Privacy Policy

 Privacy Policy –  2FA Authenticator

Last Updated: February 5, 2026

This Privacy Policy explains how the Chronos Authenticator app ("2FA Authenticator") handles information when you use it. The App is designed to keep your 2FA data on your device and, if you choose, in your personal iCloud account.

 1. What We Collect

We do not require account registration and we do not collect personal information for use by the developer.

The App stores the following data locally on your device:

- 2FA tokens and related metadata (issuer, account name, secret, digits, period/counter, tags, pinned state).

- App settings (e.g., iCloud backup enabled, onboarding state, preferences).

All 2FA token data is encrypted locally using a master key. The master key is protected in the iOS Keychain (device-only accessibility).

 2. iCloud Backup and Sync (Optional)

If you enable iCloud Backup, the App stores your encrypted vault in your personal iCloud account using Apple CloudKit. We do not have access to your iCloud data.

Apple may process device and account information required to provide iCloud services. Please refer to Apple’s privacy policy for details.

3. Import and Export (User-Initiated)

The App allows you to import and export 2FA data:

- Import: You choose a file to import; the data is processed locally on your device.

- Export: The App creates files (JSON/HTML and optionally a ZIP) in a temporary local directory. You decide where to save or share these files.

We do not receive exported data.

4. Network Requests

The App makes limited network requests:

- Apple iCloud/CloudKit (optional, when iCloud backup is enabled).

- Apple iTunes Lookup API to resolve the App Store URL for this app.

No other network requests are made by the App in the current build.

 5. Analytics, Ads, and Tracking

The current App build **does not initialize third‑party analytics or advertising SDKs**, and it **does not request the advertising identifier (IDFA)**.

If analytics/crash reporting or ads are added in a future version, this Privacy Policy will be updated before those changes take effect.

 6. Push Notifications

The App does not send marketing push notifications. If iCloud sync is enabled, Apple may use background notifications for CloudKit synchronization.

 7. Data Retention and Deletion

Your data remains on your device until you delete it or uninstall the App. If iCloud Backup is enabled, your encrypted data remains in iCloud until you disable iCloud for the App or delete the backup from your iCloud account.

8. Your Rights

You can:

- View and manage your tokens within the App.

- Export your data at any time.

- Delete your local data by removing the App or clearing your tokens.

- Delete iCloud data from your iCloud settings (if enabled).

 10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted within the App or in this file, and the “Last Updated” date will be revised.

 11. Contact

If you have questions about this Privacy Policy, contact:

- Email: abdullah.khann.tet@gmail.com