Privacy & Data Practices
Effective date: 25 May 2026 · Last updated: 28 May 2026
Principles that apply to everything
These commitments apply to every product published under sadyojata.dev, regardless of platform. Where a specific product needs to deviate — for example, an integration that genuinely requires a network call — the deviation is documented explicitly in that product's section below.
Local-first
Data lives on your device. The default is that nothing leaves it. When network use is unavoidable for a product to work (for example, an upload service), the product's section below states exactly what crosses the wire, to where, and why.
No analytics, no telemetry, no advertising SDKs
Sadyojata does not collect usage metrics, crash reports, or behavioural data. No Google Analytics, no Firebase, no Crashlytics, no advertising networks. If a product ever needs crash reporting in future, it will be explicit, opt-in, and documented in that product's section.
No accounts unless absolutely required
If a product can work without an account, it works without an account. When an account is genuinely necessary (for example, a service that syncs across devices), the product's section will describe exactly what is stored and where.
Transparent about what permissions do
Mobile and desktop products request only the permissions they actually use, and each permission's purpose is documented in the product's section. Permissions are never requested speculatively for future features.
Children
Sadyojata products are not directed at children under 13, and no personal information is knowingly collected from them.
ClifF Monitor
ClifF Monitor is a personal safety app for Android. Trusted contacts can reach you through SMS even when your phone is on silent or Do Not Disturb mode. It monitors incoming SMS for pre-agreed emergency signals and sounds an alarm when they are detected. It operates entirely on-device with no cloud infrastructure of any kind.
Data collected and stored
All data is stored exclusively on your device in Android SharedPreferences (private app storage). Nothing is transmitted to any server.
| Data | Purpose | Where stored | Shared? |
|---|---|---|---|
| Your name | Included in acknowledgement SMS replies | Device only | Never |
| Your phone number | Used to simulate test alerts on this device | Device only | Never |
| Trusted contact numbers | Full-number matching to identify legitimate alert senders | Device only | Never |
| Secret keywords | User-defined codewords that increase alert urgency | Device only | Never |
| Coarse location | Sent in "I'm on my way" reply SMS when you acknowledge an alert (cached GPS only) | Not stored | Sent via SMS to alert sender only, once per acknowledgement |
| Incoming SMS content | Analysed in memory to detect emergency signals | Not stored | Never |
Important: ClifF Monitor does not read, store, or process your general SMS messages. It receives individual SMS broadcast events from Android, checks each message against your configured patterns in memory, and discards it immediately. No message content is ever written to disk.
Permissions
RECEIVE_SMS. Required to intercept incoming SMS broadcasts. ClifF Monitor is a companion safety device — not your default SMS app. It does not access your SMS inbox or message history. Each incoming SMS is processed in memory only and immediately discarded.
SEND_SMS. Used for two purposes: (1) sending a confirmation reply when a trusted contact schedules a timed reminder using the ATTN command, and (2) sending a location acknowledgement when you dismiss an emergency alert by tapping "I'm on my way". SMS replies are sent only to the original alert sender.
ACCESS_COARSE_LOCATION. Used only when you tap "I'm on my way". The app reads the last known cached location (zero battery impact) and includes it as an Open Location Code (Plus Code) in the reply SMS. Location is not stored and not transmitted anywhere other than that single SMS reply.
RECEIVE_BOOT_COMPLETED. Used to restart the monitoring service automatically after device reboot, ensuring continuous protection.
SCHEDULE_EXACT_ALARM. Used to fire timed reminders scheduled via the ATTN command. Alarms fire locally and require no network access.
FOREGROUND_SERVICE, WAKE_LOCK, VIBRATE, POST_NOTIFICATIONS, ACCESS_NOTIFICATION_POLICY. Required to run the background monitoring service, wake the screen on alert, sound the alarm through silent/DND mode, and display the emergency notification.
Network
ClifF Monitor makes no network requests of any kind. The app contains no third-party SDKs, no analytics libraries, no advertising networks, and no crash-reporting services.
Device backup
Android device backup is disabled for ClifF Monitor. Your trusted contacts, secret keywords, and personal identity are not included in Google Drive backup, ADB backup, or device migration.
