Privacy Policy — Status Saver & Story Download

Effective
4 May 2026
App
Status Saver & Story Download (formerly known as Media Nest) — Android
Publisher
Hiren Paghadal
Contact

The short version.Status Saver & Story Download keeps your WhatsApp statuses, captured chats, and saved media on your device. We don’t run a backend that stores your messages, files, or chat history. The only off-device traffic is anonymous data needed to serve ads, configure remote feature gates, and measure performance.

1. At a glance

QuestionAnswer
Do I need an account?No. The app works without sign-in.
Do you have a server with my chats / media?No. There is no backend that stores user content.
Are my files uploaded?No. Statuses, captured messages, and saved media never leave the device.
Do you show ads?Yes — Google AdMob (banner, native, app-open, interstitial, rewarded, rewarded-interstitial).
Which third-party SDKs do you use?Google AdMob (ads), Firebase Remote Config (feature flags & hard-update gating), PostHog (anonymous performance telemetry).
Is my data encrypted in transit?Yes — all third-party SDK traffic uses HTTPS / TLS.
How do I contact you about privacy?

2. Data we collect off your device

The app itself does not collect personal data. The third-party SDKs we use transmit a small set of identifiers required for their function:

  • Android Advertising ID (AAID) — Google AdMob, for ad delivery and frequency capping. You can reset or limit this from Android Settings → Privacy → Ads.
  • Firebase Installation ID — Firebase Remote Config, used by Google to identify the install for config delivery (feature flags + hard-update version gates).
  • Anonymous device UUID — PostHog, for performance telemetry (see Section 6). Not your AAID, not tied to any account.
  • Crash diagnostics — automatic stack traces from Google Play services if the app crashes, sent to Google Play (not to us directly). We do not run a third-party crash reporter (no Sentry, Crashlytics, etc.) and we do not run Firebase Analytics.

We do not collect:

  • Your contacts, address book, or phone number.
  • Your location (precise or coarse).
  • Your WhatsApp messages or media (we read WhatsApp’s notifications on the device — see Section 3 — but the content stays local).
  • Files outside the folders you explicitly grant via Android’s folder picker.
  • Email, name, IP address (beyond what AdMob / Firebase / PostHog observe in the request envelope), or any other directly-identifying information.

3. Data processed only on your device

The features below run entirely on-device. No content from any of these surfaces is uploaded or shared.

  • WhatsApp / WhatsApp Business statuses — when you grant access to the .Statuses folder via Android’s SAF folder picker, the app reads the photos and videos already in that folder so you can preview, save, and share them. The app never copies status files off your device.
  • Notification capture (Chat tab) — when you enable the optional Notification Listener Service, Android forwards the text and bigPicture/largeIcon thumbnails of WhatsApp notifications to the app, which writes them to a local SQLite database. This happens locally; nothing about these notifications is transmitted off the device.
  • Saved media (Downloads tab)— files you tap “save” on are written to your phone’s public Pictures/Downloads directory using your existing storage permission. The app keeps a local index of those files; the files themselves stay on the device.
  • Search history — your last few search queries on the Chat tab are stored in encrypted on-device key-value storage (MMKV). They never leave the device.
  • App preferences — accent color, retention window, theme, ad-free timer state, onboarding flags, etc., stored in the same on-device key-value storage.
  • Local notifications — daily reminder schedules and push delivery records are stored locally; no third-party push provider is used.

4. How your data is used

The off-device data described in Section 2 is used only for:

  • Serving ads via Google AdMob (banner, native, app-open, interstitial, rewarded, rewarded-interstitial).
  • Fetching feature flags via Firebase Remote Config — for example, gating a hard-update prompt or toggling an experiment between Play Store releases.
  • Performance telemetry via PostHog — anonymous timing metrics (see Section 6).

We do not:

  • Build advertising or marketing profiles about you.
  • Combine third-party SDK data with any other source.
  • Sell, rent, or trade any data.
  • Use the data to train AI / ML models.

5. How your data is shared

The only third parties that receive any data are:

RecipientPurposePrivacy policy
Google AdMob (Google LLC)Receives standard ad-request data including your AAID and ad slot details.policies.google.com/privacy
Firebase / Google (Google LLC)Remote Config receives the Firebase Installation ID and config request metadata.firebase.google.com/support/privacy
PostHog (PostHog Inc.)Receives anonymous performance metrics (see Section 6).posthog.com/privacy

We do not share data with data brokers. We do not sell user data.

6. Anonymous performance telemetry

When the “Anonymous performance telemetry” toggle is on (default), the app sends anonymous timing metrics to PostHog so we can detect performance regressions across releases.

What is sent

  • Metric names (e.g. tab.chats.focus, tab.vault.focus, chat-detail.firstPaint).
  • Numeric timings in milliseconds.
  • Boolean flags (e.g. cold_start: true).
  • A randomly-generated UUID created on first launch and stored on the device.
  • The app version and Android version.

