Privacy Policy for SimplifyID

Effective date: May 17, 2026

This Privacy Policy explains how SimplifyID ("we", "our", "us") collects, uses, shares, stores, and protects data when authorized users use the SimplifyID mobile app.

1. App and Company Information

• App name: SimplifyID
• Company/organization: SimplifyID (replace with your registered legal entity name)
• Contact email: support@simplifyid.com (replace if needed)
• Account model: In-house app. Users cannot create accounts inside the app. Accounts are provisioned and managed by administrator(s) through a separate web portal.

2. Data We Collect

Depending on your workflow and account, we may collect and process:

• Account data: email address, OTP verification input, and authentication/session token.
• Device and app identifiers: hashed device identifier generated from platform device signals.
• Student profile data entered/fetched in the app, such as name, admission number, class/division, guardian name, date of birth, contact details, and related profile fields.
• Media data: student photos captured via camera or selected from device gallery.
• Operational metadata: order IDs, sync status, timestamps, and app state needed for offline and sync workflows.
• Files generated by the app: preview files and exports requested by authorized users.

3. Why We Collect Data

• To authenticate users and secure account access.
• To support admin-provisioned account access (no self-registration in the app).
• To provide core features for student photo capture, editing, organization, and syncing.
• To support offline-first operation and reliable retry-based synchronization.
• To protect data integrity and prevent unauthorized access.
• To provide support and resolve technical issues.

4. Data Sharing

We do not sell personal data.

Data is shared only when needed for service delivery, including:

• Your organization and its authorized administrators/operators.
• Our backend/API infrastructure used to store and process synced records.
• Legal authorities when required by law, regulation, court order, or valid legal request.

5. Third-Party SDKs and Services

The app uses third-party software components for app functionality (for example camera, image processing, secure storage, background tasks, and connectivity). Your Play Console Data Safety responses should include data collection done by those SDKs where applicable.

Based on the current project analysis, no Firebase Analytics, Crashlytics, advertising SDK, or payment SDK integration was found in active app code. Re-verify before each release.

6. Security

• Data in transit is sent over HTTPS/TLS to backend endpoints.
• Authentication tokens are stored in platform secure storage.
• Sensitive local operational data is stored in app-scoped local storage and encrypted workflow paths are used for photos.
• Screenshot prevention controls are implemented on supported platforms/screens.

No security system is 100% guaranteed.

7. Data Retention

• Local data remains on device until cleared by app actions, user actions, or app removal.
• Server-side retention is controlled by organizational policies and backend configuration.
• Authentication/session artifacts are retained for active sessions and rotated/cleared on logout or expiry.

8. Data Deletion

• Users can remove local app data by deleting records/photos in-app or uninstalling the app.
• Organizations may request backend deletion through support.
• For deletion requests, contact support@simpliid.com.

9. Children and Student Data

This app is intended for authorized institutional/business use. Where student data includes minors, institutions are responsible for obtaining required permissions/consents under applicable law.

10. Changes to This Policy

We may update this Privacy Policy periodically. Updates are effective when posted at this URL with a revised effective date.

11. Contact

Privacy and data requests: support@simpliid.com