Google Play Store

Privacy Policy

August 15, 2024

 

COMPANY

Company Name: XTec, Incorporated

Privacy Point of Contact:

              Name: Randy Debasa
              Email: mobileapps@xtec.com

APPLICATION PRIVACY POLICY:

Application Name: AuthentX ID

Application ID: com.xtec.authentxid

Relevant Application Privacy Features and Permissions:
This Application DOES NOT directly collect any personal or sensitive information from Users while accessing the application.

However, the Application uses the mobile device’s camera to scan a QR Code displayed by an associated website that is accessed by the User with an external PC browser. The QR Code does not contain any personal information. The QR Code links the Application to website services that facilitate downloading Digital Certificates to the User’s mobile device.

The Digital Certificates may contain personal User data, e.g., Name and Email Address.

Users must be pre-enrolled with the website services to use the Application and obtain Digital Certificates. The website may contain User personal information. However, Privacy Polices for the website are out of scope of the Application.

The Digital Certificates may be used by other applications (e.g., browsers) on the User’s device in order to access and authenticate to any external websites or online services supporting the Digital Certificates.

Once the Digital Certificates are provisioned to the Application, the User may use the Application’s features to either:

·       Install the Digital Certificates in the Android OS native Keystore, OR

·       Transfer the Digital Certificates to external partner mobile applications.

The native Android OS Keystore and partnering mobile applications are subsequently responsible for all Privacy Policies related to the Digital Certificates.

While the Application possesses the Digital Certificates, they are stored in the Application’s protected Keystore, which cannot be accessed by external applications.

Subsequently, the User may elect to remove the Digital Certificates from the Application, in which case the Application deletes and clears the Digital Certificates from the Application’s Keystores.

Personal or Sensitive Information / User Data:

The Application DOES NOT directly collect any personal or sensitive information from Users while using the Application.

Secure Data Handling Procedures for Personal and Sensitive User Data:

Since the Application does not directly collect any personal or sensitive information about Users, “Secure Handling Procedures” of such data is not applicable nor relevant, other than the handling of Digital Certificates, as explained above. That is, while the Application possesses any Digital Certificates, they are maintained in the OS-protected, Application-specific Keystore, which cannot be accessed by external applications on the User’s mobile device.

Data Retention and Deletion Policy:

Since the Application does not directly collect any personal or sensitive information about users, “Data Retention and Deletion” of such data is not applicable or relevant, other than the handling of Digital Certificates, as explained above. That is, if the User elects to remove any Digital Certificates, the Application deletes and clears the Digital Certificates from the Application Keystore.