๐Ÿ”’ Privacy Policy

AI SMS Forwarder โ€” forward SMS to multiple phone numbers & email with AI voice filters.

๐Ÿข AI Future Gen Pvt Ltd ๐ŸŒ Global Coverage ๐Ÿ“… Effective: 24 April 2026 ๐Ÿ”„ Last updated: 4 July 2026

โœจ 1. Introduction

Welcome to AI SMS Forwarder. Your privacy is not a feature we bolt on โ€” it is the foundation of how this app works. This Privacy Policy explains what information the app processes, why, how long it stays around, and the choices you have. It applies to users worldwide.

๐Ÿ’š Our core promise: if you do not use AI voice filtering or email forwarding, no SMS content leaves your device. Everything happens locally on your phone.

๐Ÿข 2. Who We Are

๐Ÿท๏ธ Data ControllerAI Future Gen Pvt Ltd
๐ŸŒ Websitetoolsforoffice.com
๐Ÿ“ง Contactcontact@toolsforoffice.com
๐Ÿ“ฑ AppAI SMS Forwarder (Google Play)

๐ŸŽฏ 3. Scope of this Policy

This Policy covers the AI SMS Forwarder Android application, our website at toolsforoffice.com, and any supporting backend services we operate for this app (collectively, the "Service"). It does not cover third-party services that you choose to integrate (e.g., OpenAI, your own SMTP provider, your carrier) โ€” those are governed by their own policies.

๐Ÿ“ฅ 4. Data We Collect

We design the app to collect as little as possible. The table below shows the full picture.

CategoryWhatWhere it livesWhy
๐Ÿ“จ SMS contentSender, body, timestamp of received SMSOn your device (local). Only sent to our servers if you enable cloud AI or email forwarding.Match your filters and forward
๐Ÿ”ข Recipient phone numbersNumbers you configureOn your deviceOutbound SMS forwarding
โœ‰๏ธ Recipient emailsAddresses you configureOn your device; transmitted with the forwarded content through our SMTP relay at send-time onlyEmail forwarding
๐ŸŽ™๏ธ Voice recordingsRecordings you make to create voice-based filter rulesOn-device if you use Android transcription; on our server if you use Backend AITurn speech into filter logic
๐Ÿ”‘ OpenAI API keyThe key you save in PreferencesOn your device, encryptedCall OpenAI directly from your phone
๐Ÿ”Œ Webhook / API endpointThe POST or WebSocket URL (and any auth headers/tokens) you configureOn your device, encrypted; SMS content sent directly to this URL at send-time onlyAdvanced/developer SMS forwarding to your own backend
๐Ÿ’ณ Wallet & billingPurchase history, top-ups, usage countsOur servers (for paying users)Run your wallet & plan
๐Ÿงพ Account identifiersEmail, device ID, app versionOur servers (for paying users)Authentication & support
๐Ÿ“Š DiagnosticsCrash logs, non-identifying performance dataOur serversKeep the app stable
๐Ÿงญ What we never collect: contacts list, call logs, photos, location, browsing history, microphone audio outside of voice-filter recording, or any data from apps other than SMS.

๐Ÿ› ๏ธ 5. How We Use Your Data

๐Ÿ“ฒ 6. On-Device vs Cloud Processing

๐ŸŸข Stays on device (no data leaves you)
  • SMS filtering by date, keyword, sentence, sender, OTP
  • Phone-to-phone SMS forwarding
  • Voice filter built with Android on-device transcription
  • OpenAI API calls made using your own key (go direct to OpenAI, not through us)
๐ŸŸฃ Sent directly to your own endpoint
  • Webhook (HTTP POST) forwarding to a URL you configure
  • WebSocket forwarding to a URL you configure
  • Goes straight from your device to your endpoint โ€” never through our servers
๐Ÿ”ต Uses our servers
  • Email forwarding (we relay via SMTP)
  • Backend AI voice filter (we transcribe/parse on our servers)
  • Wallet and billing
  • Crash & diagnostic reporting

๐Ÿค– 7. AI & Voice Commands

The app offers two ways to turn your spoken instruction (e.g., "forward any SMS from my bank to my wife and my email") into a working filter rule:

๐Ÿ—ฃ๏ธ Option A โ€” Android on-device transcription (free)

Your phone does the speech-to-text locally. The audio never reaches our servers.

โ˜๏ธ Option B โ€” Backend AI (paid, higher accuracy)

The audio is streamed to our server, transcribed, and converted into a filter rule. The audio is processed in memory and the rule is returned to your device. We do not keep the raw audio beyond the processing window (see Retention below), and we do not use your audio to train models.

๐Ÿ”‘ Your own OpenAI key

If you save an OpenAI API key in Preferences, calls go from your phone to OpenAI directly โ€” we do not see the key or the responses. Alternatively you can add money to our wallet and we bill you per API request, or enroll in a monthly plan.

