Neos Auth - Privacy Policy
Effective Date: April 8, 2026
1. Introduction
Welcome to Neos Auth ("we," "our," or "us"). Neos Auth is a two-factor authentication (2FA) application that generates time-based one-time passwords (TOTP) and supports cloud backup of your scanned QR codes. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Neos Auth mobile application.
By using Neos Auth, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
We collect the following types of information:
a) Account Information: When you create an account or sign in to enable cloud backup, we may collect:
Email address
Authentication credentials (managed securely via your chosen identity provider)
b) Authenticator Data: Neos Auth stores data related to your 2FA accounts, including:
Account names and issuer labels from scanned QR codes
Secret keys used to generate one-time passwords (TOTP/HOTP)
Account icons and metadata
c) Device Information: We may collect limited device data to provide the service, including:
Device unique identifier
d) Usage Data: We collect anonymized analytics to improve app performance, such as feature usage frequency. We do not track individual user behavior or sell analytics data.
3. Cloud Backup
Neos Auth offers an optional cloud backup feature that securely stores your 2FA account data so you can restore it on a new device.
Cloud backup is entirely optional and only turns on after you register.
Your authenticator secrets are encrypted before being uploaded to our servers.
We use industry-standard AES-256 encryption to protect your backup data in transit and at rest.
We do not have access to your plaintext TOTP secrets — they are encrypted with a key derived from your credentials.
4. How We Use Your Information
We use your information to:
Provide, operate, and maintain the Neos Auth application
Enable cloud backup and restore functionality
Authenticate your identity and protect your account
Improve app performance and fix bugs
Send important security notices or service updates (we do not send marketing emails)
5. Data Storage and Security
We take the security of your authentication data seriously:
All data is encrypted in transit using TLS 1.2 or higher
Cloud backup secrets are encrypted at rest using AES-256 encryption
We do not store your TOTP codes — codes are generated locally on your device
We conduct periodic security reviews and follow industry best practices
No method of transmission or storage is 100% secure. If you believe your account has been compromised, please contact us immediately.
6. Data Sharing and Third Parties
We do not sell, trade, or rent your personal data to third parties. We may share limited data with:
Cloud infrastructure providers solely to operate the backup feature — bound by data processing agreements
Analytics providers that process only anonymized, aggregated data
Law enforcement or regulatory bodies, only when required by applicable law
7. Data Retention
We retain your data for as long as your account is active. You may:
Delete your cloud backup at any time through the app settings
Request full account deletion by contacting us — your data will be removed within 30 days
Local data stored on your device is fully under your control and removed when you uninstall the app.
8. Children's Privacy
Neos Auth is not intended for use by children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us personal data, please contact us and we will delete it promptly.
9. Your Rights
Depending on your location, you may have rights regarding your personal data, including:
The right to access the personal data we hold about you
The right to correct inaccurate data
The right to request deletion of your data
The right to data portability
The right to withdraw consent at any time
To exercise any of these rights, please contact us at the email address below.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this document and notify you through the app. Your continued use of Neos Auth after any changes constitutes your acceptance of the updated policy.
11. Contact Us
NeosCoder Ltd.
198, Akij House, Bir Uttam Mir Showkat Sarak, Tegaon Sarak, Tejgaon, Dhaka – 1208
neosapp@neoscoder.com
+8801334762500, +1(945)2848808