Privacy Policy - iOS Version - SAS Max

Apple App Store Compliance

This privacy policy is specifically tailored for the iOS version of SAS Max available on the Apple App Store. We are committed to protecting your privacy in accordance with Apple's App Store Guidelines and applicable data protection laws.

1. Introduction

Snono Systems ("we", "our", or "us") operates the SAS Max application (the "App") for iOS devices. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our App on iPhone, iPad, or other iOS devices.

By downloading and using SAS Max from the Apple App Store, you agree to the collection and use of information in accordance with this policy.

2. iOS-Specific Data Collection

The iOS version of SAS Max collects and processes the following types of information:

2.1 Account & Business Information

License codes for authentication
Usernames and passwords (encrypted using iOS Keychain)
Manager permissions and access control lists (ACL)
User profile data (name, contact information)
Internet Service Provider (ISP) account credentials (stored in iOS Keychain)
Network Access Server (NAS) configurations

2.2 Card Printing & Distribution Data

Card generation records (series, batches, print jobs)
Print template designs and configurations
Distribution records and audit trails
QR code scanning data for card verification

2.3 iOS Device Information

iOS version and device model (for compatibility)
Device identifiers (for authentication and analytics)
App version and installation date
Crash logs and performance metrics (via Firebase Crashlytics)

2.4 Network & Connectivity Data

IP addresses for server connectivity
API request logs (for troubleshooting and security)
Bluetooth device information (connected thermal printers)
Local network device discovery (network printers)

3. iOS Permissions & Access

SAS Max requests the following iOS permissions:

Camera Access (NSCameraUsageDescription)
Purpose: Scan QR codes for quick user lookup and card verification.
Control: You can deny or revoke this permission in Settings → SAS Max → Camera.

Bluetooth (NSBluetoothAlwaysUsageDescription)
Purpose: Connect to Bluetooth Low Energy (BLE) thermal printers for card printing.
Control: You can deny or revoke this permission in Settings → SAS Max → Bluetooth.

Local Network (NSLocalNetworkUsageDescription)
Purpose: Discover network printers and connect to your SAS server on the local network.
Control: You can deny or revoke this permission in Settings → SAS Max → Local Network.

Face ID / Touch ID (NSFaceIDUsageDescription)
Purpose: Securely authenticate you on app launch using biometric authentication.
Control: You can disable biometric login in app settings.
Note: Biometric data is processed locally on your device and never leaves your iPhone/iPad.

Motion & Fitness (NSMotionUsageDescription)
Purpose: Enable the "shake-to-feedback" feature for quickly capturing and sending feedback.
Control: You can deny or revoke this permission in Settings → SAS Max → Motion & Fitness.

Notifications (Local Notifications)
Purpose: Alert you about card printing completion, low stock warnings, ISP quota alerts, and system notifications.
Control: You can customize notification preferences in Settings → Notifications → SAS Max.

Background App Refresh (UIBackgroundModes)
Purpose: Sync data in the background, monitor print jobs, and refresh authentication tokens.
Control: You can disable this in Settings → General → Background App Refresh → SAS Max.

4. How We Use Your Information

We use the collected information for the following purposes:

Service Delivery: Authenticate users, manage access permissions, and provide core functionality
Card Printing: Generate cards, connect to thermal printers (BLE/Network), and track print jobs
ISP Management: Monitor usage, track quotas, and send alerts for ISP accounts
Security: Use Face ID/Touch ID for secure app access, detect unauthorized access
Analytics: Improve app performance, identify crashes (via Firebase Crashlytics), and enhance user experience
Support: Troubleshoot technical issues and provide customer assistance
Background Sync: Keep data up-to-date and monitor print job completion while app is in background

5. Data Storage & Security on iOS

5.1 iOS Keychain Storage

Sensitive credentials (passwords, API tokens, ISP credentials) are stored using iOS Keychain via the flutter_secure_storage package. This ensures:

Data is encrypted using hardware-backed encryption (Secure Enclave on supported devices)
Credentials are protected by your device passcode and Face ID/Touch ID
Data is automatically removed when you uninstall the app
Keychain data does not sync via iCloud (app-specific storage only)

