Privacy

What our tools collect

Dowser Labs products operate on packet headers, timing, and protocol-layer signals — the same surface a network observer already sees as your device communicates. Dowser Labs never captures, decrypts, or stores the content of messages, calls, files, or any other application payload.

What is observed and analyzed: source and destination IP addresses, port numbers, protocol identifiers, packet sizes and timing, TLS Server Name Indication fields, DNS query and response domains, and the metadata of session-establishment exchanges (such as STUN/ICE candidates used to negotiate voice and video calls).

Where data lives

Processing is on-device by default. Captured metadata, contact dossiers, and analytical reports are stored locally on the device that produced them. None of this captured data is transmitted to Dowser Labs at any point.

Exported reports (PDF, JSON, PCAP) leave the device only when the user explicitly exports and shares them.

A small number of narrowly scoped outbound network calls are described below — opt-in third-party data enrichment, user-initiated diagnostic tools, and a license-validation callback that will ship in paid releases. None of them transmits any of the captured data above.

Optional third-party data enrichment

To classify network endpoints, infrastructure, and related context, our tools can optionally query external intelligence services — IP-to-geolocation lookups and ASN / hosting-provider classification. Each such enrichment is opt-in, clearly labeled in the application's settings, and disabled by default. When enabled, only the minimum identifier needed for the lookup (the IP address) is sent to the relevant service — no other identifying information about you, your device, or your contacts is transmitted.

Any enrichment can be disabled at any time in the application's settings, in which case the tool falls back to fully local classification heuristics.

User-initiated diagnostic tools

The application's advanced settings include two diagnostic tools that the user can run on demand: a DNS-leak test and a connection speed test. Both connect only to 1.1.1.1 / speed.cloudflare.com respectively, only when the user explicitly taps to run them, and only for the duration of that single test. Neither transmits captured metadata, contact data, or any other application data; they exercise the network path itself.

License validation

Paid versions of our products will contact a license-validation endpoint operated by Dowser Labs to confirm that the license in use is still valid. The check is designed to transmit only the license token and a coarse product-and-version identifier. It will not transmit captured metadata, contact data, exported reports, device identifiers, or any IP address beyond what the network connection itself necessarily reveals to the receiving server. The validation cadence and exact endpoint will be documented publicly before this feature is activated.

This feature is not present in any build currently distributed. Beta and trial builds of SourceNote do not contact any Dowser Labs server at any point.

What we don't do

• No telemetry. The applications do not phone home with usage analytics, crash reports, or any other operational telemetry.
• No third-party analytics. Neither the applications nor this website include Google Analytics, Plausible, or any other tracking script.
• No cookies on this site beyond what your browser establishes. Dowser Labs does not set first-party cookies or read third-party cookies.

Contact

For privacy questions or concerns, email privacy@dowserlabs.com. For security disclosures, see Security.