processed in real time |
| App permissions | Permission auditing and risk assessment | Encrypted local database | Until scan history is cleared |
| Language preference | Serve analysis results in the user's language | Sent to backend per request; not stored | Per-request |
| Scan timestamps and results | Display scan history to user | Encrypted local database | Until scan history is cleared |
2.3 Crash and Error Reports (Opt-In)
| Data | Purpose | Storage | Default |
| Crash stack traces | Diagnose and fix application errors | Sentry.io (third-party) | Opt-in only — disabled by default |
| Device info (OS version, device model) | Crash context for debugging | Sentry.io | Opt-in only — disabled by default |
| Anonymized usage patterns | Error reproduction context | Sentry.io | Opt-in only — disabled by default |
You can enable or disable crash reporting at any time in Settings → Privacy → Crash Reporting. When disabled, zero crash data is collected or transmitted.
2.4 Information We Do NOT Collect
We explicitly do not collect:
- Personal identity information (name, email, phone number)
- Precise geolocation data
- Browsing history or DNS query contents beyond domain names and the requesting app identifier
- Contact lists, messages, or media files
- Advertising identifiers (GAID/AAID)
- Device SMS or call logs
- Camera or microphone data
- Keyboard input or screen recordings
3. How We Use Information
| Data | Use | Legal Basis |
| Package names + app names + threat scores | Detect and report malware on your device | Legitimate interest (security) |
| DNS domain names + requesting app | Block malware, phishing, and tracker domains in real time | Legitimate interest (network security) |
| Device identifier | Authenticate API requests, enforce rate limits | Legitimate interest (service operation) |
| Purchase tokens | Verify and maintain Premium subscription status | Contract performance (subscription) |
| Crash reports (opt-in) | Diagnose bugs and improve app stability | Consent (opt-in) |
| App permissions | Assess risk and recommend remediation | Legitimate interest (security) |
We never use your data for advertising, profiling, or resale.
4. Data Sharing
4.1 Backend Server (api.deltavant.com)
Data transmitted to our backend server:
| Endpoint | Data Sent | Purpose |
/analyze/explain | App name, package name, technical reasons, AI score, language | AI-powered threat explanation |
/analyze/deep-scan | App name, package name, manifest data (permissions, activities, services, receivers, providers, SDK versions), language | Deep malware analysis (Premium) |
/analyze/permissions | App name, package name, play category, dangerous/special permissions, version code, delta flag, new permissions, language | Permission risk assessment |
/network/check-domain | Domain name, requesting app (optional) | Domain threat verification |
/network/check-domains | Domain names (batch), requesting app (optional) | Batch domain verification |
/network/check-domain-batch | Since version, offset, limit (no personal data) | Sync domain verdict batches |
/network/report-domain | Domain name, category, evidence (optional) | Community domain reporting (Premium) |
/v1/blacklist/community | Since version (no personal data) | Fetch community threat blocklist |
/v1/model/check-update | Current model version | Check for ML model updates (Premium) |
/v1/model/download | Model version | Download updated ML model (Premium) |
/v1/remediation/generate | IoCs, device info (OS version, device model, root status, SDK version), threat family hint | Generate remediation playbooks |
/v1/remediation/playbooks | Since version, offset, limit, snapshot version | Fetch signed remediation playbooks |
/v1/remediation/signatures | Since version, offset, limit, snapshot version | Fetch system signatures (file paths, hashes, threat families) |
/v1/remediation/report | Playbook ID, status, action results, duration, root remediation flag, device info | Report remediation outcomes |
/v1/auth/validate-premium | Purchase token, product ID, package name | Validate Premium subscription |
/health | None | Server health check |
All backend connections use TLS 1.2+ with certificate pinning (SHA-256 pins for Let's Encrypt E2 intermediate + ISRG Root X1 backup). Man-in-the-middle interception is prevented.
4.2 Google Play Billing
Purchase tokens are transmitted to Google Play for subscription validation. This is required for Premium feature access. Google's own Privacy Policy applies: <https://policies.google.com/privacy>
4.3 Sentry (Crash Reporting — Opt-In Only)
When crash reporting is enabled, anonymized crash data is sent to Sentry.io. We sanitize all personally identifiable information before transmission using:
FORBIDDEN_KEYSblocklist (package names, app names, purchase tokens, email addresses, passwords, JWT tokens, device IDs, API keys, authorization headers, premium JWTs, X-Device-Id)- Regex-based PII stripping (email addresses, IPv4 addresses, Bearer tokens, key=value patterns for sensitive fields, URL credentials, bare JWT tokens)
Sentry's Privacy Policy: <https://sentry.io/privacy/>
4.4 No Other Third Parties
We do not share data with advertising networks, analytics platforms, data brokers, or any other third parties.
