G

Privacy Policy

GBL Commander - Firmware Management Tool

1. Introduction

GBL Commander is a mobile application designed for managing and editing GBL (Gecko Bootloader) files. This Privacy Policy describes how we collect, use, process, and protect your information when you use our application.

Important: This application is developed for managing firmware bootloader files and handles sensitive cryptographic data including encryption keys, digital certificates, and firmware binaries. We are committed to protecting your privacy and ensuring the security of your data.

2. Information We Collect

2.1 Files and File Metadata

  • GBL Files: We process the content of GBL bootloader files you open, including firmware data, encryption keys, digital certificates, signatures, and binary code
  • File Information: File names, file sizes, file paths, and last modification timestamps
  • Recent Files: We maintain a local database of recently accessed files for user convenience (limited to 10 most recent files)

2.2 Device and Storage Information

  • File System Access: With your explicit permission, we access your device's external storage and Downloads folder to:
    • Read GBL files you select through the system file picker
    • Save modified GBL files to your Downloads directory
    • Access recently used files for quick access (requires WRITE_EXTERNAL_STORAGE on Android ≤10 or MANAGE_EXTERNAL_STORAGE on Android 11+)
  • Cached Data: Temporary copies of processed files are stored in the app's private cache directory using randomly generated UUID filenames for sharing functionality
  • Permission-Based Access: Different storage access methods are used depending on your Android version to comply with platform security requirements

2.3 Usage Analytics (Via Firebase Analytics)

We collect anonymous usage data through Firebase Analytics, including:

  • Screen Views: Which screens you visit within the app
  • Navigation Events: How you navigate through the app features
  • Technical Information: App version, device model, operating system version

2.4 Crash and Error Reports (Via Firebase Crashlytics)

To improve app stability, we automatically collect:

  • Crash Reports: When the app crashes, technical details about the crash
  • Error Logs: Non-fatal errors and exceptions that occur during app usage
  • Debug Information: Stack traces and system state at the time of crashes
  • Device Information: Device model, operating system version, available memory

3. How We Use Your Information

3.1 Core Functionality

  • File Processing: Parse, display, and edit GBL bootloader files according to your instructions
  • File Management: Save and organize your modified files in your Downloads directory
  • Recent Files: Display recently accessed files for quick access

3.2 App Improvement

  • Performance Analysis: Use analytics data to understand feature usage and improve user experience
  • Bug Fixes: Use crash reports to identify and fix application bugs
  • Feature Development: Analyze usage patterns to prioritize new features

3.3 File Sharing

When you choose to share a file, we temporarily store it in the app's cache directory to enable sharing through your device's sharing capabilities.

4. Data Storage and Security

Local Storage Only: All file data is stored locally on your device

4.1 Local Storage

  • Recent files database uses SQLite with standard system-level protection
  • Processed files are stored in your device's Downloads folder
  • Temporary files are stored in the app's cache directory

4.2 Security Measures

  • No Cloud Storage: Your GBL files and their contents are never uploaded to our servers
  • Secure File Sharing: Uses Android's FileProvider API for secure file sharing
  • Network Encryption: All communication with Firebase uses HTTPS encryption
  • No Backup: App data is excluded from device cloud backups to protect sensitive firmware data

4.3 Data Retention

  • Recent Files: Automatically maintained (newest 10 files), can be manually cleared
  • Cached Files: Automatically cleaned by the system or when app is uninstalled
  • Analytics Data: Retained by Firebase according to their data retention policies
  • Crash Reports: Retained by Firebase Crashlytics for debugging purposes

5. Data Sharing and Third Parties

5.1 Google Firebase Services

We share limited, anonymized data with Google through:

Firebase Analytics: Anonymous usage statistics and app performance metrics. No personally identifiable information or file contents. Data processed in accordance with Google's Privacy Policy.

Firebase Crashlytics: Crash reports and error logs for debugging purposes. No file contents or user-generated data included. Helps us maintain app stability and performance.

5.2 File Sharing

  • When you use the share feature, files are shared directly between apps on your device
  • We do not have access to or control over how recipient apps handle shared files
  • Shared files contain the same sensitive firmware data as the original files

5.3 No Other Third Parties

  • We do not sell, rent, or share your data with any other third parties
  • We do not use advertising networks or marketing platforms
  • No data brokers or analytics companies beyond Firebase

6. Your Rights and Choices

6.1 File Management

  • Delete Recent Files: Remove individual files from recent files list or clear all at once
  • File Access Control: Choose which files to open through standard file picker

6.2 Permission Controls

  • Storage Permissions:
    • On Android 11+: You can revoke "All files access" permission in Settings > Apps > GBL Commander > Permissions > Files and media
    • On Android 10 and below: You can revoke "Storage" permission in device settings
    • Note: Revoking storage permissions will prevent the app from saving or loading GBL files
  • File Access Control: You control which specific files the app can access through the system file picker
  • Network Permission: Required for Firebase Analytics and Crashlytics, but you can use core file editing functionality offline
  • Permission Timing: Storage permissions are only requested when you attempt to save or load files, not upon app installation

6.3 Data Deletion

  • Uninstall App: Removes all app data including recent files database and cached files
  • Clear App Data: Reset app to initial state through device settings
  • Manual Deletion: Remove saved files from Downloads folder manually

7. Children's Privacy

This application is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. The app is designed for firmware development and embedded systems work, typically performed by adult professionals.

8. International Data Transfers

Analytics and crash report data may be transferred to and processed in countries other than your own through Google Firebase services. These transfers are conducted in accordance with applicable data protection laws and Google's privacy safeguards.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Publishing updates on our official distribution channels

10. Technical Details

10.1 Permissions Explained

Storage Permissions (Android Version-Specific):

  • MANAGE_EXTERNAL_STORAGE: On Android 11 and above (API 30+), this permission allows the app to read and write files in external storage locations, including the Downloads folder. This is required for saving and loading GBL files. Users will be prompted to grant "All files access" permission in system settings.
  • WRITE_EXTERNAL_STORAGE: On Android 10 and below (API 29 and earlier), this permission allows reading and writing files to external storage including the Downloads directory. Users are prompted for this permission through standard system dialogs when attempting to save files.

Network and Analytics Permissions:

  • INTERNET: Required for Firebase Analytics and Crashlytics communication with Google servers. This enables anonymous usage analytics and crash reporting to help improve app stability.
  • ACCESS_NETWORK_STATE: Helps Firebase determine network connectivity status to optimize data transmission and handle offline scenarios appropriately.

10.2 Data Processing Details

  • Binary File Processing: Handles complex firmware file structures including encrypted sections
  • Cryptographic Data: Processes ECDSA P-256 signatures, AES-CCM encryption data, and digital certificates
  • Memory Management: Uses efficient streaming for large firmware files
  • File Validation: Performs CRC32 checksums and structural integrity checks

10.3 Firebase Project Information

  • Project ID: gbl-commander-3d7b0
  • Package Name: com.onix.gbl.commander
  • Analytics: Limited to usage patterns and crash reporting
  • Data Location: Processed according to Google Firebase's data residency policies

11. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Get in Touch

ruslan.horbachevskyi@onix-systems.com

13. Data Protection Rights

Depending on your location, you may have rights including:

  • Right to Access: Request information about data we process
  • Right to Correction: Request correction of inaccurate data
  • Right to Deletion: Request deletion of your data
  • Right to Portability: Receive your data in a machine-readable format
  • Right to Object: Object to certain types of data processing

Note: Since most data is stored locally on your device, you have direct control over most of your information through the app interface or device settings.