PIWIPE Phone Privacy Policy

This Privacy Policy explains what data the PIWIPE Phone Android application, developed by ProİMHA (Tekniknokta Bilişim), collects, how we use that data, and your rights as a user.

1. Who We Are

The PIWIPE Phone Android app is developed and operated by ProİMHA — Tekniknokta Bilişim, based in İstanbul, Türkiye. For privacy questions related to the Android app, contact info@piwipe.com.

2. Data We Collect

• Account data: your email address and authentication identifier, created via Firebase Authentication when you sign in.
• Wipe operation data: device model, device identifier (where permitted by Android), storage size, selected wipe method, start/end timestamps, result status, and the generated wipe certificate. These records are stored in Cloud Firestore and Firebase Storage to provide an auditable proof of data erasure.
• Diagnostic data: anonymous crash reports and stability information via Firebase Crashlytics, used solely to fix bugs and improve stability.
• Local device storage: authentication tokens are stored on your device using Android Keystore via flutter_secure_storage.

PIWIPE Phone does NOT collect:

• Your contacts, SMS messages, call logs, or calendar
• Your photos, videos, or media library (beyond what you explicitly select for wiping)
• Your precise or approximate location
• Microphone or camera input
• Installed app list or browsing history

The app contains no advertising SDKs and no third-party analytics trackers beyond Firebase Crashlytics.

3. Android Permissions Used

• INTERNET / ACCESS_NETWORK_STATE: to communicate with Firebase services for authentication, wipe records, and certificates.
• Storage access: to perform the secure wipe operation on the storage area selected by you.
• Device identifiers: (where permitted) to associate a wipe certificate with the wiped device.

4. How We Use Your Data

Data collected by the Android app is used only to: authenticate you, perform and log the wipe operation you initiate, generate and deliver the wipe certificate, provide technical support, improve app stability, and comply with legal obligations. Your data is never sold and is not shared with third parties for marketing.

5. Data Sharing & Processors

We use Google Firebase (Authentication, Cloud Firestore, Cloud Storage, Crashlytics) as a data processor for the Android app. Data is stored on Google Cloud infrastructure subject to Google's security and privacy commitments. No other third parties receive your personal data.

6. Data Retention & Account Deletion

Wipe certificate records are retained for the period required by audit and legal obligations. You can request deletion of your account and associated personal data at any time via the in-app "Delete account" option, or by emailing info@piwipe.com with the subject "PIWIPE Phone account deletion". Account deletion removes your authentication record and personally identifiable data; anonymized audit logs may be retained where required by law.

7. Data Security

All network traffic is encrypted with TLS. Certificate integrity is secured with SHA-256 hashing and digital signatures. Our backend runs on ISO 27001 certified infrastructure.

8. KVKK & GDPR

ProİMHA complies with the Turkish Personal Data Protection Law (KVKK) No. 6698 and the EU GDPR. You have the right to access, correct, delete, export, and object to the processing of your personal data. To exercise these rights for the Android app, email info@piwipe.com.

9. Children

PIWIPE Phone is intended for IT professionals and business users. It is not directed to children under 13 and we do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated through the app or our website.

11. Contact

E-posta: info@piwipe.com
Phone: +90 212 916 12 22
Controller: ProİMHA — Tekniknokta Bilişim, İstanbul, Türkiye