Privacy Policy

Introduction

This Privacy Policy describes how Smartnet E-Inventory Mobile ("we," "our," or "the app") collects, uses, and protects your information when you use our mobile application. We are committed to protecting your privacy and ensuring transparency about our data practices.

Information We Collect

1. Account and Authentication Information

• Email address - Required for account creation and login
• Password - Encrypted and stored securely for authentication
• Authentication tokens - JWT access and refresh tokens stored locally on your device
• User profile information - Name, department, and other profile details associated with your account

2. Device Permissions and Data

The app requests the following permissions to provide core functionality:

Camera Permission

• Purpose: To take photos for user profiles, resource documentation, and inventory management
• When requested: Only when you choose to take a photo within the app
• Data collected: Photos you capture using the app's camera feature

Location Permissions (Fine and Coarse Location)

• Purpose: To enable GPS location tracking for resource placement and inventory management
• When requested: When you use features that require location services (e.g., placing location pins for resources)
• Data collected: GPS coordinates (latitude and longitude) when you choose to use location features
• Note: Location data is only collected when you explicitly use location-based features. We do not track your location in the background.

Storage Permissions

• READ_EXTERNAL_STORAGE: To allow you to select images from your device's photo gallery
• WRITE_EXTERNAL_STORAGE: To save images to your device (only on Android 9 and below)
• Purpose: To enable image selection and saving functionality
• Data collected: Images you select from your gallery or save to your device

Biometric Authentication

• USE_BIOMETRIC / USE_FINGERPRINT: To enable secure biometric authentication (fingerprint, face recognition, or device PIN/pattern)
• Purpose: To provide convenient and secure login authentication
• Data collected: Biometric data is processed locally on your device and is never transmitted or stored by our servers. We only use your device's built-in biometric authentication system.

Internet Permission

• Purpose: Required for network communication with our servers to sync data, authenticate users, and provide app functionality
• Data transmitted: API requests, authentication tokens, and app data necessary for functionality

3. App Usage Data

• Session information - Login sessions and authentication state
• User preferences - Language preferences and app settings

How We Use Your Information

We use the collected information for the following purposes:

1. Account Management: To create and manage your user account, authenticate logins, and maintain your session
2. Inventory Management: To enable resource tracking, location-based features, and inventory documentation
3. Photo Management: To allow you to attach photos to resources, profiles, and inventory items
4. Security: To provide secure authentication through biometric features and encrypted token storage
5. App Functionality: To provide core features such as ticket management, resource tracking, and floor plan viewing
6. User Experience: To remember your preferences and provide a personalized experience

Data Storage and Security

Local Storage

• Authentication tokens are stored securely on your device using platform-specific secure storage:
  • Android: SharedPreferences with private mode
  • iOS: NSUserDefaults
• Credentials (when "Remember Me" is enabled) are stored locally on your device
• Photos taken or selected are stored locally on your device
• Location data is stored temporarily in local memory and only transmitted when you explicitly save location information

Security Measures

• All authentication tokens are encrypted and stored securely
• Passwords are never stored in plain text
• Biometric authentication is handled entirely on your device using the device's secure hardware
• Network communications use secure HTTPS connections
• We use industry-standard security practices to protect your data

Data Transmission

• Data is transmitted to our servers only when necessary for app functionality
• All API communications are encrypted using HTTPS/TLS
• Authentication tokens are included in API requests for secure authentication

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

1. Service Providers: With trusted service providers who assist in operating our app (e.g., cloud hosting, analytics) under strict confidentiality agreements
2. Legal Requirements: When required by law, court order, or government regulation
3. Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)

Third-Party Services

The app uses the following third-party services:

• Google Play Services Location API - For location services on Android devices
• Android Credential Manager - For secure credential storage on Android
• UCrop Library - For image cropping functionality

These services may have their own privacy policies. We encourage you to review them.

Your Rights and Choices

1. Access: You can access your account information through the app's profile section
2. Correction: You can update your profile information at any time
3. Deletion: You can request deletion of your account and associated data by contacting us
4. Permission Control: You can grant or revoke app permissions at any time through your device settings
5. Biometric Authentication: You can choose to use or disable biometric authentication in the app settings
6. Location Services: You can disable location permissions at any time through your device settings (note: location-based features will not work if disabled)

Children's Privacy

Our app is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Data Retention

• Authentication tokens: Retained until you log out or they expire
• Account information: Retained for as long as your account is active
• Photos: Stored locally on your device; you can delete them at any time
• Location data: Only stored temporarily in memory; not retained unless you explicitly save it

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the app
• Updating the "Last Updated" date at the top of this policy
• Providing in-app notifications for significant changes

Your continued use of the app after changes become effective constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: info@dotlambda.io
• Address: Gaspina Mlinica 10, 21231 Klis, Croatia
• Website: dotlambda.io

Permissions Summary

For your reference, here is a summary of all permissions requested by the app:

All optional permissions are only requested when you use features that require them. You can deny any optional permission, though some features may not be available if you do.