What we don't know about you.

Last updated · 2026-04-28

The short version. Susanoo does not collect, transmit, or sell any personal data. Everything Susanoo sees about your phone — the names of companies your apps contact, the categories of those contacts, and when they happened — lives in an encrypted database on your device and nowhere else. No account. No cloud. No analytics. No ads. No servers of ours are involved in your use of the app.

If that paragraph is all you wanted, you have all of it.

What Susanoo does

Susanoo is a local, on-device privacy transparency tool. When enabled, it:

Routes your phone's network traffic through an on-device VPN. The VPN endpoint is your phone; no external VPN server is ever involved.
Inspects DNS queries and the TLS ClientHello (SNI) on outbound connections to identify which tracker company each request is reaching.
Attributes the request to the app that initiated it, using Android's ConnectivityManager.getConnectionOwnerUid API.
Stores a record of each observation in a SQLCipher-encrypted local database for as long as your retention setting allows (default 30 days).
Displays a live feed, weekly exposure score, and optional notifications inside the app itself.

The app never forwards or uploads any of these observations. There is no backend. There is no network destination for your data.

What Susanoo records, locally

For each outbound request it observes, Susanoo records, on your device:

The hostname being contacted (e.g. graph.facebook.com).
The classification (company, category, confidence).
The timestamp.
The package name and display label of the app responsible, when Android allows us to read it.

These records stay on your device in an encrypted database. They are accessible only to the Susanoo app process, protected by an AES-256-GCM key held in the Android Keystore.

What Susanoo does not collect

No IP addresses, cookies, device IDs, advertising IDs, or account identifiers are transmitted off-device.
No request payloads are inspected. Susanoo cannot and does not read the contents of any encrypted connection; it only observes the unencrypted metadata needed to identify the counterparty (DNS query name, SNI hostname).
No behavioural, analytics, or telemetry data is sent anywhere. Susanoo itself has no opinion on you, because Susanoo has no servers.

Network traffic Susanoo originates

Susanoo makes two classes of outbound requests:

DNS resolution upstream. While the VPN is active, DNS queries that your apps make are forwarded (unchanged) to the first reachable public resolver from a local fallback chain (1.1.1.1 → 8.8.8.8 → emulator resolver). These are standard DNS queries your apps would make anyway; Susanoo does not augment them or add identifiers.
Rule-bundle updates. Periodically (at most once per day, only on unmetered networks), Susanoo fetches the current classifier rule bundle from our update CDN and verifies its Ed25519 signature against a public key baked into the app. The request consists of a GET for bundle.json and bundle.sig — no identifiers are sent, no cookies are set, no accounts are involved.

Both connection types are standard, anonymous HTTPS requests.

Data sharing

Susanoo does not share data with third parties, because Susanoo does not have data to share. Nothing we have access to ever leaves your device.

Your controls

Pause observation — Tap STOP at any time to halt the local VPN.
Mute a company — Tap any row in the live feed to mute that company for 5 minutes, 1 hour, or 24 hours.
Export — Settings → Your data → Export as JSON hands you a plaintext copy of everything Susanoo has recorded.
Retention — Settings → Retention lets you shorten the window from the 30-day default down to 7 days.
Wipe — Tapping CLEAR on the home screen erases the encrypted store. On uninstall, Android deletes the app's private storage including the entire observation database.

Children

Susanoo is not directed at children under 13 and does not knowingly collect information from them. Since Susanoo does not transmit any information at all, the practical surface area is zero.

Security

The observation database is encrypted at rest with SQLCipher 4.6, AES-256-GCM, using a passphrase wrapped by an Android Keystore AES-GCM key resident in hardware on supported devices.
Rule-bundle updates are verified with Ed25519 before being installed. Tampered or unsigned bundles are rejected.
The app does not request any permission beyond what is required to operate its local VPN (INTERNET, FOREGROUND_SERVICE, POST_NOTIFICATIONS, QUERY_ALL_PACKAGES for the bypass picker, and the Android-granted BIND_VPN_SERVICE).

Changes to this policy

If this policy ever changes, we will update the Last updated date above and note the change in the release notes for that version. We will not silently broaden what we collect.

Contact

qat@zakrstech.com

We don't collect anything. We don't transmit anything. We don't have servers that know anything about you. Susanoo runs on your phone, for you.