Privacy Policy - Aliox Player

Last Updated: June 10, 2026

Aliox Player ("the app", "we", "our") respects your privacy. This Privacy Policy explains what information the app accesses, why that information is used, and how you can remove local information generated by the app.

1. Scope of This Policy

Aliox Player is a music player for Android. The app can play local files from your device and, when you choose to connect an account or server, can also access music stored in compatible cloud services such as Microsoft OneDrive, WebDAV, FTP, and FTPS.

The app does not operate its own server to store your music library.

2. Information the App Accesses

Aliox Player accesses only the information required to build your library and play your music:

• File metadata: file names, identifiers, sizes, file types, folder structure, artist, album, track title, track number, and cover art when available.
• Audio content: music files read for playback, offline download, or metadata extraction.
• Local library data: library index, playlists, favorites, cached artwork, technical sync history, and files downloaded for offline use inside the app.
• Access credentials: authentication tokens stored locally in encrypted app private storage when supported by the Android version on your device.
• WebDAV connection data, when configured: server URL and credentials provided by you to access your own server, Nextcloud, ownCloud, or compatible service.
• FTP/FTPS connection data, when configured: server address, port, username, password, and remote paths provided by you to access your server.

3. Use of Microsoft OneDrive

When you connect OneDrive, sign-in is handled through the Microsoft identity platform. Aliox Player requests permissions such as Files.Read, User.Read, offline_access, openid, and profile to:

• authenticate your Microsoft account;
• list files and folders in your OneDrive;
• identify audio files and artwork;
• play music directly from OneDrive;
• download music for offline playback when you request it;
• keep the connection active without asking you to sign in every time.

The app uses read access for your OneDrive library. It is not designed to sell, share, publish, modify, or delete files from your OneDrive.

Your use of OneDrive is also subject to the Microsoft Privacy Statement: https://www.microsoft.com/privacy/privacystatement.

4. How We Use Information

Information accessed by the app is used to:

• display your music library inside the app;
• play local audio files, OneDrive files, or files from connected WebDAV, FTP, or FTPS servers;
• organize your library by artists, albums, playlists, and other views;
• extract and display metadata and artwork;
• enable offline playback for files you choose to download;
• keep the player experience stable in the background.

5. Data Sharing

We do not sell your data or transfer your music library to third parties.

Metadata and downloaded files remain on your device, in the app's private storage. Authentication tokens are used only to access the cloud provider you explicitly connect.

When you use OneDrive, Microsoft Graph, WebDAV, Nextcloud, ownCloud, FTP, FTPS, or another connected provider, your requests also pass through those services and are subject to their respective terms and privacy policies.

6. Retention and Deletion

Aliox Player keeps local data only as long as needed for the app to function or while you keep your library configured.

You can remove local data at any time by:

• disconnecting the cloud account in the app;
• deleting offline downloads;
• clearing the app's data in Android settings;
• uninstalling the app.

When you disconnect an account or server, the app removes locally stored credentials associated with that provider. Deleting data inside OneDrive, WebDAV, Nextcloud, ownCloud, FTP, FTPS, or another connected service must be done directly in that service.

7. Security

The app stores cloud credentials in encrypted Android private app storage when supported by the Android version on your device. OneDrive and WebDAV account connections require HTTPS. FTPS encrypts FTP control and data connections with TLS. Plain FTP is also supported, but it does not encrypt credentials, file metadata, or audio data in transit; use it only with a server and network you trust, and prefer FTPS when available. DLNA/UPnP playback and device control may use unencrypted HTTP on your local network because that is how many local media devices communicate. However, no method of digital transmission or storage is completely immune to risk.

8. Children

Aliox Player is not directed to children and does not knowingly collect children's data. If you believe a child has provided data to the app without appropriate consent, please contact us so we can help with removing local data.

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in the app, supported providers, or legal requirements. The "Last Updated" date will change when the policy is revised.

10. Contact

If you have questions about this Privacy Policy, please contact alioxplayer@proton.me or open an issue on the project's official GitHub repository.