5. Data Storage and Security
5.1 Local Storage (On Your Device)
All local data is encrypted at rest:
| Data Type | Storage | Encryption |
| Scan history, threat events, remediation logs | Room database (SQLCipher) | AES-256 (Android Keystore-held key) |
| Premium status, JWT, device ID | EncryptedSharedPreferences | AES-256-GCM (secured by Android Keystore) |
| DNS verdict cache | Room database (SQLCipher) | AES-256 (TTL-based auto-expiry: 1h–24h by category) |
| ML model file | Internal storage | SHA-256 hash + ED25519 signature verified on load |
| Whitelist/blacklist (signing cert hashes) | Room database (SQLCipher) | AES-256 (Android Keystore-held key) |
The encryption key is stored in the Android Keystore, which is hardware-backed on most devices and cannot be exported.
5.2 Network Security
- TLS 1.2+ required for all backend connections
- Certificate pinning prevents man-in-the-middle attacks
- No cleartext HTTP in release builds (enforced by network security config)
- API key authentication on all requests (X-Api-Key header)
- JWT authentication on Premium endpoints (Bearer token, time-limited expiry)
5.3 Data Minimization
We follow the principle of data minimization:
- DNS queries are processed locally — domain names are checked against an encrypted verdict cache with automatic TTL expiry, not logged
- Threat scores are stored only for user-facing scan history
- The device identifier is a random UUID — not tied to personal identity
- Crash reports are opt-in and PII-sanitized
6. Device Permissions
| Permission | Purpose | Required? |
QUERY_ALL_PACKAGES | Scan all installed apps for malware detection | Yes — core anti-malware function |
INTERNET | Communicate with backend API | Yes |
BIND_VPN_SERVICE | DNS Guard — local VPN loopback for DNS interception | Yes (Premium) |
FOREGROUND_SERVICE / FOREGROUND_SERVICE_SPECIAL_USE | Background malware scan and DNS protection | Yes |
POST_NOTIFICATIONS | Scan completion and threat alerts | Yes |
RECEIVE_BOOT_COMPLETED | Auto-start DNS Guard on device boot | Yes |
KILL_BACKGROUND_PROCESSES | Remediation action (kill malicious processes) | Premium only |
RECEIVE_PACKAGE_EVENTS (signature permission) | Detect app installs/updates for real-time scanning | Yes (internal, same-signature only) |
QUERY_ALL_PACKAGES justification: Deltavant is an anti-malware application. Package visibility is essential for scanning installed applications, detecting security threats, and providing permission auditing. Without this permission, the app cannot fulfill its core security function.
7. Data Retention and Deletion
7.1 Local Data Retention
| Data | Retention | Auto-Deletion |
| Scan history | Until manually cleared or app uninstalled | User can clear in Settings |
| DNS verdict cache | TTL-based (1–24 hours by category) | Automatic expiry; persisted in encrypted database |
| Premium JWT | Until expiry or revocation | Automatic on expiry |
| Device identifier | Until app uninstall | Removed on uninstall |
| ML model | Until OTA update replaces it | Replaced by newer version |
7.2 How to Delete Your Data
Complete deletion: Uninstalling Deltavant removes all local data including:
- Encrypted scan history database
- Encrypted preferences (Premium status, settings)
- DNS verdict cache
- Device identifier
No residual data remains on the device after uninstall, except for any scan history files you may have exported to the Downloads directory via the in-app export feature.
Partial deletion: Within the app, you can:
- Clear scan history in Settings → Privacy
- Disable crash reporting in Settings → Privacy → Crash Reporting
- Reset DNS Guard settings in Settings → DNS Guard
7.3 Server-Side Data
- Backend: Scan data is processed in real time and not persistently stored on our server. Domain verdicts are cached with TTL and periodically refreshed.
- Sentry: Crash reports are retained for 90 days per Sentry's retention policy.
- Google Play: Purchase data is managed by Google per their Privacy Policy.
To request deletion of any server-side data, contact: privacy@cybertvlab.com
8. Children's Privacy
Deltavant is a security tool designed for Android TV devices. We do not knowingly collect personal information from children under 13. The app does not include any child-directed features, social features, or user-generated content.
Since we do not collect personal identity information (no name, email, or account required), the risk to children's privacy is minimal. If you believe a child has provided personal data through our service, contact us at privacy@cybertvlab.com and we will take steps to delete such information.
