This privacy policy is specifically tailored for the iOS version of SAS Max available on the Apple App Store. We are committed to protecting your privacy in accordance with Apple's App Store Guidelines and applicable data protection laws.
1. Introduction
Snono Systems ("we", "our", or "us") operates the SAS Max application (the "App") for iOS devices. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our App on iPhone, iPad, or other iOS devices.
By downloading and using SAS Max from the Apple App Store, you agree to the collection and use of information in accordance with this policy.
2. iOS-Specific Data Collection
The iOS version of SAS Max collects and processes the following types of information:
2.1 Account & Business Information
- License codes for authentication
- Usernames and passwords (encrypted using iOS Keychain)
- Manager permissions and access control lists (ACL)
- User profile data (name, contact information)
- Internet Service Provider (ISP) account credentials (stored in iOS Keychain)
- Network Access Server (NAS) configurations
2.2 Card Printing & Distribution Data
- Card generation records (series, batches, print jobs)
- Print template designs and configurations
- Distribution records and audit trails
- QR code scanning data for card verification
2.3 iOS Device Information
- iOS version and device model (for compatibility)
- Device identifiers (for authentication and analytics)
- App version and installation date
- Crash logs and performance metrics (via Firebase Crashlytics)
2.4 Network & Connectivity Data
- IP addresses for server connectivity
- API request logs (for troubleshooting and security)
- Bluetooth device information (connected thermal printers)
- Local network device discovery (network printers)
3. iOS Permissions & Access
4. How We Use Your Information
We use the collected information for the following purposes:
- Service Delivery: Authenticate users, manage access permissions, and provide core functionality
- Card Printing: Generate cards, connect to thermal printers (BLE/Network), and track print jobs
- ISP Management: Monitor usage, track quotas, and send alerts for ISP accounts
- Security: Use Face ID/Touch ID for secure app access, detect unauthorized access
- Analytics: Improve app performance, identify crashes (via Firebase Crashlytics), and enhance user experience
- Support: Troubleshoot technical issues and provide customer assistance
- Background Sync: Keep data up-to-date and monitor print job completion while app is in background
5. Data Storage & Security on iOS
5.1 iOS Keychain Storage
Sensitive credentials (passwords, API tokens, ISP credentials) are stored using iOS Keychain via the flutter_secure_storage package. This ensures:
- Data is encrypted using hardware-backed encryption (Secure Enclave on supported devices)
- Credentials are protected by your device passcode and Face ID/Touch ID
- Data is automatically removed when you uninstall the app
- Keychain data does not sync via iCloud (app-specific storage only)
5.2 Local Storage (SharedPreferences)
- Non-sensitive preferences (theme, font size, language) are stored locally
- App cache and dashboard preferences use iOS file system
- All data is sandboxed and isolated from other apps
5.3 Backend Communication
- All data transmitted to our servers uses HTTPS with TLS 1.3
- API payloads are encrypted using AES-256-CBC encryption
- Passwords are never stored in plain text (hashed using bcrypt/Argon2)
5.4 Data Retention
- Account data is retained while your license is active
- ISP usage history is retained for 90 days
- Print audit logs are retained for 90 days
- Cache data is cleared when you log out or uninstall the app
- Deleted accounts are permanently removed within 30 days
6. Third-Party Services & iOS SDKs
6.1 Firebase (Google LLC)
SAS Max uses Firebase iOS SDK for analytics and crash reporting:
- Firebase Analytics: App usage analytics (anonymized)
- Firebase Crashlytics: Crash reporting for bug fixes
- Firebase Performance: Performance monitoring
App Tracking Transparency (ATT): We do not use Apple's IDFA (Identifier for Advertisers) for tracking. Firebase analytics uses non-IDFA identifiers and does not trigger the ATT prompt.
Google's Privacy Policy: https://policies.google.com/privacy
6.2 ISP Provider APIs
- We connect to ISP provider APIs (e.g., WE Telecom Egypt) to retrieve usage data
- Credentials are encrypted and stored in iOS Keychain
- API requests are made directly from your device (not through our servers)
- We do not share ISP credentials with any third party
6.3 Bluetooth Printer Communication
- Bluetooth printer data is transmitted directly to the printer (not through our servers)
- No print data is stored in the cloud
- We only support MFi-certified (Made for iPhone/iPad) Bluetooth printers
7. Data Sharing & Disclosure
We do not sell, rent, or share your personal information with third parties, except in the following cases:
- Service Providers: Firebase (Google) for analytics and crash reporting (see section 6.1)
- Legal Requirements: When required by law, court order, or government regulations
- Business Transfers: In the event of a merger, acquisition, or sale of assets (you will be notified)
We never share:
- Your passwords, ISP credentials, or API tokens with anyone
- Biometric data (Face ID/Touch ID data never leaves your device)
- Card generation data with unauthorized parties
- Data with advertisers or marketing platforms
8. Your Privacy Rights
You have the following rights regarding your personal information:
- Access: Request a copy of your data stored in our systems
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and associated data via in-app Settings → Account → Delete Account, or submit a web request at https://max.pro-service.link/delete-account (7-day grace period, permanent deletion within 30 days)
- Export: Download your data in a portable format (JSON/CSV/PDF)
- Opt-Out: Disable analytics and crash reporting in app settings
- Revoke Permissions: Revoke Camera, Bluetooth, Local Network, or Motion permissions in iOS Settings
To exercise these rights, contact us at: englishh7366@gmail.com or use our data deletion portal at https://max.pro-service.link/delete-account
9. Children's Privacy
SAS Max is a business application intended for professional use only and is rated 4+ on the App Store. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately at englishh7366@gmail.com.
10. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale of personal information (we do not sell your data)
- Right to non-discrimination for exercising privacy rights
11. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):
- Right to access, rectify, or erase your data
- Right to restrict or object to data processing
- Right to data portability
- Right to withdraw consent at any time
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted in the app and on our website. Continued use of the app after changes constitutes acceptance of the updated policy.
You will be notified of significant changes via:
- In-app notification
- App Store update notes
- Email (if provided)
13. Contact Us
Email: englishh7366@gmail.com
Website: https://max.pro-service.link
Privacy Policy URL: https://max.pro-service.link/privacy-policy/ios
Address: Egypt
For App Store Review: If you are reviewing this app for the Apple App Store, please contact englishh7366@gmail.com for test credentials and additional information.
14. Consent
By downloading and using SAS Max for iOS, you consent to:
- Collection and processing of your personal information as described
- Use of iOS Keychain for secure credential storage
- Encrypted transmission of data to our backend servers
- Use of Firebase Analytics and Crashlytics (can be disabled in settings)
- Background app refresh for data synchronization (can be disabled in iOS Settings)