Privacy Policy

Effective date: January 19, 2026
This Privacy Policy describes how Privacy Control - 2FA (the “App”) and the website privacy2fa.com (“we”, “us”, “our”) handle information. We built Privacy Control - 2FA to be privacy‑first.

1. What this policy covers

   This policy covers (a) the mobile App, including features like QR scanning and manual account setup, and (b) our public website pages. It explains what information may be processed, why it is processed, and the choices you have. If you do not agree with this policy, please do not use the App.

2. Information we do not collect

   We are committed to minimizing data. We do not collect or store the following:

   • Your name, address, phone number, or government identifiers.
   • Your email address (unless you contact support and voluntarily provide it).
   • Your browsing history or the content of your internet traffic.
   • The secrets behind your 2FA tokens (shared secrets), the codes they generate, or screenshots of your accounts list.
   • Your precise GPS location.
   • Advertising identifiers for tracking, and we do not build profiles for ads.

   The App is designed so that your authentication data remains on-device. We do not operate a user account system that requires you to sign up.

3. Information processed on your device (local processing)

   To provide core functionality, the App processes certain information locally on your device:

   • 2FA token data you add (e.g., issuer name, account label, and the secret you imported). This stays on-device.
   • Camera input when you scan a QR code. The camera feed is used only to decode the QR code and is not uploaded to us.
   • App preferences (e.g., UI settings) stored locally to improve your experience.

   If your device provides additional protection methods (e.g., passcode, biometrics, device encryption), we recommend enabling them.

4. VPN feature and network data

   The App may offer an optional VPN connection. When enabled, a VPN routes your device’s network traffic through a secure tunnel. We do not collect your browsing history, DNS queries, or the content of your communications.

   Like any VPN experience, certain technical data may be processed transiently by your device and network components to establish a connection (for example, negotiation data needed to connect, and the server you choose). This is necessary to deliver the service. We do not use this data to identify you.

   We do not monetize by selling user data. We focus on keeping the service functional while keeping data collection minimal.

5. Payments and subscriptions (Apple)

   The App may include paid subscriptions and free trials. Purchases are processed by Apple using your Apple ID. We do not receive your full payment card details.

   Apple may provide us with limited information necessary to operate subscriptions (such as whether you have an active subscription, the subscription product, and the country/region associated with the storefront). This information is used only to unlock premium access in the App.

6. Support communications

   If you email us at support@privacy2fa.com, we will receive the information you include in your message (such as your email address and problem description). We use this information only to respond and provide support. Please avoid sending sensitive information like 2FA secrets.

7. Analytics, tracking, and advertising

   We do not use third‑party advertising SDKs to track you across apps and websites. We do not sell personal information. We do not run behavioral advertising based on your activity.

   In some cases, Apple and your device may generate diagnostic information (for example, crash logs) that you can choose to share with developers through Apple’s mechanisms. If such sharing is enabled by you, it is provided under Apple’s terms and settings. We do not request additional analytics beyond what is needed to keep the App stable.

8. Data retention

   Because the App is built around local processing, most data is stored on your device and under your control. Support emails are retained only as long as necessary to resolve your request and for reasonable record‑keeping. We do not maintain large datasets about users.

9. Children’s privacy

   The App is not directed to children under the age of 13 (or the minimum age in your country). We do not knowingly collect personal information from children. If you believe a child has provided us information via support email, please contact us and we will delete it.

10. Security

    We take reasonable steps to protect the App and the limited information we may process. However, no method of electronic storage or transmission is 100% secure. You are responsible for keeping your device secure and for controlling access to your authentication data.

11. Your rights and choices

    Depending on where you live, you may have rights to access, correct, or delete personal information. Since we generally do not collect personal data, many of these rights can be exercised directly on your device by removing accounts or uninstalling the App. If you contacted support, you can request deletion of your support emails by writing to us.

12. International users

    The App may be used worldwide. If you contact support, your email may be processed in locations where our support team operates. We apply this policy regardless of where you are located.

13. Changes to this policy

    We may update this policy from time to time to reflect improvements, legal requirements, or product changes. The “Effective date” at the top indicates the latest revision. If changes are material, we may provide additional notice in the App or on our website.

14. Contact us

    For privacy questions, requests, or concerns, contact: support@privacy2fa.com