Introduction
Ultimate File Manager Pro is an independent Android application and is not affiliated with, authorized, sponsored, or endorsed by the Ultimate File Manager project for Windows (ultimatefilemanager.pl) or any other product using a similar name. All other product names and trademarks are the property of their respective owners.
KiloWatch is committed to protecting your privacy. This Privacy Policy explains what information we collect when you use Ultimate File Manager Pro, how we use it, and how we keep it safe.
By using the app, you agree to the practices described here. You can download the app on the Google Play Store ↗
Information We Collect
🔵 Stored Locally on Your Device Only
The following data is saved on your device and never leaves it. We have zero access to any of this:
| Data Type | Purpose | Where It Lives |
|---|---|---|
| Vault PIN (hashed) | Secure access to encrypted files | Android SharedPreferences |
| Vault Recovery Code (hashed) | Account recovery if PIN is forgotten | Android SharedPreferences |
| Vault Metadata | List of your encrypted folders & files | App private storage |
| Encryption Keys | AES-256-GCM encryption for the Vault | Android Keystore (hardware-backed) |
| App Preferences | Theme, sort settings, view preferences | Android SharedPreferences |
| File Server Profiles | Configurations (username, directory, hashed password) for the hosted File Server | App private storage |
| Network Share Credentials | Connecting to your SMB/FTP shares (host, username, password) | App private storage |
| Paired Device Info | Device name, ID, and IP for device pairing | App private storage |
| Shizuku Authorization State | Status of the elevated access grant from the Shizuku Manager app | App private storage |
| ADB Authentication Keys | RSA keys and certificates generated for secure ADB connections | App private storage |
| TV Screenshots | Screenshots captured from a paired TV via ADB | Your phone's local Pictures/Screenshots folder |
| Sync Profiles | Local folder path and remote path for each Folder Sync profile | App private storage |
| Cloud Storage Tokens (Google Drive, OneDrive, Dropbox) | OAuth access tokens that allow the app to communicate with your cloud storage accounts on your behalf. Stored securely in the app's private storage and never transmitted to our servers. | App private storage (encrypted) |
| S3 / S3-Compatible Storage Credentials (AWS S3, MinIO, IDrive E2, etc.) | Access Key ID and Secret Access Key that you enter to connect to an S3-compatible storage endpoint. Stored locally in the app's private storage and used only to authenticate requests to the endpoint you configured. | App private storage |
| Indexed File Metadata (SQLite/Room) | Metadata (names, sizes, dates) for fast browsing and search — manageable via Settings -> Storage Indexer | App private storage |
| Language Selection (Cookie) | A cookie (ufm_lang) remembers your language choice throughout the session and across browser restarts | Web browser storage |
We have no access to your PIN, recovery code, encryption keys, or any files stored in your Vault — ever.
☁️ Google User Data — Google Drive API
When you connect your Google Drive account, Ultimate File Manager Pro accesses your Google user data exclusively to perform the specific file management actions you request. The following table details exactly what is and is not accessed:
| Data Type | When It Is Accessed | Purpose |
|---|---|---|
| File & Folder Metadata (name, size, MIME type, modification date, Drive ID) | When you browse your Google Drive within the app | Displaying your Drive contents in the file browser |
| File Binary Content | Only when you explicitly open, download, upload, copy, move, or sync a file | Performing the specific file operation you requested |
| OAuth Access Token & Refresh Token | Stored locally after you sign in to Google Drive | Maintaining your authenticated session without requiring repeated sign-ins |
We do not access your Gmail, Google Contacts, Google Calendar, Google Photos (outside of Drive), Google Docs content beyond file operations, or any other Google service data. Only the minimum Drive file data required for your requested action is ever accessed.
📊 Collected via Firebase Analytics (Anonymous)
We use Google Firebase Analytics to collect anonymous data to improve the app. This includes:
| Data Type | Purpose |
|---|---|
| Device Information | Device model, OS version, screen size |
| App Usage Data | Features used, session length, crash reports |
| General Location | Country/region based on IP (not your precise location) |
Firebase operates under Google's Privacy Policy. Analytics data is never linked to your personal identity. You can opt out in your device settings.
☕ Processed via Google Play Billing (Optional Tips Only)
When you make an optional Tip Jar purchase, Google Play processes the transaction. We never see your card, bank details, or personal payment information. We do temporarily receive:
| Data Type | Purpose |
|---|---|
| Purchase token | Verifying and consuming the purchase on-device |
| Product ID purchased | Triggering the in-app thank-you message |
This data is handled entirely on-device and is never stored on our servers or linked to your identity. Google's handling of payment data is governed by Google's Privacy Policy ↗.
