FireTap
Privacy Policy
Last updated: 18 July 2026
True Solutions (“we”, “us”) publishes FireTap (the “App”), an independent third-party Firebase administration client for iOS. FireTap is not affiliated with, endorsed by, or sponsored by Google LLC.
The short version
- We do not operate a FireTap backend that receives your Firebase or Google Cloud project data. Traffic goes device ↔ Google.
- We do not create FireTap accounts. You sign in with Google.
- We do not sell data, show ads, or use third-party analytics or tracking SDKs.
- Google Sign-In tokens stay in the on-device Keychain managed by the Google Sign-In SDK.
- Disconnecting FireTap revokes this app’s Google access and removes the local session. That does not delete your Google account.
Information the App accesses
Google account identity
Name, email, and avatar from Google Sign-In so you can see which account is connected. Shown on your device only; not transmitted to True Solutions servers (we do not operate one for this purpose).
Firebase / Google Cloud project data
Read (and, when you explicitly unlock writes and confirm, modified) directly via Google APIs under the OAuth scopes you approve. Never routed through or stored by True Solutions.
On-device preferences
Pinned projects, environment labels, recently viewed destinations, appearance, App Lock, Safe Mode defaults, and similar settings in `UserDefaults` on your device.
Local encrypted audit trail
A record of administrative actions you perform in FireTap (for example create, update, delete). Entries are encrypted on device and include action type, project/resource identifiers, and redacted descriptors (such as field *names* or JSON shape/size). They do not store document field values, Realtime Database payloads, custom-claim values, access tokens, or FCM tokens.
StoreKit purchase information
FireTap Pro is a one-time non-consumable In-App Purchase processed by Apple (`com.truesolutions.firetap.lifetime`). Entitlement state is read from StoreKit on your device. We do not receive your payment card details.
Diagnostics
FireTap does not ship a third-party crash or analytics SDK. OS-level logs on your device may include non-sensitive operational messages; FireTap redacts tokens and sensitive query values from its own logging helpers.
What we collect on our servers
Nothing related to your Google account or Firebase project contents. The App has no FireTap-operated customer-data backend.
Authentication
Sign-in uses the official Google Sign-In for iOS SDK (OAuth 2.0 Authorization Code + PKCE). FireTap never sees or stores your Google password and never imports service-account keys. There is no OAuth client secret in the iOS app (public iOS client).
Data sharing
We do not share your project data because we do not receive it. Data is exchanged between your device and Google under your authorization. See Google’s Privacy Policy for how Google processes it.
Retention and deletion
- Google Sign-In session material remains until you Sign out, Disconnect, Delete Local Credentials, or uninstall.
- Disconnect revokes FireTap’s Google grant (when the revoke call succeeds) and clears the local session.
- Delete Local Credentials removes the local Google Sign-In session without attempting Google revocation — use Disconnect to revoke.
- Uninstalling removes local preferences and the encrypted audit trail from the device (subject to normal iOS backup behavior).
- None of these actions delete your Google account or your Firebase project data in Google Cloud.
Children’s privacy
FireTap is intended for developers and administrators and is not directed to children under 13.
Changes
We may update this policy. The “Last updated” date will change when we do.
Contact
Email: support@firetap.app
Security reports: security@firetap.app
Publisher: True Solutions