ClifF Position
ClifF Position is a personal safety app for Android that detects which floor of a building you are on and can raise an emergency alert — for example after a fall — even when the phone is in a pocket or the screen is locked. It combines GPS, the barometer, and the accelerometer on-device. Address and building data come from public mapping services; emergency alerts are delivered by SMS to contacts you choose. There is no cloud account and no server that holds your data.
Data collected and stored
Monitoring data is processed on-device. The only data that leaves the phone is (a) an address lookup request to public mapping services to identify the building you are in, and (b) an emergency alert SMS to the trusted contacts you configure. Nothing is sent to a sadyojata-operated server.
| Data | Purpose | Where stored | Shared? |
|---|---|---|---|
| GPS location | Identify the building and floor you are in; included as a Plus Code in an emergency alert | Device only | Sent via SMS to your trusted contacts during an alert; lat/lon sent to public mapping services for address lookup |
| Barometer & motion | Detect floor changes and falls | Processed in memory | Never |
| Trusted contact numbers | Recipients of emergency alerts and status replies | Device only | Never |
| Selected building / address | Anchor floor detection to a known building | Device only | Address lookup query sent to public mapping services |
| Incoming SMS content | Read a trusted contact's status request in memory | Not stored | Never |
Permissions
Location (precise, and “allow all the time”). Precise location identifies which building you are in so the correct floor can be reported, and is included as a Plus Code in an emergency alert. Background access (“allow all the time”) is required because the core purpose of the app is to keep detecting falls and floor changes while the phone is in a pocket or the screen is off. Without background location, monitoring stops when the phone is locked. The app asks for this separately, with an explanation, after you grant ordinary location access — and it can run in a reduced foreground-only mode if you decline.
Body sensors. Reads the barometer and accelerometer to measure floor-to-floor pressure changes and to detect a fall or sudden impact.
Physical activity. Distinguishes contexts such as being in an elevator, in a moving vehicle, or stationary, so that ordinary motion is not mistaken for a fall.
SEND_SMS. Delivers emergency alerts to your trusted contacts and, where you have configured it, to emergency services. This is a core safety function of the app.
RECEIVE_SMS and READ_SMS. Lets a trusted contact send a status request by SMS (for example, asking where you are) which the app reads in memory to reply with your last known location. The app is not your default SMS app and does not read your message history.
INTERNET and ACCESS_NETWORK_STATE. Used to look up building and address data from public mapping services, and to check connectivity before any network call so that offline operation is respected.
FOREGROUND_SERVICE (location and health types), WAKE_LOCK. Keep the monitoring service running continuously and the sensors sampling while the app protects you.
POST_NOTIFICATIONS and VIBRATE. Show the ongoing monitoring notification, alert status, and local haptic warnings.
SCHEDULE_EXACT_ALARM. Fires timed attention checks locally; requires no network.
Third-party services
To turn a GPS position into a building and street address, ClifF Position queries public mapping services: the Dutch government mapping service PDOK (in the Netherlands) and OpenStreetMap (elsewhere and as a fallback). These queries contain a location coordinate and no personal identifier. The app embeds no analytics, advertising, or crash-reporting SDKs.
Network
Beyond address lookups to the public mapping services named above and the emergency alert SMS, ClifF Position makes no network requests. No data is sent to any sadyojata-operated server.
Future products
When new products are launched under sadyojata.dev, their specific data practices will be documented in a section on this page, following the same structure used for ClifF Monitor above. The principles in section 1 apply to all products by default; any product-specific deviation will be stated explicitly.
Changes to this policy
If practices change materially — for any product covered by this policy — the relevant section will be updated and the "Last updated" date at the top of this page will reflect the revision. Continued use of any product after a material update constitutes acceptance of the updated terms for that product.
Editorial corrections (typo fixes, link updates, restructuring) do not change the effective date.
Contact
Operator: Sadyojata
Location: Eindhoven, the Netherlands
Privacy / data requests: privacy@sadyojata.dev
General inquiries: info@sadyojata.dev
Website: https://sadyojata.dev
Sadyojata is an independent project operated from the Netherlands. Data subject inquiries: privacy@sadyojata.dev
For data subject requests under GDPR or equivalent legislation, please use the privacy email above. Requests are answered within 30 days.