❌ What We Never Collect
- Your files, documents, photos, videos, or any media
- Your Vault contents or encryption keys
- Your PIN or recovery code
- Your precise location
- Your contacts, messages, or call logs
- Personal identification information (name, email, phone number)
- Any Google account data beyond what you explicitly request in the file browser
Anonymous purchase tokens from Google Play Billing are temporarily processed on-device to confirm your tip — they are never stored by us and are not linked to your identity.
How We Use Your Information
✓ Local Data Is Used To
- Authenticate access to the Encrypted Vault
- Encrypt and decrypt your private files
- Remember your preferences and settings
- Store authentication tokens for seamless access to your linked cloud storage accounts
- Use elevated access (Shizuku/ADB) for managing system-protected files in restricted directories
- Process, create, and extract archives (ZIP, 7Z)
- Create and maintain file indexing for fast browsing and search (manageable via Settings -> Storage Indexer)
- Provide core app functionality
✓ Analytics Data Is Used To
- Understand how features are used
- Identify and fix bugs and crashes
- Improve features and user experience
- Make informed development decisions
Google Drive user data — including file metadata and file content — is used exclusively to perform the file management action you explicitly request (browsing, uploading, downloading, moving, copying, deleting, or syncing files). This data is never used for analytics, advertising, profiling, AI model training, or any purpose other than delivering the file management feature you requested.
Permissions & Why We Need Them
📂 Storage Permissions
| Permission | Android Level | Why It's Needed |
|---|---|---|
| MANAGE_EXTERNAL_STORAGE | API 30+ | Full file management across all storage |
| READ_EXTERNAL_STORAGE | Below API 33 | Legacy file access on older devices |
| WRITE_EXTERNAL_STORAGE | Below API 29 | Legacy file modification on older devices |
| READ_MEDIA_IMAGES | API 33+ | Access and manage your photos |
| READ_MEDIA_VIDEO | API 33+ | Access and manage your videos |
| READ_MEDIA_AUDIO | API 33+ | Access and manage your audio files |
✓ We Use Storage Access To
- Browse and display your files
- Copy, move, rename, and delete files
- Encrypt and decrypt Vault files
- Share files with other apps
✕ We Never
- Upload your files externally
- Share files with third parties
- Read file contents for any purpose other than the action you requested
🌐 Network Permissions
| Permission | Why It's Needed |
|---|---|
| INTERNET | Enables remote file management, SMB/FTP/SFTP/SCP network share access, cloud storage access (Google Drive, OneDrive, Dropbox), folder sync, device pairing, and ADB Terminal connections |
| ACCESS_WIFI_STATE | Displays your local IP address for remote access |
| ACCESS_NETWORK_STATE | Detects active network and VPN status for Remote Management and network shares |
| CHANGE_WIFI_MULTICAST_STATE | Enables local network device discovery (NSD/mDNS) for device pairing |
The Remote Management server, File Server hosting, SMB/FTP/SFTP/SCP network share connections, folder sync, device pairing, and ADB Terminal connections all operate on your local Wi-Fi network only. Remote Management and FTP servers use unencrypted protocols; SFTP and ADB Terminal connections use secure, encrypted protocols on your network. Cloud storage APIs securely communicate with Google, Microsoft, and Dropbox external servers over encrypted HTTPS connections. No other data is transmitted to external servers.
🖥️ ADB Terminal & Device Discovery
When you use the ADB Terminal feature, the app scans your local network subnet for Android Debug Bridge (ADB) services. This scan attempts to connect to up to 254 IP addresses on your local network across three ADB service ports (5555, 5037, and 5038). Devices that respond to these connection attempts are marked as available for pairing. No personal data is collected — only device connectivity information is used to build the list of available devices.
When you first use ADB Terminal, the app generates a unique 2048-bit RSA certificate on your device. This certificate is used to authenticate your device when connecting to other Android devices in Developer Mode. The certificate is stored locally on your device only and is never transmitted to external servers or cloud services. You have full control over this certificate.
