Welcome to KardVault: Digital Card Wallet ("the App"), developed by SmartOn Solution ("we," "us," or "our"). This Privacy Policy explains how we collect, use, store, share, and protect your information when you use the App. By using the App, you agree to this Privacy Policy.
We collect the following types of information to provide and improve the App’s functionality, analytics, advertising, and user support:
We collect the following types of information to provide and improve the App’s functionality, analytics, advertising, and user support:
User-Provided Financial Information: We collect and store card details (Card Number, Expiry Date, Cardholder Name etc.) when you manually enter them or scan via NFC.
Purpose: This data is used strictly for app functionality (organizing your cards).
Storage Policy: We do not upload your card data to any cloud server. All financial information remains stored locally on your physical device.
NFC Data: The NFC Reader only accesses publicly available data on your EMV cards. It does not access private keys or secure elements.
Personal Information: If you contact us via the "Contact Support" feature, we collect your message, which may include personal details (e.g., name, email), and device information (app version, device model, Android version, timestamp).
App Activity: We collect data about your interactions with the App (e.g., screen views, button clicks) via Firebase Analytics and Google AdMob.
App Info and Performance: Crash logs and diagnostics are collected via Firebase Crashlytics to improve App stability.
Device or Other IDs: Device identifiers (e.g., Advertising ID, Android ID) are collected by Firebase and AdMob for analytics and personalized ads.
Approximate Location: If enabled, AdMob and Firebase may collect IP-based approximate location for ad targeting and analytics.
Financial Information: The Bank Identification Number (BIN, first 6-8 digits of card number) is sent to a third-party BIN Lookup API to retrieve bank details. The Card Validator uses the Luhn algorithm locally to validate card numbers.
AES-256 Encryption: All card data is encrypted at rest using 256-bit AES encryption via a SQLCipher-backed Room database.
Keystore Management: Encryption keys are handled by the Android System Keystore, ensuring they are isolated from the application logic.
Connection Security: Any communication with third-party APIs (like BIN Lookup or Firebase) is performed exclusively over HTTPS (TLS 1.3).
We use your information for the following purposes:
App Functionality: To provide NFC Card Reader, card storage, BIN checking, and card validation features.
Analytics: To understand App usage and improve performance (via Firebase Analytics and Crashlytics).
Advertising: To deliver personalized ads via Google AdMob.
User Support: To respond to your inquiries sent via the "Contact Support" feature.
We share your information with the following third parties to provide App features and services:
Firebase (Google): For analytics and crash reporting, we share App Activity, App Info and Performance, Device IDs, and Approximate Location (if enabled). See Firebase Privacy Policy: https://firebase.google.com/support/privacy
Google AdMob: For advertising, we share Device IDs, Approximate Location, and App Activity. See AdMob Privacy FAQ: https://support.google.com/admob/answer/9756841
BIN Lookup API: The BIN is sent to a third-party API provider to retrieve bank details. See Terms of Use: https://www.neutrinoapi.com/terms-and-conditions
We do not sell your personal information to third parties. However, AdMob and Firebase may use data for their own purposes as described in their privacy policies.
We recommend securing your device with a password or biometric authentication which is available in app.
Data in Transit: All data sent to Firebase, AdMob, and the BIN Lookup API is encrypted using HTTPS (TLS/SSL).
Security Measures: We implement reasonable security measures to protect your data, but no system is completely secure. You are responsible for maintaining the security of your device.
Depending on your location, you may have rights under privacy laws (e.g., GDPR, CCPA, LGPD, PIPEDA):
Access and Portability: Request a copy of your data stored in the Room database.
Deletion: You can delete card data by clearing the App’s data or uninstalling the App or using the "Delete" button within the app. .
Opt-Out of Ads: Disable personalized ads in the App’s settings (if available) or your device’s ad settings.
Opt-Out of Analytics: Disable Firebase Analytics by contacting us or adjusting your device settings.
To exercise these rights, contact us at contact@smartonsolution.in. We will respond within the timeframes required by applicable laws (e.g., 30 days for GDPR, 45 days for CCPA).
Local Data: Card data remains in the Room database until you delete it or uninstall the App.
Support Data: Support emails are retained as long as necessary to resolve your inquiry.
Third-Party Data: Data shared with Firebase, AdMob, and the BIN Lookup API is retained according to their respective privacy policies.
The App is available worldwide, and your data may be transferred to and processed in countries other than your own (e.g., the United States for Firebase and AdMob). We ensure compliance with international data transfer regulations, such as GDPR’s Standard Contractual Clauses, where applicable.
This app is intended for users 18 years and older. We do not knowingly collect personal data from children. If we learn that a child’s data has been collected, we will delete it promptly. Contact us at contact@smartonsolution.in if you believe this has occurred.
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you via the App or email (if provided) of significant changes. The updated policy will be posted at this Page.
If you have questions, concerns, or requests regarding your data, contact us at:
Email: contact@smartonsolution.in