Version: 1.0
Effective Date: 15.10.2025
Developer: Zeg Teknoloji
Contact: 

info@zegteknoloji.com

This Privacy Policy explains how AVAPP (“the App”) collects, uses, and protects personal information. The App is designed for use only by our enterprise customers within their internal networks (intranet/VPN).

1) Scope and Availability (Enterprise/Intranet)

The App requires connection to your organization’s on‑prem/intranet backend (e.g., http://192.168.x.x or via VPN).

• No public test environment is available; features are enabled only after connecting to your organization’s servers.

• Due to infrastructure restrictions, Google Play and Apple App Store reviewers cannot access the environment. The App is not for general public use and is intended solely for internal enterprise deployment/operations.

2) Data We Collect/Store

• Account/Profile (if provided): email, username, full name (from your backend profile endpoints).

• Authentication: JWT access token stored securely on device (Flutter Secure Storage backed by iOS Keychain and Android Keystore).

• Push Identifier: Firebase Cloud Messaging (FCM) device token (which may utilize Apple Push Notification service (APNs) on iOS); after login, it is registered/unregistered with your backend only.

• Usage Analytics (optional): Limited usage metrics via Firebase Analytics (e.g., app open, screen views).

• Notification Content: Title/body and data payload delivered via FCM/APNs from your backend; stored locally as a capped in‑app “notification feed.”

• Technical Data: Device/OS/app versions, locale, diagnostics/crash data processed by Firebase/SDKs.

• Advertising ID: Not used.

  • Android: The AD_ID permission is explicitly removed from the manifest.

  • iOS: The App does not request App Tracking Transparency permission and does not access the IDFA (Identifier for Advertisers).

Notes:

• No camera, microphone, or location permissions are requested in this version.

• Core functionality is limited to intranet server communication; cloud connectivity may exist solely for Firebase notifications/analytics.

3) How We Use Data

• Provide the service (session management, authorization, notification delivery).

• Improve performance and stability (limited analytics).

• Security and abuse prevention.

• Legal compliance.

4) Sharing and Recipients

• Your Organization’s Backend: Authorized requests with JWT; registering/unregistering the FCM token.

• Service Providers (optional):

  • Google (Firebase): For analytics and push notification infrastructure.

  • Apple (APNs): For push notification delivery on iOS devices.

• No advertising SDKs; we do not sell personal data.

5) Cookies and Identifiers

The App does not use cookies. Firebase SDKs may use app/device identifiers for analytics/notifications (e.g., Firebase Installation ID).

6) Data Retention

• On Device: JWT, profile fields (email/username/full name), notification feed, and notification preferences; JWT and profile data are removed on logout. The feed is size‑limited.

• On Servers/Firebase: Retained as necessary for stated purposes under their standard retention policies.

7) Security

• Sensitive on‑device data is protected via Flutter Secure Storage (utilizing AES encryption on Android and Keychain services on iOS).

• Production transport should use TLS/HTTPS (any cleartext flags in configuration are for development convenience; your servers should provide HTTPS).

8) Children’s Privacy

The App is not directed to children under 13. If such data is identified, it will be deleted within a reasonable time.

9) Your Rights

Subject to GDPR/KVKK, you may have rights to access, rectify, delete, restrict, object, and data portability. Contact us at 

info@zegteknoloji.com.

10) International Transfers

Data may be processed in countries where our providers’ (Google/Apple) servers are located. Appropriate safeguards are applied.

11) Changes

We may update this policy; the latest version will be posted here.

12) Contact

Zeg Teknoloji
Email: 

info@zegteknoloji.com