9. International Users
9.1 European Economic Area (GDPR)
For users in the EEA, United Kingdom, and Switzerland:
- Legal basis for processing: Legitimate interest (security) for core functions; consent (opt-in) for crash reporting; contract performance for Premium subscriptions.
- Your rights under GDPR: Access, rectification, erasure, restriction, portability, and objection. To exercise these rights, contact privacy@cybertvlab.com.
- Data transfers: Backend servers are located in the United States. We ensure appropriate safeguards through TLS encryption, certificate pinning, and data minimization.
- DPA/SCCs: Data processing from the EEA to the US is covered by Standard Contractual Clauses where applicable.
9.2 California Residents (CCPA)
For California residents:
- We do not "sell" personal information as defined by CCPA
- We do not "share" personal information for cross-context advertising
- You have the right to know, delete, and opt-out of sale (not applicable as we do not sell data)
- To exercise your rights, contact privacy@cybertvlab.com
9.3 Other Jurisdictions
We apply the same data protection standards to all users regardless of location. If your jurisdiction provides additional rights, we will honor them upon request.
10. DNS Guard and VPN Functionality
Deltavant's DNS Guard feature operates as a local VPN using Android's VpnService API:
- All DNS queries are intercepted locally on your device — no data is tunneled to a remote server
- DNS resolution uses your chosen provider (System DNS, Google DoH, or Cloudflare DoH)
- Domain names in DNS queries are checked against threat databases but are deliberately not logged at runtime (PII protection)
- No browsing data is collected, stored, or transmitted
- DNS verdicts (malware/phishing/tracker classification) are cached in an encrypted local database with TTL-based auto-expiry (1 hour for clean domains, 4 hours for C2 domains, 24 hours for adware/trackers)
- The VPN does not alter, log, or monitor your internet traffic — only DNS domain names are checked against threat databases
- ADB backup is disabled (
android:allowBackup="false") — app data cannot be extracted via USB debugging - C2 domain detection flags known command-and-control domains in real time
This is a security feature, not a geographic content bypass. DNS Guard blocks malicious domains; it does not circumvent regional restrictions.
11. Premium Subscriptions
Deltavant offers Premium features through Google Play Billing:
| Plan | Product ID | Type |
| Lifetime | premium_lifetime | One-time purchase |
| Monthly | premium_monthly | Subscription |
| Yearly | premium_yearly | Subscription |
Pricing is displayed in the app and on the Google Play Store listing at the time of purchase.
- Purchase tokens are validated through Google Play to maintain subscription status
- JWT tokens are used for backend authentication on Premium endpoints — these expire automatically
- Grace period: If the backend is temporarily unavailable (5xx errors), Premium features remain active for 30 minutes
- No billing data (credit card numbers, bank details) is ever visible to or stored by our app
12. Remediation and Playbook Engine
Deltavant's Remediation Engine can take actions to neutralize detected threats:
- Playbooks are signed with ED25519 — invalid or tampered playbooks are silently rejected. OTA ML models are also verified with ED25519 signatures before loading.
- Remediation actions are limited to the 14 defined primitives (uninstall, disable, kill process, block domain, etc.)
- Critical processes and system paths are protected from remediation actions via blocklists
- Root commands are only executed with explicit user confirmation
- Remediation reports are sent to the backend after execution for threat intelligence improvement
13. Open Source Licenses
Deltavant uses the following open-source libraries. Full license texts are available in the app's About screen:
- TensorFlow Lite (Apache 2.0)
- OkHttp (Apache 2.0)
- Retrofit (Apache 2.0)
- Room / SQLCipher (Apache 2.0)
- Sentry SDK (MIT)
- Play Billing KTX (part of Android Jetpack)
- Koin (Apache 2.0)
- Jetpack Compose TV (Apache 2.0)
- Coil (Apache 2.0)
- BouncyCastle (MIT)
- EdDSA — net.i2p.crypto.eddsa (CC0 1.0 Universal)
- libsu (Apache 2.0)
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last Updated" date at the top of this page. Material changes will be notified through:
- An in-app notification
- Updated Privacy Policy link in the About screen
- Email notification (if we have your email from a support request)
We encourage you to review this policy periodically.
15. Contact
Developer: CYBERTVLAB LLC
Privacy inquiries: privacy@cybertvlab.com
General support: support@cybertvlab.com
Mailing address: CYBERTVLAB LLC, [Address on file with Wyoming Secretary of State]
For data deletion requests, include "Data Deletion Request" in the subject line and your device identifier (available in Settings → About → Device ID) if you wish to delete server-side data without uninstalling the app.
*This Privacy Policy is effective as of the date stated above and applies to all users of Deltavant for Android TV.*