Last Updated: May 23, 2024
Developer: Ashraf Alsayid
Contact Email: ashraf.alsayid.dev@gmail.com
This Privacy Policy describes how information is handled in the Oni Auth application ("the App").
1. The Short Version
Oni Auth is a fully offline authenticator app. It does not collect, transmit, or share any personal data, usage information, or analytics. The app requires minimal permissions to function: the Camera to scan QR codes, and optional access to the device's Biometric system for local app locking. All data, including your One-Time Password (OTP) secrets, is stored securely and exclusively on your device. No information ever leaves your device.
2. Data Collection – We Collect Nothing
The App does not collect, store, or transmit any personal data, usage statistics, diagnostics, or any other information from your device to the developer (Ashraf Alsayid) or any third party. All operations occur locally on your device.
3. Permissions and Their Use
Camera Permission: This permission is requested only to scan QR codes for setting up OTP accounts. The camera feed is processed in real-time on the device to extract the QR code data. No images or video are saved, stored, transmitted, or ever accessed from your photo gallery.
Biometric Authentication (Optional): If you choose to enable the app lock feature, the App uses your device's built-in biometric authentication system (Android's Biometric API) for fingerprint or facial recognition. The App itself does not collect, store, or process your raw biometric data. Authentication is handled entirely by your device's secure hardware and operating system. The App only receives a confirmation result to grant or deny access locally.
4. Data Storage and Security
All your OTP secrets, accounts, and settings are stored exclusively and securely on your device. The App uses the device's encrypted storage mechanisms to protect this data at rest. As the app is completely offline and does not use the internet permission, there is absolutely no transmission of this data to any external servers, cloud services, or the developer.
5. Third-Party Services & Analytics
The App does not integrate any third-party analytics, advertising, tracking frameworks, or crash reporting services. It contains no code that transmits data from your device.
6. Children’s Privacy
The App does not collect data from anyone, including children under the age of 13.
7. Changes to This Privacy Policy
We may update this policy occasionally. Any changes will be posted on this page, and the "Last Updated" date at the top will be revised. For significant changes, we may provide additional notice within the App.
8. Contact Us
If you have any questions or concerns about this Privacy Policy or the App's practices, please contact the developer:
Name: Ashraf Alsayid
Email: ashraf.alsayid.dev@gmail.com
Phone: +218 94 526 2305 (Libya, Tripoli)