CloudOTP Privacy Policy

Effective date: August 23, 2024

1. Information we collect

CloudOTP does not collect any of your personal information through the server backend. This application completely stores all users' token information, encryption keys, backup data and other sensitive information on your local device. You do not need to worry about personal information being transmitted to external servers when using this application.

2. Data storage and security

Local Storage: All sensitive data is saved on the user's device. Local storage includes but is not limited to your two-factor authentication tokens, encryption keys, app settings, etc. This means that data is not transmitted over the network, avoiding the potential risks posed by remote server storage.

Encryption Protection: We encrypt all sensitive data using the Advanced Encryption Standard (AES), ensuring that even if the data is physically accessed or stolen, it is difficult to decipher. The encryption key is set and managed by the user, and only you know and control it.

Access Control:

• Gesture Password: To prevent unauthorized access, CloudOTP provides a gesture password feature where users need to enter the correct gesture password to open the application.
• Database password: You can set a separate password for your local database to ensure that even if the device falls into the wrong hands, sensitive data stored in your application cannot be accessed.

3. Cloud backup

CloudOTP offers a variety of cloud backup options so users can recover data if their device is lost or replaced. You can choose to use WebDAV, Dropbox, Google Drive, OneDrive, S3 or Huawei Cloud for data backup.

Security of Cloud Backup:

• Data transmission encryption: When uploading backup data to the cloud, CloudOTP will encrypt the data to ensure that the data will not be obtained by unauthorized third parties during the transmission process.
• Cloud Service Provider Security Responsibilities: Although CloudOTP takes reasonable encryption measures, backup files are stored on the servers of your chosen cloud service provider, so you should know and trust which The security policies and measures of the chosen cloud service provider.

Risks of cloud backup:

• Account Security: We recommend that you set a strong password and enable two-factor authentication for your chosen cloud service account to prevent unauthorized access that could lead to backup data leakage.
• Data recovery security: When recovering data from the cloud, make sure you are in a secure network environment and protect your database password and gesture password during the recovery process.

4. Your privacy rights

Subject to applicable data protection laws, you have the following rights:

• Right of Access: You have the right to review the personal information we store about you. In CloudOTP, you have complete control over your data, stored on your device.
• Right of rectification: You can update or correct the information stored in the app at any time.
• Right to deletion: You have the right to delete data from your app at any time. Deleting the app will delete all data on the device.

5. Data retention

CloudOTP does not retain your personal data on any server or cloud. All data is stored only locally on your device. You can delete all data at any time through the app's settings interface, or by deleting the app.

6. Changes to this Privacy Policy

We may update this privacy policy from time to time. We will notify you of these changes within the app and post the updated privacy policy on our official website. Please check back regularly to stay informed of the latest privacy practices.

7. Contact us