5.2 Local Storage (SharedPreferences)

Non-sensitive preferences (theme, font size, language) are stored locally
App cache and dashboard preferences use iOS file system
All data is sandboxed and isolated from other apps

5.3 Backend Communication

All data transmitted to our servers uses HTTPS with TLS 1.3
API payloads are encrypted using AES-256-CBC encryption
Passwords are never stored in plain text (hashed using bcrypt/Argon2)

5.4 Data Retention

Account data is retained while your license is active
ISP usage history is retained for 90 days
Print audit logs are retained for 90 days
Cache data is cleared when you log out or uninstall the app
Deleted accounts are permanently removed within 30 days

6. Third-Party Services & iOS SDKs

6.1 Firebase (Google LLC)

SAS Max uses Firebase iOS SDK for analytics and crash reporting:

Firebase Analytics: App usage analytics (anonymized)
Firebase Crashlytics: Crash reporting for bug fixes
Firebase Performance: Performance monitoring

App Tracking Transparency (ATT): We do not use Apple's IDFA (Identifier for Advertisers) for tracking. Firebase analytics uses non-IDFA identifiers and does not trigger the ATT prompt.

Google's Privacy Policy: https://policies.google.com/privacy

6.2 ISP Provider APIs

We connect to ISP provider APIs (e.g., WE Telecom Egypt) to retrieve usage data
Credentials are encrypted and stored in iOS Keychain
API requests are made directly from your device (not through our servers)
We do not share ISP credentials with any third party

6.3 Bluetooth Printer Communication

Bluetooth printer data is transmitted directly to the printer (not through our servers)
No print data is stored in the cloud
We only support MFi-certified (Made for iPhone/iPad) Bluetooth printers

7. Data Sharing & Disclosure

We do not sell, rent, or share your personal information with third parties, except in the following cases:

Service Providers: Firebase (Google) for analytics and crash reporting (see section 6.1)
Legal Requirements: When required by law, court order, or government regulations
Business Transfers: In the event of a merger, acquisition, or sale of assets (you will be notified)

We never share:

Your passwords, ISP credentials, or API tokens with anyone
Biometric data (Face ID/Touch ID data never leaves your device)
Card generation data with unauthorized parties
Data with advertisers or marketing platforms

8. Your Privacy Rights

You have the following rights regarding your personal information:

Access: Request a copy of your data stored in our systems
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and associated data via in-app Settings → Account → Delete Account, or submit a web request at https://max.pro-service.link/delete-account (7-day grace period, permanent deletion within 30 days)
Export: Download your data in a portable format (JSON/CSV/PDF)
Opt-Out: Disable analytics and crash reporting in app settings
Revoke Permissions: Revoke Camera, Bluetooth, Local Network, or Motion permissions in iOS Settings

To exercise these rights, contact us at: englishh7366@gmail.com or use our data deletion portal at https://max.pro-service.link/delete-account

9. Children's Privacy

SAS Max is a business application intended for professional use only and is rated 4+ on the App Store. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately at englishh7366@gmail.com.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale of personal information (we do not sell your data)
Right to non-discrimination for exercising privacy rights

11. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

Right to access, rectify, or erase your data
Right to restrict or object to data processing
Right to data portability
Right to withdraw consent at any time

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted in the app and on our website. Continued use of the app after changes constitutes acceptance of the updated policy.

You will be notified of significant changes via:

In-app notification
App Store update notes
Email (if provided)

13. Contact Us

Snono Systems

Email: englishh7366@gmail.com

Website: https://max.pro-service.link

Privacy Policy URL: https://max.pro-service.link/privacy-policy/ios

Address: Egypt

For App Store Review: If you are reviewing this app for the Apple App Store, please contact englishh7366@gmail.com for test credentials and additional information.

14. Consent

By downloading and using SAS Max for iOS, you consent to:

Collection and processing of your personal information as described
Use of iOS Keychain for secure credential storage
Encrypted transmission of data to our backend servers
Use of Firebase Analytics and Crashlytics (can be disabled in settings)
Background app refresh for data synchronization (can be disabled in iOS Settings)