What is never sent

  • Your name, phone number, email, or any account identifier.
  • The text or content of any captured message, status, or saved media.
  • The chatId, sender name, or any chat metadata.
  • The Android Advertising ID, IMEI, MAC address, or any other persistent device identifier.
  • Crash logs (those go to Google Play via the OS, not to PostHog).

Opting out

Settings → Privacy → “Anonymous performance telemetry” toggle. With telemetry off, the PostHog SDK no longer initializes for the rest of the session.

7. Permissions used by the app

PermissionWhy we ask
INTERNETRequired for AdMob, Firebase Remote Config, Firebase Analytics, and PostHog.
BIND_NOTIFICATION_LISTENER_SERVICE (granted via Settings → Notification access)Optional. Enables the Chat tab to capture WhatsApp / WA Business message previews and recover messages your senders deleted. The app reads notifications read-only — it never replies, marks read, or interacts with WhatsApp on your behalf.
POST_NOTIFICATIONSTo show daily reminder notifications (e.g. “New statuses to save”) and update-ready prompts.
READ_MEDIA_IMAGES, READ_MEDIA_VIDEO (Android 13+) / READ_EXTERNAL_STORAGE (older Android)To save status files into your Pictures folder so they appear in your phone’s Gallery.
WRITE_EXTERNAL_STORAGE (legacy Android only)Same as above on older Android versions.
Folder access via Storage Access Framework (one-time picker, not a manifest permission)To read the WhatsApp .Statusesfolder so you can preview / save statuses. The grant is scoped to that folder and revocable from Android’s “Files & media access” settings.
VIBRATESubtle haptic feedback when you save / delete media.
RECEIVE_BOOT_COMPLETEDRe-arms the daily reminder schedule after a phone reboot.
FOREGROUND_SERVICERequired by Android to host the Notification Listener Service.

We do not request: READ_CONTACTS, ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION, RECORD_AUDIO, CAMERA, READ_PHONE_STATE, SYSTEM_ALERT_WINDOW (the overlay permission was removed in v1.3.3), or any other sensitive permission.

8. Security

  • All third-party SDK traffic uses HTTPS / TLS.
  • All app data lives inside the Android per-app sandbox; no other app on your device can read it.
  • Because the app has no backend that stores your content, the typical “server breach” risk simply doesn’t exist for us. Your statuses, chats, and saved media never sit in our database.
  • Local data (SQLite, MMKV) is protected by the OS-level sandbox.

9. Your rights and how to request deletion

Depending on where you live, you may have rights including:

  • The right to access the personal data we process.
  • The right to correction of inaccurate data.
  • The right to erasure (“right to be forgotten”).
  • The right to restrict or object to processing.
  • The right to data portability.
  • The right to withdraw consent to processing based on consent.

To delete your data — choose one or both:

  • In-app:Settings → “Wipe All Local Data” — wipes the chat-history database (captured WhatsApp notifications), the saved-files index, and any cached chat-media thumbnails the app extracted from notifications. Note: this does not clear your app preferences (accent, theme, retention window, search history) or the SAF folder grants you’ve issued. To clear those too, use the next option.
  • Full clear via Android:Settings → Apps → Status Saver & Story Download → Storage → Clear data + Clear cache — wipes everything the app has stored, including preferences and folder grants.
  • To revoke folder access:Android Settings → Apps → Special app access → “Files and media access” → Status Saver & Story Download → Revoke.
  • To revoke notification access:Android Settings → Notifications → Notification access → Status Saver & Story Download → Off.
  • For data held by our SDK vendors off-device: email . The only off-device data is the AAID (AdMob), Firebase Installation ID (Remote Config), and the random PostHog UUID — none of which are tied to you personally. We will forward your erasure request to those vendors within 7 days.

10. Children’s privacy

Status Saver & Story Download is not directed at children under 13 (under 16 in the EEA). We don’t knowingly collect personal data from children. If you believe a child has used the app and you’d like the corresponding device’s data deleted, contact .

11. International users and legal basis

We process the limited data described above under:

  • GDPR (EU/EEA) and UK GDPR — Article 6(1)(f) legitimate interest for performance telemetry; Article 6(1)(a) consent for ad personalization (you can refuse the AdMob consent prompt that appears on first launch); Article 6(1)(b) necessary for the service for Remote Config.
  • India’s Digital Personal Data Protection Act, 2023 — processing limited to the purposes stated; the user can exercise rights via the contact email below.
  • CCPA / CPRA (California)— we do not “sell” or “share” personal data as those terms are defined.

If you’re in a region whose law gives you additional rights, you may exercise them by writing to .

12. Contact

For privacy questions, deletion requests, or to exercise any right above:

  • Email:
  • Acknowledgement: within 7 days of receipt.
  • Resolution: within 30 days of receipt (or sooner where law requires faster).

13. Changes to this policy

We may update this policy as the app evolves. When we do:

  • We’ll change the Effective date at the top.
  • Material changes will be highlighted in the app’s release notes.
  • Where the change expands what data is collected, we’ll seek fresh consent before collecting that new data.

The latest version of this policy is always available at hirenpaghadal.in/status-saver/privacy-policy.