ZMatrix Network Intelligence Privacy Policy

March 1, 2026
Android (Google Play)
March 1, 2026

1. Introduction & Scope

This Privacy Policy describes how ZMatrix Network Intelligence ("ZMatrix," "the App," "we," "us," or "our") collects, uses, and protects information when you use our Android application, available on the Google Play Store. ZMatrix Network Intelligence is developed and operated by Halonex.

ZMatrix is a personal cybersecurity toolkit that provides Email Breach Monitoring, local network scanning, IP Intelligence, and a personalized Security Score — all designed with a privacy-first architecture.

By downloading, installing, or using ZMatrix, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of the App immediately.

The Human Summary

ZMatrix is built to protect your privacy, not compromise it. Your email addresses are cryptographically hashed before any external query — your raw data never leaves your device. We collect the absolute minimum needed to deliver the service, and nothing more.

2. Information We Collect

ZMatrix adheres to a strict data minimization philosophy. We categorize the information involved in the App's operation as follows:

  • Email Addresses (Hashed): When you add email addresses for breach monitoring (up to 5), your email is converted into a SHA-1 hash on-device before any external API request is made. Your raw email address is never transmitted to any third-party server.
  • Local Network Data: The Network Scanner discovers devices on your local Wi-Fi subnet, identifying IP addresses, open ports, and running services. This data is processed entirely on-device and is never transmitted externally.
  • Public IP Metadata: The IP Intelligence feature retrieves publicly available metadata about your current IP address, including WHOIS data, DNS records, reverse DNS, hosting provider, ASN, and RDAP information. This is queried from public registries and is not personally identifiable.
  • Security Score: Your Security Score is computed locally on your device based on breach results and resolution status. It is not transmitted to or stored on any external server.
  • Search History: Past scan results and queries are stored locally on your device to allow you to review previous findings. This data remains on-device at all times.
  • Widget Data: Home Screen Widgets display Security Score, Email Monitoring status, Network Status, and IP Intelligence summaries. All widget data is sourced from locally stored information and does not involve additional network requests beyond the App's standard operations.

The Human Summary

We never see your actual email addresses. They are hashed on your device before anything is sent externally. Network scans stay entirely on your phone. Your search history and security score never leave your device.

3. Information We Do Not Collect

We want to be explicit about the data we do not collect, access, or store:

  • Personal Identity Data: We do not collect your name, physical address, phone number, or any government-issued identifiers.
  • Account Credentials: We never request, store, or transmit passwords or authentication tokens for any of your accounts.
  • Contacts or Calendar Data: ZMatrix does not access your contacts, calendar, photos, or any other personal data stored on your device.
  • Location Data: We do not access GPS, Bluetooth-based location, or any other precise or coarse location data. Note: Android may require location permission to perform Wi-Fi network scans — this is an operating system requirement, not a data collection practice. ZMatrix never reads, stores, or transmits your geographic location.
  • Tracking or Advertising Data: We do not use the Android Advertising ID (AAID), device fingerprinting, or any cross-app/cross-site tracking technologies.
  • Usage Analytics: We do not employ third-party analytics SDKs (such as Google Analytics, Firebase Analytics, or similar) or collect behavioral usage metrics.

4. How Your Information Is Used

All information processed by ZMatrix serves a single purpose: delivering the cybersecurity features you explicitly initiate. Specifically:

  • Breach Detection: Hashed email prefixes are sent to breach-monitoring APIs to check whether your credentials appear in known data breaches. Results are displayed in-app and cached locally for your review.
  • Network Analysis: Local network scan data is used exclusively to render device information on-screen. It is processed in real-time and stored only in your local scan history.
  • IP Enrichment: Your public IP address is queried against public registries to retrieve metadata. This is a standard, publicly available lookup and does not expose any private data.
  • Security Score Computation: Your score is derived algorithmically on-device from the number of unresolved breaches associated with your monitored emails.

We do not use your information for marketing, profiling, selling to third parties, or any purpose beyond the functionality described above.

5. Third-Party Services

ZMatrix interacts with external services solely to deliver its core features. These interactions are limited and privacy-preserving:

  • Breach Database APIs: Hashed email data (specifically, partial k-anonymity hash prefixes) are sent to breach-monitoring services to check for credential exposure. The full hash is never transmitted — only a prefix — ensuring the service cannot determine your email address.
  • Public IP Registries: Standard lookups against WHOIS, DNS, and RDAP registries are performed to enrich your IP intelligence view. These are publicly accessible databases and the queries do not expose personal information.
  • Google Play Services: ZMatrix may use Google Play Services for in-app purchases (if applicable) and widget rendering. These services are governed by Google's Privacy Policy.

