Privacy Q&A for Mobile App


As part of the delivery of a mobile application to be published by a customer, Gemalto has to provide the following information to the customer: 

1- Device & App history

 Does the App allow to view one or more of information about activity on the device, which apps are running, browsing and bookmarks?

NO 

2- Location

Does the App use the device's location: Approximate location (network based)

Precise location: GPS and network based? 

NO  

Does the App notify and obtain user consent before collecting, transmitting or using location data?

NO   

3- Identity 

Does the App find account on the device, add or remove accounts?

NO   

4- Photos/media/files 

Does the App uses one or more of: files on device such as images, videos or audio, the device's external storage?

NO   

5- Wi-Fi connection information 

Does the App allow to view information about wi-fi networking, such as whether wi-fi is enabled and names of connected devices?

NO   

6- Device ID & Call information 

Does the App allow to determine the phone number and device IDs, whether a call is active and the remote number connected by a call?

NO  

Does the App also records and transmits anonymized network performance data for analysis by Analytic Engine. This data is used for the purpose of assessing network quality of service issues. No personally identifiable information is recorded or transmitted, including no key press information, no contact information, etc.?

NO   

7- App description 

IdCloud Auth POC sample app is a "sample application" to showcase Gemalto Mobile Protector product and IdCloud Authentication service 

8- App Permissions

Does the App require access to certain systems within your device? When you install an application, you are notified of all of the following permissions required to run that application: Camera, FaceID

Camera is used to scan QRCode for user registration

Camera, FaceID can be used for user authentication use case

9- Encryption

Does the App send data over unencrypted (HTTP) or an encrypted (HTTPS) connection?

Encrypted (HTTPS) connection

10- Explain why the data are being collected, when and for what purpose

We do not collect personal data

11- Do you assign an appropriate rating to the App?

NO  

12- Can the App be downloaded by children?

YES. But it requires a registration credentials from Gemalto.

13- Does the App comply will all the terms and conditions explained in the Apple iOS Human Interface Guidelines?

YES

14- Does the App use trademark, service mark or images of Google, apple, BlackBerry or other market store owners?

NO