โœ‰๏ธ 8. Email Forwarding (SMTP)

When you enable email forwarding, matched SMS content is transmitted from your device to our SMTP relay over TLS. We send the email to the recipient(s) you configured and then discard the body within 24 hours. We log only minimal metadata (timestamp, destination domain, delivery status) to operate the service and bill correctly.

โš ๏ธ Email delivery relies on third-party mail servers you do not control (Gmail, Outlook, corporate servers, etc.). Once the email is accepted by a recipient server, its retention is governed by that server.

๐Ÿ”Œ 9. Webhook & API Forwarding (Advanced Developers)

For advanced/developer users, the app offers an optional feature to forward matching SMS directly to a custom HTTP POST endpoint or WebSocket URL that you configure โ€” for example, your own Node.js backend or internal service.

๐Ÿงญ Direct device-to-endpoint transmission. When you use this feature, SMS content is sent directly from your device to the URL you specify. It is not routed through, inspected, or stored on AI Future Gen Pvt Ltd's servers.

๐Ÿ” Your responsibility

You choose the destination, so you are responsible for its security and legitimacy. We recommend using HTTPS/WSS and authenticated endpoints. Any credentials, tokens, or headers you configure for this feature are stored encrypted on your device and used only to authenticate requests to the endpoint you set up.

๐Ÿšจ Before you enable this: if you installed this app, or are configuring this feature, because someone else told you to โ€” over a phone call, chat, or remote-assistance session โ€” stop and do not proceed. This is a common pattern used in scams to intercept OTPs and banking SMS. We display this same warning in the app before you can turn on webhook/API forwarding. Never point this feature at an endpoint that was given to you by someone else.

Because this feature transmits content to a destination outside our control, Section 17 (Disclaimers & Limitations) applies in full โ€” we cannot see, moderate, or secure data once it reaches your configured endpoint.

๐Ÿ’ณ 10. Billing, Wallet & API Keys

โณ 11. Data Retention

Data typeRetention on our servers
๐Ÿ“จ Forwarded SMS content (email path)Less than 24 hours, then permanently deleted
๐ŸŽ™๏ธ Voice recordings (Backend AI)Less than 24 hours, then permanently deleted
๐Ÿ”Œ Webhook/WebSocket forwarded contentNot retained by us โ€” sent directly device-to-endpoint, never stored on our servers
๐Ÿงพ Wallet / billing recordsAs long as required by tax and accounting law (typically 7 years in India)
๐Ÿ“Š Crash & diagnostic logsUp to 90 days
โœ‰๏ธ Support emailsUp to 24 months
๐Ÿ’š The <24-hour rule applies to private SMS/voice content. We do not keep copies beyond that window.

๐Ÿค 12. Data Sharing

We do not sell your personal information. Ever. We share data only with:

๐Ÿ”— User-configured third-party destinations. SMS messages matching user-defined filters may be transmitted to user-configured webhook (HTTP POST) endpoints, WebSocket endpoints, email servers, or AI processing services selected by the user. The application owner does not control, review, or store data sent to third-party destinations chosen by the user except as required to provide the service.

๐Ÿ›ก๏ธ 13. Security Measures

โš ๏ธ No system is 100% secure. We provide strong safeguards, but we cannot and do not guarantee that our systems, or the networks between them and you, will always be free from compromise. See Section 16.

๐ŸŒ 14. International Data Transfers

Our primary data processing takes place in India. When you use Backend AI or email forwarding, your data may transit through servers located in other regions (including the EU and the United States) operated by our infrastructure providers. Where required, we rely on lawful transfer mechanisms โ€” for EU/UK users, Standard Contractual Clauses (SCCs) and the UK Addendum; for other regions, the mechanisms recognised under local law.

โš–๏ธ 15. Your Rights by Region

Regardless of where you live, you can always email contact@toolsforoffice.com to access, correct, or delete your data, withdraw consent, or close your account. Below are the additional rights granted by the main privacy laws around the world.

๐Ÿ‡ช๐Ÿ‡บEuropean Economic Area & United Kingdom โ€” GDPR / UK GDPR

Rights of access, rectification, erasure, restriction, portability, objection, and to lodge a complaint with your Supervisory Authority (e.g., the ICO in the UK, the CNIL in France). Our lawful bases are contract, legitimate interests, consent (for AI voice & marketing), and legal obligation.

๐Ÿ‡ฎ๐Ÿ‡ณIndia โ€” DPDP Act 2023

Right to access, correction, erasure, grievance redressal, and nomination. You may contact our Grievance Officer at contact@toolsforoffice.com.

๐Ÿ‡บ๐Ÿ‡ธUnited States โ€” CCPA/CPRA (California), and state equivalents (VA, CO, CT, UT, TX)

Right to know, delete, correct, opt-out of sale/sharing, limit use of sensitive personal information, and non-discrimination. We do not sell or share personal information as those terms are defined under CCPA.