| Permission | Why It's Needed |
|---|---|
| moe.shizuku.manager.permission.API_V23 | Allows communication with the Shizuku Manager for elevated file access |
| RECEIVE_BOOT_COMPLETED | Allows Shizuku services to start automatically on boot for immediate availability |
| REQUEST_IGNORE_BATTERY_OPTIMIZATIONS | Allows you to opt-in to keeping Shizuku active in the background for reliable performance |
| POST_NOTIFICATIONS | Alerts you when file operations finish or storage is low |
| REQUEST_INSTALL_PACKAGES | Allows installation of APK files you choose |
| QUERY_ALL_PACKAGES | Lists installed apps for the App Manager feature |
| FOREGROUND_SERVICE / FOREGROUND_SERVICE_DATA_SYNC | Runs Folder Sync and file transfers as a foreground service so they complete reliably even when the screen is off |
| WAKE_LOCK | Keeps the CPU and Wi-Fi active during large file transfers so they complete reliably even when the screen turns off |
| BLUETOOTH / BLUETOOTH_CONNECT | Connects to your paired Android TV to act as a Bluetooth keyboard and mouse for remote control |
| VIBRATE | Provides haptic feedback when pressing buttons on the TV Remote |
Data Security
🔒 Vault Encryption
The Encrypted Vault uses military-grade encryption to protect your files:
| Detail | Specification |
|---|---|
| Algorithm | AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode) |
| Key Storage | Android Keystore — hardware-backed secure storage |
| Key Size | 256-bit |
| Authentication | User-defined PIN |
If you forget both your PIN and recovery code, your encrypted data is permanently inaccessible — not even we can recover it. Please keep these stored somewhere safe.
📱 Local Data Protection
- All local data is stored in the app's private storage area — other apps cannot access it.
- Your PIN is hashed before storage — we never see it in plain text.
- Network share credentials are stored in the app's private storage and are never transmitted externally.
- OAuth tokens for Google Drive, OneDrive, and Dropbox are stored in the app's private storage and are never transmitted to our servers or any third party.
- S3 / S3-Compatible access credentials (Access Key ID and Secret Access Key) are stored in the app's private storage and are used exclusively to authenticate requests to the endpoint you configured — they are never transmitted to our servers.
- Security procedures are in place to protect the confidentiality of all locally stored data.
- All data is automatically deleted when you uninstall the app.
🌐 Remote Management Security
- PIN-protected access — only people you authorise can connect.
- Session-based authentication on every connection.
- Operates on your local network only — no external internet access.
- The server shuts down automatically when you exit the Remote Management screen.
Google API Services — Limited Use Disclosure
When you connect your Google Drive account to Ultimate File Manager Pro, the app accesses your Google user data only to provide and improve the file management features you use directly within the app. Our use of Google user data is strictly limited as described below.
✅ Permitted Uses of Google User Data
- Browsing your Drive: Fetching file and folder metadata to display your Drive contents.
- Uploading files: Sending a local file to your Drive when you explicitly request it.
- Downloading files: Retrieving a Drive file to your device when you explicitly request it.
- Moving & copying files: Performing Drive-side file operations you explicitly initiate.
- Deleting files: Removing Drive files you explicitly select for deletion.
- Folder Sync: Synchronising a local folder with a Drive folder according to the sync profile you configured.
🚫 Prohibited Uses — We Never Use Google User Data For
- Targeted, personalised, retargeted, or interest-based advertising
- Selling to data brokers or providing to information resellers
- Determining creditworthiness or for any lending purposes
- Training artificial intelligence or machine learning models
- Creating user databases or profiles unrelated to file management
- Any data-mining, scraping, or aggregation for external purposes
- Transferring Google user data to any third party for any reason other than providing or improving the app's file management features, or as required by law
Ultimate File Manager Pro requests only the minimum Google Drive permissions necessary to perform the file management actions you choose. We never request access to your Gmail, Google Contacts, Google Calendar, or any other Google service data.
Data Sharing & Third Parties
We do not sell, rent, trade, transfer, or disclose your personal information or Google user data to any third party for any purpose not directly related to providing Ultimate File Manager Pro's file management features — full stop. Google user data is never used for advertising, data brokering, AI model training, or any other prohibited purpose.
Third-Party Services We Use
| Service | Provider | Purpose |
|---|---|---|
| Firebase Analytics | Google LLC | Anonymous usage analytics — Privacy Policy ↗ |
| Google Play Services | Google LLC | App distribution, updates, and in-app reviews — Privacy Policy ↗ |
| Google Play Billing | Google LLC | Processes optional in-app tip purchases (purchase tokens only, on-device) — Privacy Policy ↗ |
| Microsoft OneDrive API | Microsoft Corporation | Authenticates and processes user requests for Microsoft OneDrive integration — Privacy Statement ↗ |
| Google Drive API | Google LLC | Authenticates and processes user-initiated file management requests for Google Drive integration — Privacy Policy ↗ |
| Dropbox API | Dropbox, Inc. | Authenticates and processes user requests for Dropbox integration — Privacy Policy ↗ |
| AWS S3 / S3-Compatible APIs (e.g. AWS S3, MinIO, IDrive E2) | Amazon Web Services & compatible providers | Authenticates and processes user-initiated file management requests for S3-compatible cloud storage. The app communicates directly with the S3 endpoint you configure (which may be self-hosted or third-party). Governed by the privacy policy of the respective S3 provider you choose — AWS Privacy Policy ↗ |
When you choose to open or share a file with another app — including via the Storage Access Framework (SAF) document provider — that app's own privacy policy governs what it does with the file.