We do not integrate any third-party advertising networks, social media SDKs, or analytics platforms.

6. Data Storage & Security

ZMatrix is architected so that the vast majority of data never leaves your device:

  • On-Device Storage: Email addresses (in their original form), scan results, breach reports, security score, and search history are all stored locally on your device using Android's application-sandboxed internal storage, inaccessible to other applications.
  • Network Transmissions: All external API requests are encrypted via TLS 1.3. Only the minimum data required (hash prefixes for breach checks, IP address for intelligence lookups) is transmitted.
  • No Server-Side Storage: Halonex does not operate backend servers that store your personal data. We have no user database, no account system, and no cloud storage of your information.
  • Google Backups: Data stored by ZMatrix on your device may be included in your Google account backups (via Android Auto Backup), subject to your device's backup settings and Google's backup encryption policies. You can manage or disable this in your Android Settings under Backup.

The Human Summary

Everything stays on your phone. We don't run servers that store your data. When we do send a request to check for breaches, it's encrypted and only contains a partial hash — not your actual email.

7. Your Rights & Controls

You have full control over all data within ZMatrix. The following actions are available to you at any time:

Delete Monitored Emails
Remove any or all tracked email addresses and their associated breach data from the App.
Clear Search History
Erase all locally stored scan results and past queries.
Clear App Data
Use Android Settings > Apps > ZMatrix > Clear Data to wipe all stored information without uninstalling.
Uninstall & Purge
Uninstalling ZMatrix removes all locally stored data entirely from your device.

Because ZMatrix does not maintain any server-side user data, deleting the App (or clearing its data) constitutes a complete and irreversible erasure of all information associated with your use of the service.

Under applicable data protection regulations including the GDPR and the CCPA, you have the right to access, correct, delete, and port your personal data. Given our architecture, these rights are inherently satisfied — you hold all data locally and can delete it at will.

8. Children's Privacy

ZMatrix Network Intelligence is not directed at children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. Since ZMatrix does not collect personal data, create user accounts, or require registration, there is no mechanism through which a child's data would be stored or processed.

If you believe a child has provided personal information through the App, please contact us and we will take immediate steps to investigate and address the concern.

9. Device Permissions

ZMatrix requests only the permissions strictly necessary for its core functionality:

  • INTERNET: Required to perform breach lookups against external APIs and to retrieve IP intelligence data from public registries.
  • ACCESS_NETWORK_STATE: Required to determine the current network connection type and status for the Network Scanner and IP Intelligence features.
  • ACCESS_WIFI_STATE: Required to retrieve local Wi-Fi network information for the Network Scanner feature.
  • ACCESS_FINE_LOCATION (Android 8.0+): Required by the Android operating system to perform Wi-Fi network scans. ZMatrix does not read, store, or transmit your geographic location. This permission is used exclusively to satisfy Android's system-level requirement for Wi-Fi scanning. You can revoke this permission at any time in Settings, though the Network Scanner feature will be unable to function without it.

ZMatrix does not request access to your camera, microphone, contacts, photos, SMS, call logs, storage (beyond its own sandbox), or any other sensitive device capabilities.

10. Data Retention

All data generated by ZMatrix is stored locally on your device for as long as you choose to retain it. You may clear scan history and remove monitored emails at any time from within the App.

Upon uninstallation of ZMatrix (or clearing app data via Android Settings), all locally stored data is permanently deleted in accordance with standard Android data management behavior. Because we operate no backend infrastructure that stores user data, there is no residual data on our end to retain or delete.

11. Google Play Data Safety

In accordance with Google Play's Data Safety requirements, we provide the following declarations:

  • Data Shared: ZMatrix does not share any user data with third parties.
  • Data Collected: ZMatrix does not collect any personally identifiable data. Email addresses are hashed on-device before any external transmission.
  • Security Practices: All data in transit is encrypted. All data at rest is stored within Android's application sandbox.
  • Data Deletion: Users can delete all data by clearing app data or uninstalling the application.

The Human Summary

When Google Play asks us what data we collect about you, the honest answer is: effectively none. Your emails are hashed before they leave your device, and everything else stays local.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the App's functionality, legal requirements, or our operational practices. When we make material changes, we will:

  • Update the "Effective Date" and "Last Updated" dates at the top of this document.
  • Provide notice through the App or the Google Play Store listing, where appropriate.
  • Archive previous versions of this policy for your reference.

Your continued use of ZMatrix after any changes to this Privacy Policy constitutes your acceptance of the revised terms.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or ZMatrix's data practices, please contact us:

We are committed to resolving any privacy-related inquiries promptly and transparently.

The Human Summary

Have a question about your privacy? Reach out to us at [email protected]. We take every inquiry seriously and will respond as quickly as possible.