Privacy Policy

2FA Mobile Authentication App

1. Introduction

This Privacy Policy describes how the 2FA Mobile Authentication App ("we," "our," or "us") collects, uses, and protects your information when you use our mobile application.

By using our app, you agree to the collection and use of information in accordance with this policy. We are committed to protecting your privacy and ensuring the security of your personal information.

2. Information We Collect

2.1 Camera Access

Purpose: Our app requests camera permission to scan QR codes for setting up two-factor authentication with websites and services.

• When we access it: Only when you choose to scan a QR code during the setup process
• What we do with it: We use the camera to read QR codes containing authentication setup information
• Storage: We do not store, transmit, or save any camera images or video data
• Optional: Camera access is completely optional - you can manually enter setup codes instead

2.2 Biometric Authentication

Purpose: We use your device's biometric authentication (fingerprint, face recognition) to secure access to your 2FA codes.

• Local processing: All biometric authentication is processed locally on your device
• No transmission: We never transmit or store your biometric data
• Device security: Biometric data remains encrypted in your device's secure storage

2.3 Authentication Data

• 2FA Secrets: Encrypted authentication secrets stored locally on your device
• Account Information: Basic account details for your 2FA services (stored locally)
• App Preferences: Your app settings and preferences

2.4 Device Information

• Device ID: Anonymous device identifier for push notifications
• App Version: Version information for support purposes
• Operating System: Basic OS information for compatibility

3. How We Use Your Information

• Authentication: To generate and manage your 2FA codes
• Security: To provide secure access through biometric authentication
• Notifications: To send you push notifications about authentication events
• App Functionality: To provide core 2FA features and QR code scanning
• Support: To provide customer support and troubleshoot issues

4. Data Storage and Security

4.1 Local Storage

All your authentication data is stored locally on your device using:

• Encrypted Storage: All sensitive data is encrypted using industry-standard encryption
• Secure Keychain: Authentication secrets are stored in your device's secure keychain
• No Cloud Storage: We do not store your authentication data on external servers

4.2 Security Measures

• End-to-End Encryption: All data transmission is encrypted
• Local Processing: All cryptographic operations happen on your device
• Secure Communication: HTTPS/TLS for all network communications
• Regular Updates: We regularly update the app to address security vulnerabilities

5. Third-Party Services

5.1 Firebase Services

We use Firebase for:

• Push Notifications: To send you authentication alerts
• Analytics: Anonymous usage statistics to improve the app
• Crash Reporting: To identify and fix app issues

Firebase Privacy: Firebase data is subject to Google's privacy policy. We only send anonymous, aggregated data to Firebase.

6. Your Rights and Choices

• Camera Permission: You can deny camera access and use manual code entry instead
• Biometric Authentication: You can disable biometric authentication in app settings
• Push Notifications: You can disable notifications in your device settings
• Data Deletion: Uninstalling the app removes all local data
• Export Data: You can export your authentication data for backup purposes

7. Data Sharing

We do not sell, trade, or share your personal information with third parties, except:

• Legal Requirements: When required by law or legal process
• Service Providers: Anonymous data to Firebase for app functionality
• Your Consent: When you explicitly authorize sharing

8. Children's Privacy

Our app is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent and believe your child has provided us with personal information, please contact us.

9. International Users

If you are using our app from outside the United States, please note that your information may be transferred to, stored, and processed in the United States where our servers are located.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy in the app and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Information