We may also disclose information if required by law, court order, or government request, to the extent permitted by applicable law. We do not transfer or disclose your personal information or Google user data to third parties for purposes other than those described in this Privacy Policy.
How Long We Keep Data
| Data Type | How Long It's Kept |
|---|---|
| Local App Data | Until you uninstall the app |
| Vault Encryption Keys | Until you uninstall the app |
| Indexed File Metadata | Until deleted via Settings -> Storage Indexer, or until app uninstallation |
| Google Drive / OneDrive / Dropbox OAuth Tokens | Until you disconnect the account in Settings, or until app uninstallation. You may request deletion at any time by disconnecting the account from within the app. |
| S3 / S3-Compatible Access Credentials | Until you remove the S3 profile in Settings, or until app uninstallation. |
| Firebase Analytics Data | 14 months (Google's default retention period) |
All locally stored data — including OAuth tokens and encryption keys — is permanently deleted when you uninstall the app. You may also clear all app data at any time via Android Settings → Apps → Ultimate File Manager Pro → Storage → Clear Data. We will retain your personal information only for the length of time needed to fulfil the purposes outlined in this Privacy Policy.
Your Rights
You are in control of your data. Here's what you can do at any time:
- Access your locally stored data directly through the app.
- Delete Vault data by removing items from the Vault.
- Manage and delete indexed file metadata via Settings -> Storage Indexer.
- Disconnect your Google Drive, OneDrive, or Dropbox account at any time to revoke access and delete stored OAuth tokens.
- Remove your S3 / S3-Compatible storage profiles at any time via Settings to delete the stored access credentials.
- Export your files using the share or copy features.
- Opt out of Firebase Analytics in your Android device settings.
🗑️ How to Delete All App Data
Open Android Settings and go to Apps.
Find and tap Ultimate File Manager Pro.
Tap Storage → Clear Data, or simply uninstall the app.
Clearing data or uninstalling will delete your Vault PIN, recovery code, and encryption keys — making any Vault contents permanently inaccessible. Make sure you've decrypted everything you want to keep first.
Children's Privacy
Ultimate File Manager Pro is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.
If you are a parent or guardian and believe your child has provided personal information, please contact us and we will take steps to remove it.
International Users
Ultimate File Manager Pro is developed in South Africa by KiloWatch. If you're using the app from another country, please note that any information may be processed in South Africa or in countries where our third-party service providers (like Google) operate.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we'll update the date at the top and post the revised version here. For significant changes, we'll also notify you in-app. Continuing to use the app after changes means you accept the updated Policy.
Google Play Policy Compliance
This app is built to meet Google Play's standards. Here's how each permission maps to core app functionality:
| Permission | Core Feature It Enables |
|---|---|
| Storage Permissions | File browsing and management |
| Network Permissions | Remote file management, hosting local File Servers, SMB/FTP/SFTP/SCP network shares, and device pairing over local Wi-Fi |
| Network State | VPN detection for Remote Management and network share connectivity |
| Multicast | Local network device discovery (NSD/mDNS) for device pairing |
| Notifications | Operation completion alerts and storage warnings |
| Install Packages | APK installation from local storage |
| Query Packages | App Manager feature |
| In-App Reviews | Google Play In-App Review API for collecting user feedback |
| Archive Support | Process, create, and extract ZIP and 7Z archives locally |
| Storage Indexer | Provides fast browsing and search via local metadata indexing (SQLite/Room) — managed via Settings -> Storage Indexer |
| Elevated Access (Shizuku) | Advanced file management in restricted system directories via the Shizuku API |
| ViewPager2 | Sliding between fragments and layouts in the user interface |
| APNG Support | Decoding and rendering of animated PNG files via APNG4Android core library |
| Lottie Animations (v6.3.0) | Renders smooth UI animations throughout the app via the Lottie library (com.airbnb.android:lottie) |
Before requesting any sensitive permission, the app clearly explains why it's needed, how it will be used, and that you can deny it (with some features becoming unavailable as a result).
Contact Us
If you have any questions or concerns about this Privacy Policy or how your data is handled, please reach out:
- Developer: KiloWatch
- App: Ultimate File Manager Pro
- Country: South Africa
- Email: support@kilowatch.co.za