Privacy begins with the data flow

The simplest test is to follow a photo from the camera sensor to the saved file. Does composition happen on the phone? Is the result saved directly to the system library? Is any copy sent to a company server for processing, analytics, backup, or advertising?

Bothie composes front and rear views on the device. It does not require an account and does not operate a server that receives your photos or videos. That design removes an entire category of upload, retention, and remote-access risk.

Permissions should match visible features

A dual-camera app needs camera permission. It needs microphone permission only when you record video with sound, and photo-library permission only to save or select media. Permission prompts should appear in context, explain their purpose, and avoid requesting broader access than the feature requires.

Google Play’s prominent disclosure guidance requires sensitive-data use to be clear when it may not be obvious to a user. Its photo and video permissions policy also encourages narrow, task-appropriate access rather than broad library access where it is unnecessary.

On-device processing is meaningful—but verify the details

“On-device” should mean the actual photo or video composition occurs locally and the media does not need to leave the phone. It does not automatically tell you whether an app also uses analytics, crash reporting, advertising identifiers, or cloud accounts. Read the privacy policy and the store disclosure together.

Google Play’s Data safety requirements place responsibility on developers to disclose collection, sharing, security practices, and deletion options accurately. A trustworthy app should make those answers consistent across its product, store page, and policy.

Seven questions to ask before installing a camera app

  1. Can I use the camera without creating an account?
  2. Are photos or videos uploaded for processing?
  3. Does the app include advertising or cross-app tracking?
  4. Why does it request each permission?
  5. Can I revoke access and still control saved media?
  6. Does the privacy policy name the developer and a contact method?
  7. Do the store disclosures match the app’s actual behavior?

What Bothie stores locally

Bothie saves media only when you choose to save it. Anonymous capture-result, mode, and layout events may remain in on-device SQLite for reliability, for no more than 30 days or 5,000 events. Those records do not contain media, file paths, identity, contacts, location, advertising IDs, or persistent identifiers.

You control the system photo library and can delete saved media or revoke permissions at any time. Uninstalling the app does not delete photos or videos you already chose to save to the library.

Frequently asked questions

Does Bothie upload my photos or videos?

No. Composition, preview, and saving happen locally on the device.

Does Bothie require an account?

No. There is no account flow, social feed, advertising profile, or cross-app tracking.

Why does a camera app need photo access?

It may need limited access to save the photo or video you create. A privacy-first app should request only the access needed for that action and explain it clearly.