Last updated: June 22, 2026
AutoRelay (the app “SMS Forwarding: AutoRelay”, the “App”), operated by Sperar, a trade name of Oleg Polukeev (“Sperar”, “we”, “us”, “our”), is an Android application that forwards incoming SMS messages to user-configured destinations (webhooks, Telegram bots, email addresses). This Privacy Policy describes what data the App handles, how it is stored, and what choices you have.
The App is developed and maintained by Sperar. Contact: urbandevapp@gmail.com.
The App processes the following data on your device only:
READ_CONTACTS permission (off by default). The
lookup happens on-device against your address book; no contact data is
uploaded by the App. If permission is not granted, the App never reads your
contacts.The App does not collect your phone number, location, device identifiers, or any other personal information beyond what is listed above.
All data is stored locally on your device in the App’s private storage (Android sandbox), in a Room database encrypted with SQLCipher. This includes SMS message history and all forwarding destination configurations (webhook URLs, Telegram bot tokens, SMTP credentials). Data is protected both by Android’s application sandbox and by database-level encryption at rest.
The App does not upload, sync, or back up your SMS messages or destination configurations to any server operated by us.
When a new SMS arrives and matches your filter rules, the App forwards the message directly from your device to the destinations you have configured:
api.telegram.org) using the bot token you provide.We do not operate any intermediate server. Forwarded data travels directly from your device to the third-party services you choose. Those services have their own privacy policies and terms which apply to the data once it leaves your device.
The App itself does not include analytics SDKs, crash reporting services, advertising libraries, or any other third-party data collection. The only third-party services involved are those you explicitly configure as forwarding destinations (Telegram, your SMTP provider, your webhook endpoints).
The App requests the following Android permissions:
RECEIVE_SMS, READ_SMS — to receive and read
incoming SMS messages for forwarding. This is the App’s core function.INTERNET — to deliver forwarded messages to webhooks,
Telegram, and SMTP servers.FOREGROUND_SERVICE, POST_NOTIFICATIONS — to keep
the forwarding service running reliably and show its status in the
notification area.RECEIVE_BOOT_COMPLETED — to automatically resume forwarding
after your device restarts.READ_CONTACTS (optional, off by default) — to look
up the display name for an SMS sender in your address book and include it in
the forwarded payload and on-device history. You can enable or disable this
feature in the App’s settings; the App functions normally without it.The App does not request ACCESS_FINE_LOCATION or any other
sensitive permission unrelated to SMS forwarding.
We cannot delete your data on your behalf because no data is held on servers we control.
The App is not directed at children under 13 and is not designed to collect data from children.
The App stores all data in a SQLCipher-encrypted Room database, providing encryption at rest for SMS history and destination credentials. The Android sandbox additionally prevents other apps from accessing App storage without root access.
Network communications to webhooks, Telegram, and SMTP servers use the transport security configured by those services (typically HTTPS / TLS). You are responsible for the security of the destinations you configure (for example, using HTTPS webhooks rather than plain HTTP, and protecting your Telegram bot token and SMTP credentials).
If the App’s data handling practices change in any material way (for example, adding analytics or sending data to a server we operate), this policy will be updated and the change will be announced in the App or on our website before the change takes effect.
Questions about this Privacy Policy: urbandevapp@gmail.com.