LeafSight

TQ Communicator / Pro - Privacy Policy

Updated May 15, 2018

Feature

TQ Communicator, in order to generate your member identifier, use the UserRecordID provided by CloudKit. And use the IdentifierForVendor to generate device identifier. Each values are only used inside of the application, hashed values by the SHA256 algorithm are sent on iCloud. It does not raw values are sent to the outside via the network. It is impossible to restore the original value from each identifier that has been hashed.

TQ Communicator accesses to the iCloud via the CloudKit API provided by iOS. The app is not possible to operate your iCloud account information directly.

TQ Communicator stores the private information such as passwords and encryption keys using KeyChain service of iOS.

TQ Communicator, for the purpose of exchanging the Private messages with members each other, uploads the member's public key which encrypted by the common key of the Session to iCloud.

Personal data to collect

TQ Communicator collects message information, member information, device information, and control information in iCloud for the purpose of sharing messages among members of the session participating by the user.

The controller of collected personal data is LeafSight, and the processor is Apple who runs iCloud. In order to provide the function (message sharing) of this App to the user, the processor performs the following processing.

The information collected is as follows. Other than these, iCloud account name, phone number, e-mail address, address, information in the address book, etc. are not collected at all.

Member information

  • Member name
  • Icon symbol, color, image
  • Profile
  • Public key for private message encryption

Message information

  • Message (text)
  • Image
  • Voice

Device information

  • Location information (only if opted in)

Control information

  • Update request event

These information are encrypted by AES 128 by App and recorded as encrypted information in the record in iCloud (CloudKit). The symmetric key necessary to decrypt the encrypted information is kept only by members of the session, neither the controller nor the processor knows it. Therefore, in theory, the contents of the information can be shared only by members of the session, and it is impossible for the controller and the processor to know its contents.

The owner of each record is identified by the UserRecordID pseudonymized by Apple. For this reason, although the contents of each record are encrypted, they are handled as personal data to be protected.

The retention period of personal data depends on the type of record. Member information and device information are permanently stored until the user deletes the session. The message information is automatically deleted by App when the next use of the App after three days after update. When a user deletes a session, all related types of records are also automatically deleted unless another device is using the same session.

Users can browse the collected personal data at any time with the "Manage data in iCloud" function of App. Also, you can delete records for every session or for all sessions, if necessary. You can stop sharing with other members by deleting records. If there are sessions remaining on your device, you can restore it as the original member even after deleting it.

The data entity holds all of the rights guaranteed to the data subject for the personal data.

Controllers and processors do not perform profiling or automated decision-making on the collected personal data. Controllers and processors do not have symmetric keys to decrypt personal data encrypted by users, so it is impossible to use their contents.

Providing the above personal data is essential for providing the main functions of this App to users.

Transfer of collected personal data

Personal data collected in iCloud will be sent to each member's device in response to a request from members of the same session. If the member is located outside the EEA region, it is necessary to transfer the personal data outside the EEA region.

In addition to within the EEA region, the relocation destination may be a country that has been decided adequacy or in other countries, but in any case, the content of personal data is protected within the theoretical strength of cryptography by encryption.

For the purpose of providing the main functions of this App, such as message sharing, users need to explicitly indicate their intent to consent on the transfer of personal data outside the EEA area when using this App.

This agreement can be withdrawn at any time by the user from the "Settings" application.