Privacy Policy

Introduction

Welcome to CredKeeper. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

Information We Collect

Personal Information

When you register for CredKeeper, we collect:

• Name: First and last name for account identification
• PIN: Securely hashed 6-digit PIN for authentication (we never store your PIN in plain text)
• Email Address: Optional, for account recovery and communication

Document Data

Information you choose to store in CredKeeper:

• Document images and PDFs
• Document metadata (titles, categories, expiry dates, tags, notes)
• Professional reference information (names, contact details, photos)

Biometric Information

If you enable biometric authentication (Face ID/Touch ID), we use your device's biometric sensors for authentication. We do not store or have access to your biometric data - this is handled entirely by your device's secure enclave.

Automatically Collected Information

• Device Information: Device type, operating system version
• Usage Data: App usage statistics, crash reports
• Subscription Data: Subscription status and transaction history

How We Use Your Information

We use your information to:

• Provide Services: Enable core app functionality including document storage, backup, and retrieval
• Authentication: Verify your identity when you log in
• Cloud Backup: Store your encrypted documents in secure cloud storage
• Account Management: Manage your subscription and account settings
• Communication: Send important updates, security alerts, and support responses
• Improve Services: Analyze app usage to improve features and fix bugs
• Security: Detect and prevent fraud, abuse, and security incidents

Data Storage and Security

Encryption

We take security seriously:

• All document files are stored encrypted in AWS S3 cloud storage
• Your PIN is securely hashed using industry-standard algorithms
• Sensitive data is stored in your device's secure keychain/keystore
• All data transmission uses TLS/SSL encryption

Data Location

Your data is stored in secure data centers operated by Amazon Web Services (AWS) in the Asia-Pacific region.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

Service Providers

• Cloud Storage: AWS S3 for encrypted document storage
• Payment Processing: Apple App Store for subscription management
• Analytics: RevenueCat for subscription analytics (anonymized data only)

Legal Requirements

We may disclose your information if required by law or to:

• Comply with legal obligations or valid legal requests
• Protect our rights, privacy, safety, or property
• Prevent fraud or security threats

Your Rights and Choices

Access and Control

You have the right to:

• Access: View all your stored documents and personal information
• Update: Modify your personal information at any time
• Delete: Remove documents or your entire account
• Export: Download your documents for personal use

Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you delete your account, we will delete your personal information and documents within 30 days, except where we're required to retain it by law.

Children's Privacy

CredKeeper is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Third-Party Services

Our app uses the following third-party services:

• Apple App Store: For app distribution and payment processing
• AWS S3: For encrypted cloud storage
• RevenueCat: For subscription management

These services have their own privacy policies. We recommend reviewing them:

• Apple Privacy Policy
• AWS Privacy Notice
• RevenueCat Privacy Policy

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to request deletion of personal information
• Right to non-discrimination for exercising your rights

International Users

If you are accessing CredKeeper from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using CredKeeper, you consent to this transfer.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy in the app
• Updating the "Last updated" date
• Sending you a notification (for significant changes)

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: privacy@credkeeper.app
Support: support@credkeeper.app

Your Consent

By using CredKeeper, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.