Privacy policy

Introduction

The PayControl Application is provided and supported by SafeTech Ltd, a software developer of cybersecurity solutions. The company recognizes the importance of maintaining the confidentiality of the personal data of users of its services and applications.

For this reason, applications or software libraries developed by our Company collect information from iOS and Android devices only with the consent of the user.

Before installing and using the Application, please read this Privacy Policy carefully to understand the rules and practices regarding user information, as well as how it will be used and collected.

Downloading and using the Application in any part of it means your unconditional accept the terms set forth in this Privacy Policy.

Terms and definitions

Cookies are pieces of information that are used like anonymous unique identifier.

QR code is an optical mark containing a list of machine-readable information.

Biometric Authentication – the process of using Apple Touch ID / Apple Face ID / Android Biometry API technologies for gain access to certain functionality of a Mobile Device.

Key information is the unique keys of the Application User used to confirm transactions by the User.

Mobile device is a smartphone, mobile phone, tablet and other devices with Internet access and the Application installed.

Password is a secret word or a set of symbols (letters, numbers, signs) created in according with the security requirements defined in the Application.

Personal data is information related to a directly or indirectly identified or determined individual (User).

User is any adult, a fully capable individual, acting in his own interests, who wants to use the Application.

Application is PayControl application for iOS and Android operating systems, developed by SafeTech Ltd.

Information we collect

The application does not collect personal data or other confidential information of the User or cookies.

Anonymous statistical information is collected by the Application and used to make it work. It includes:

Information is collected only when the Application is running. In the background mode, no information, especially geolocation, is collected or transmitted.

Collection and use information

Permission to use the camera of the Mobile device is required to call it and is associated with the need to scan QR codes. QR codes are used to deliver information to a Mobile Device without manual input. The app and its libraries do not save or transmit the image, video or sound material obtained by capturing QR codes.

Location data is used by the Application solely in connection with the operation for which confirmation is performed and at the request of the information system that requested confirmation. The owner of the information system has the ability to enable or disable location determination, but the Application sends coordinates only along with confirmation data and only with the consent of the User. The owner of the information system can use the coordinates to analyze and reduce the risks associated with the operation for which confirmation is requested.

The Internet channel is used by the Application and its libraries exclusively for performing the main function. There is confirmation of the User's operations in various information systems. The information about the operations themselves is not saved by the Application and its libraries.

The data about the phone (SIM card, modem, etc.) are used by the Application exclusively for analyzing the immutability of the device from which the User performs confirmation. This data is necessary to analyze and reduce the risks of illegal execution of transactions in information systems.

The data about installed packages and session data are used by the Application exclusively for analyzing the protection level of the device, fraud detection and anti-fraud purposes, including unauthorized influence from other applications on the device.
This data is transferred to the information system to be analyzed and can be provided to partners in impersonalized state.

Third parties

Backup functions

If you would like to change the device that will be used the Application, you can use the data backup service that is integrated into our App (such as iCloud or Google Drive). In this case, the relevant services will receive the information that will be sent to them. This information does not contain any personal data of the user, but only key information data needed for recovery.

Thus, in case of the availability of a backup copy, the Application will only receive the access to those data required for key information recovery.

Please note, Google Drive and iCloud services are governed by their own terms of services and privacy policies, which you can read by clicking on the links below.

Google Drive Privacy Policy: https://policies.google.com/privacy

iCloud Privacy Policy: https://www.apple.com/legal/privacy/

Anti-fraud functions

The Application contains GroupIB_Mobile SDK library, which is a part of GroupIB Fraud Protection (https://www.group-ib.com/products/fraud-protection/).

GroupIB_Mobile SDK is activated by the owner of the information system only in case if GroupIB Fraud Protection is used in the information system. It's disabled by default.

GroupIB_Mobile SDK (if it's activated) collects and transmits to the information system following data:

The data is collected and transferred in impersonalized state only without linking to any personal data.

Data collecting, transferring and processing is done with anti-fraud purposes only.

Data security

The User's personal data is not stored or processed by the Application and its libraries.

To reduce the risk of illegal execution of transactions, Users are given the opportunity to additionally protect access to the implementation of confirmation of transactions with a Password or using Biometric Authentication. The method of protection is chosen directly by the User.

The User is advised to set and use a Password or Biometric Authentication to unlock the Mobile Device directly for additional security.

Account Deletion

The Application itself does not create accounts for a User. As described above, the Application does not collect personal data about a User, it works with non-personalized data like key information and anonymous statistical information.

However, this data is linked with an account in one or more information systems, that require transactions confirmations. In other words, a User creates an account in some information system, and this system links the Application with the account via non-personalized key information. As a result, the Application operates non-personalized data only.

To remove the key information in the Application and, consequently, remove linkage of the Application with account in information system, the User should

  1. 1. Open the Application
  2. 2. On the main screen tap on a key information record
  3. 3. Choose Remove option in the menu

This action will remove the key information from a mobile device and the Application, but will leave information (anonymous statistics and linkage data) in information system.

To remove a linked account in information system (it does not relate to Application) the User should contact this system’s owner and request account deletion.

Change to the Privacy policy

The Company reserves the right to change this Privacy Policy at any time and without prior warning the User.

The date of the last change to the Privacy Policy is indicated at the end of this paragraph. The user is responsible for periodically visiting this page of the Privacy Policy to check for any changes.

Further use of the Application by the User, after making changes to the Privacy Policy, is considered the unconditional acceptance of these changes by the User.

In this connection, please, sometimes check the Application for updates in the Privacy Policy.

In case of disagreement with changes in the conditions for the collection, processing and use of data, the User has the right to stop using the Application and remove the Application from the device.

Date of the last change of the Privacy Policy: 01/12/2023

Limitation on privacy policy

Privacy Policy applies only to the Application.

The company is not responsible for the operation of applications that use the PayControl library. The privacy policies of such applications should be described by their producer.

Contacting information

If you have any questions about Privacy Policy or working App, please, contact us by email: info@safe-tech.ru

SafeTech Ltd.

Address: Russian Federation, 123308, Moscow, 3rd Khoroshevskaya street, 18b1, 104