๐Ÿ‡จ๐Ÿ‡ฆCanada โ€” PIPEDA & Quebec Law 25

Access, correction, withdraw consent, and file a complaint with the Office of the Privacy Commissioner of Canada.

๐Ÿ‡ง๐Ÿ‡ทBrazil โ€” LGPD

Confirmation, access, correction, anonymisation, portability, deletion, and to lodge a complaint with the ANPD.

๐Ÿ‡ฒ๐Ÿ‡ฝMexico & LATAM

ARCO rights (Access, Rectification, Cancellation, Opposition) under the Federal Law on Protection of Personal Data (LFPDPPP).

๐Ÿ‡ฏ๐Ÿ‡ตJapan โ€” APPI

Right to disclosure, correction, discontinuance, and a complaint to the PPC.

๐Ÿ‡ฐ๐Ÿ‡ทSouth Korea โ€” PIPA

Access, correction, deletion, suspension of processing, and complaint to the PIPC.

๐Ÿ‡จ๐Ÿ‡ณChina โ€” PIPL

Right to know, decide, access, copy, correct, delete, and to object. Cross-border transfer conditions apply.

๐Ÿ‡ธ๐Ÿ‡ฌSingapore โ€” PDPA

Access and correction, withdraw consent, and complaint to the PDPC.

๐Ÿ‡น๐Ÿ‡ญThailand โ€” PDPA

Access, rectification, erasure, restriction, portability, objection, and complaint to the PDPC.

๐Ÿ‡ฆ๐Ÿ‡บAustralia & New Zealand โ€” Privacy Act / IPPs

Access, correction, and complaint to the OAIC (AU) or OPC (NZ).

๐Ÿ‡ฟ๐Ÿ‡ฆSouth Africa โ€” POPIA

Access, correction, objection, and complaint to the Information Regulator.

๐Ÿ‡ฆ๐Ÿ‡ชUAE, Saudi Arabia & GCC

Rights under the UAE PDPL, Saudi PDPL, and equivalent laws โ€” access, correction, deletion, objection.

๐Ÿ‘ถ 16. Children's Privacy

AI SMS Forwarder is not directed at children under the age of 16 (or the age of digital consent in your country, whichever is higher). We do not knowingly collect data from children. If you believe a child has provided us data, please contact us and we will delete it.

โš ๏ธ 17. Disclaimers & Limitations

๐Ÿ”ด Wrong recipient risk. If you configure the wrong phone number or email, your SMS โ€” including OTPs and other sensitive content โ€” may be forwarded to the wrong person. You are solely responsible for verifying recipients. AI Future Gen Pvt Ltd cannot be held responsible for loss, harm, or unauthorized access arising from incorrect recipient configuration.

๐Ÿ”ด Webhook/API forwarding risk. If you configure SMS forwarding to a custom webhook (HTTP POST) or WebSocket endpoint โ€” especially one you did not set up yourself, or that was provided to you by a third party โ€” you are solely responsible for that destination's security, legitimacy, and handling of your data. Configuring this feature at someone else's instruction is a known scam pattern used to intercept OTPs and banking SMS; the app warns you about this before the feature can be enabled. AI Future Gen Pvt Ltd cannot be held responsible for data intercepted, misused, or lost once it reaches an endpoint you configured. Note that this app will mandatorily push to the Webhook these data: from(received from) ,sms body,msg received time, battery percent, forwarding time, IMIE1 hash, mobile number on which received. If any of those data deems private, kindly don't use this app

๐Ÿ”ด Security incidents. Although we implement industry-recognised safeguards, no system is immune to compromise. To the maximum extent permitted by law, we cannot be held liable for losses arising from hacking, unauthorized access, or compromise of our systems, your device, your email provider, your carrier, your configured webhook/WebSocket endpoint, or the networks between them.

๐Ÿ”ด Third-party services. OpenAI, SMTP providers, your own webhook/API backends, mobile carriers, and operating system vendors all have their own policies. We are not responsible for their acts or omissions.

Nothing in this Policy excludes liability that cannot be excluded under applicable law (for example, liability for gross negligence, willful misconduct, or death/personal injury under local consumer laws).

๐Ÿ”„ 18. Changes to this Policy

We may update this Policy to reflect new features, legal requirements, or operational practices. When we make material changes, we will notify you through the app or by email before the change takes effect. The "Last updated" date at the top of this page always reflects the current version.

๐Ÿ“ง 19. Contact Us

๐Ÿข CompanyAI Future Gen Pvt Ltd
๐Ÿ“ฌ Email (general & privacy)contact@toolsforoffice.com
โš–๏ธ Governing lawIndia (without prejudice to the mandatory rights users have in their home country)

For all data requests, please include your app account email and the country you reside in so we can route your request correctly.