Privacy Policy

Last Updated: March 22, 2026

Overview

VPSniper ("we", "our", or "us"), developed by VibePiper (a DBA of Chris DRT LLC), is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our asset management scanner application.

VPSniper is designed to connect to your organization's Snipe-IT inventory management server to scan, look up, and manage assets from a mobile device. A Snipe-IT instance and valid API key are required and must be provided by your organization — VibePiper does not host or manage Snipe-IT servers. Learn more about Snipe-IT at snipeitapp.com.

Information We Collect

Snipe-IT Credentials

• Server URL: The URL of your Snipe-IT instance is stored locally on your device to connect to your inventory server.
• API Key: Your Snipe-IT API key is stored securely using Android's encrypted storage (EncryptedSharedPreferences). The API key is sent only to your configured Snipe-IT server and is never transmitted to VibePiper servers.
• Username: Your Snipe-IT username is stored locally on your device for display purposes.

Asset Data

• Cached Asset Information: Asset data retrieved from your Snipe-IT server (asset tags, names, serial numbers, locations, assigned users) is cached locally on your device for offline use. This data originates from your Snipe-IT server and is never sent to VibePiper.
• Scan History: Records of scanned barcodes and operations performed are stored locally on your device for session tracking.

Camera

• Barcode Scanning: The camera is used exclusively for scanning barcodes and QR codes to identify assets. No photos are captured or stored. Camera data is processed in memory only for barcode detection.

Bluetooth Device Information

• Printer Connection: Names and addresses of paired Bluetooth printers (Phomemo D30/D35) are stored locally on your device for label printing. This information is not transmitted to VibePiper servers or any third party.

Permissions We Request

• Internet (INTERNET, ACCESS_NETWORK_STATE): Required to communicate with your Snipe-IT server API and to serve advertisements.
• Camera (CAMERA): Required for barcode and QR code scanning when not using a Zebra hardware scanner.
• Bluetooth (BLUETOOTH, BLUETOOTH_ADMIN, BLUETOOTH_CONNECT, BLUETOOTH_SCAN): Required for connecting to Phomemo label printers. Bluetooth scanning is configured with neverForLocation — it is never used to derive location data.
• Vibrate (VIBRATE): Used for haptic feedback when scanning barcodes and printing labels.
• Storage (READ_EXTERNAL_STORAGE, READ_MEDIA_IMAGES): Used only for selecting a company logo image to include on printed labels.
• Billing (com.android.vending.BILLING): Required for the optional in-app purchase to remove advertisements.

Advertising

• Google AdMob: The app displays banner advertisements provided by Google AdMob. AdMob may collect device identifiers, IP address, and ad interaction data to serve and measure ads. See Google's Advertising Privacy Policy for details.
• Ad-Free Option: You can remove all advertisements through a one-time in-app purchase (remove_ads_forever). Once purchased, no advertising data is collected.

In-App Purchases

• Google Play Billing: In-app purchases are processed by Google Play. We do not collect or store payment information. Purchase status is stored locally on your device to remember your ad-free preference and can be restored on reinstall via Google Play.

What We Do NOT Do

• We do not sell any user data to third parties.
• We do not collect analytics or usage tracking data.
• We do not use cloud storage — all app data stays on your device.
• We do not track your location — no location permissions are requested or used.
• We do not access your microphone — no audio is recorded.
• We do not collect or store any payment or financial information.

Data Storage & Security

• Encryption at Rest: Snipe-IT credentials (API key, server URL) are stored using Android's EncryptedSharedPreferences.
• Encryption in Transit: All communication with Snipe-IT servers uses HTTPS/TLS by default.
• HTTP Exception for On-Premise Servers: The app allows HTTP (non-encrypted) connections to accommodate on-premise Snipe-IT installations that may not have TLS configured. If your Snipe-IT server uses HTTP, data transmitted between the app and your server is not encrypted in transit. We strongly recommend configuring HTTPS on your Snipe-IT server.
• No Cloud Storage: All data remains on your device. Nothing is stored on VibePiper servers.

On-Premise Server Notice

VPSniper connects directly to your organization's Snipe-IT server. Asset data retrieved and operations performed through the app are processed by your infrastructure. VibePiper has no access to, control over, or responsibility for the data on your Snipe-IT server. Your organization's Snipe-IT administrator controls data access, retention, and security on the server side.

Data Retention

• All Data Is Local: Credentials, cached asset data, printer settings, and preferences are stored only on your device.
• Uninstall Removes Everything: Uninstalling VPSniper permanently deletes all locally stored data, including credentials and cached assets.
• No Server-Side Data: VibePiper does not store any user data on its servers, so there is no server-side data to retain or delete.

Third-Party Services

• Snipe-IT: VPSniper connects to your Snipe-IT inventory server. Your use of Snipe-IT is governed by your organization's policies and Snipe-IT's terms.
• Google AdMob: Advertising. AdMob may collect device and ad interaction data. Governed by Google's Advertising Policy.
• Google Play Billing: In-app purchase processing. Governed by Google's Privacy Policy.
• Google Play Store: App distribution. Governed by Google's Privacy Policy.

Children's Privacy

VPSniper is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal data, please contact us.

Your Rights

• Access: Request a copy of any data we hold about you.
• Deletion: Request permanent deletion of your data.
• Portability: Request your data in a machine-readable format.
• Opt Out: You can remove ads via in-app purchase and clear all local data by uninstalling the app.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws apply to your use of VPSniper.

• Legal Basis for Processing: We process your data based on legitimate interest (providing the app's core scanning and asset management functionality) and consent (for advertising data collected by Google AdMob, which you can withdraw by purchasing the ad-free option).
• Data Minimization: VPSniper stores all data locally on your device. We do not operate servers that collect or process your personal data — your Snipe-IT credentials and asset data never leave your device except to communicate with your Snipe-IT server.
• International Data Transfers: VPSniper itself does not transfer your data internationally. However, Google AdMob (if ads are enabled) may transfer data to servers outside the EEA. Google provides appropriate safeguards for such transfers under their data transfer frameworks.
• Your Additional Rights: In addition to the rights listed above, you have the right to restrict processing, object to processing, and lodge a complaint with your local data protection supervisory authority.

Changes to This Policy

We may update this policy periodically. The "Last Updated" date at the top will reflect changes. Significant changes will be communicated through the app or our website.

Contact Us

• Email: appstore@vibepiper.com
• Website: vibepiper.com

This privacy policy applies to the VPSniper application distributed by VibePiper.