Auditoria de rede
Verifique com Wireshark na sua própria rede. Listamos cada endpoint que qualquer app Cove acessa.
Os apps Cove rodam no dispositivo. A promessa de privacidade é: nenhum conteúdo gerado pelo usuário sai do seu celular. Abaixo está uma auditoria linha por linha de cada chamada de rede que qualquer app Cove faz — a única forma de verificar uma promessa de privacidade é enumerar o tráfego real.
- 5 tipos de chamada de rede
- 0 contêm conteúdo do usuário
- 4/5 podem ser desativadas
-
Initial model download
Sem conteúdo do usuário Necessário para o app funcionar- Finalidade
- Download the Google Gemma 4 E2B weights to your device the first time you open any Cove app. After this, every translation, photo analysis, voice transcription, and health question is computed locally.
- Quando acontece
- Once per app install. About 2.5 GB.
- Destino
models.covebase.app (Cloudflare R2 mirror of ai.google.dev/gemma)- Conteúdo do usuário
- Pure binary weight file. No identifiers in the request beyond a generic User-Agent and the file path.
- Como desativar
- Cannot be disabled — without the model, the app does nothing. You can verify the file by checking the SHA-256 listed on the download page.
-
Model update check
Sem conteúdo do usuário Pode ser desativado- Finalidade
- Once a week, the app checks whether a newer Gemma model is available. If yes, the user is prompted; the actual download only happens after the user taps Update.
- Quando acontece
- At most once per week, on app open.
- Destino
models.covebase.app/version.json- Conteúdo do usuário
- Request body contains the locally-installed model version string only. No translations, photos, or audio.
- Como desativar
- Settings → Updates → Disable automatic checks. Manual update check is still available.
-
Google Play Billing (Pro purchase)
Sem conteúdo do usuário Pode ser desativado- Finalidade
- When you buy Cove Pro, the Android system makes a billing call to Google Play. Cove receives a purchase token from Play and verifies the entitlement on-device. We do not run our own billing server.
- Quando acontece
- Only when the user explicitly initiates a Pro purchase or Restore Purchases flow.
- Destino
Google Play Services (system API; no direct HTTPS from Cove code)- Conteúdo do usuário
- Google Play Services handle the billing handshake. Cove receives a Play-issued purchase token; we do not see your card number or your Google account email.
- Como desativar
- Don't tap Buy Pro. The free tier never triggers this call.
-
Crash report (opt-in)
Sem conteúdo do usuário Pode ser desativado- Finalidade
- If the app crashes, and only if you opted in during onboarding, a stack trace plus device model and Android version is sent. This helps fix the bug; it is the only diagnostics traffic Cove makes.
- Quando acontece
- Only on a crash, and only if you opted in.
- Destino
crash.covebase.app (self-hosted Sentry instance)- Conteúdo do usuário
- Stack trace and breadcrumbs only. No translation text, photo bytes, voice audio, or health journal entries are included. Sentry is configured with PII scrubbing on the server side as a second guard.
- Como desativar
- Settings → Diagnostics → Crash reports off. Or simply skip the toggle during onboarding (off by default in EU regions).
-
Google Play app update (system)
Sem conteúdo do usuário Pode ser desativado- Finalidade
- When you have auto-update enabled in Google Play, the system downloads new Cove APK versions in the background. This is handled entirely by Google Play, not by Cove app code.
- Quando acontece
- Whenever Cove publishes a new version and your phone meets Play's auto-update conditions (Wi-Fi + power).
- Destino
play.google.com (Google Play system, not Cove)- Conteúdo do usuário
- This is Google Play system traffic and follows your Google Play settings, not Cove's. We list it here for completeness — to make clear we don't have a parallel update channel.
- Como desativar
- Google Play → Network preferences → Auto-update apps → Don't auto-update apps. Or update Cove only over Wi-Fi.