Number 1 and 2 can be easily done, but can be circumvented if the user changes the system time on the device (hello Candy Crush). To prevent that you'd need to register to receive ACTION_TIME_CHANGED and perhaps ACTION_TIMEZONE_CHANGED and figure out how to react accordingly. Alternatively, you could obtain time from an external source, but that would increase the network needs of your app.
When an app is uninstalled, all of its internal files are deleted, so the first part of number 3 won't work. You could put the that flag file in external storage, but a minimally savvy user could easily find and delete it, unless you were crafty with the name and or permissions. But that's not really playing fair since the file would exist long after a user decided they didn't want your app anymore. The only reliable way to handle number 3 and have it survive reinstalls is to do as you suggested and use some sort of web based registration process.
A far better approach is probably to use Google Play Licensing. It allows try-before-you-buy and other approaches.