Privacy Policy for Passwordless X1280 Software

Table of Contents

  1. Purpose of Collecting and Using Personal Information
  2. Items of Personal Information Collected by Mobile App and Server
  3. Retention and Use Period of Personal Information by Mobile App and Server
  4. Provision of Personal Information to Third Parties by Mobile App and Server
  5. Delegation of Personal Information Processing
  6. Measures to Ensure the Security of Personal Information by Mobile App and Server
  7. Rights of Data Subjects and Methods of Exercising Them by Mobile App and Server
  8. Procedures and Methods for Destroying Personal Information by Mobile App and Server
  9. Installation/Operation and Rejection of Automatic Personal Information Collection Devices
  10. Personal Information Protection Officer and Contact Information
  11. Duty to Notify

1. Purpose of Collecting and Using Personal Information

Passwordless Alliance distributes Passwordless X1280 software for free to address social issues arising from the use of user passwords globally. This privacy policy is prepared for two types of users:

  • The first type of user is consumers, customers, or members who use online services and want to use passwordless services. This policy provides guidelines for the use of Passwordless X1280 Mobile App.
  • The second type of user is service providers who offer online services to consumers, customers, or members and want to provide passwordless services. This policy provides guidelines for the use of the Passwordless X1280 Server.

It is essential to include that this privacy policy is prepared for both types of users.

2. Items of Personal Information Collected by Mobile App and Server

Mobile App: Passwordless X1280 Mobile App does not request any personal information upon installation. The app does not directly require any personal information from users. Users simply link their desired online service’s ID with their Passwordless X1280 App.

Linking the service ID with the Passwordless X1280 Mobile App involves scanning the passwordless login registration QR code provided by the online service with the Passwordless X1280 Mobile App. The app then stores the ID information of the specific online service. Only the IDs of the online services that the user wishes to register are stored in the app, and no other personal information is requested.

Server: Passwordless X1280 Server does not request or store any personal information (such as name, email, age, phone number, etc.) held by the online service servers. It only stores the linkage information indicating which Passwordless X1280 Mobile App is connected to a specific user ID of the online service. The server may send user app information to the push server operated by Passwordless Alliance to send push notifications to the user’s Passwordless X1280 App attempting a passwordless login.

3. Retention and Use Period of Personal Information by Mobile App and Server

The Passwordless X1280 App does not collect user personal information; hence, there is no retention or use period. However, app usage status information may be collected for display advertising provided by Google AdMob services.

4. Provision of Personal Information to Third Parties by Mobile App and Server

Passwordless X1280 does not provide the collected personal information to third parties. However, for free users, Google AdMob identifiers may be used to provide display advertisements through Google AdMob services, and app usage status information may be shared.

5. Delegation of Personal Information Processing

Passwordless X1280 does not delegate the processing of personal information. App usage status information may be collected by Google AdMob service servers, and this is subject to Google AdMob policies.

6. Measures to Ensure the Security of Personal Information by Mobile App and Server

Since Passwordless X1280 does not collect user personal information, specific security measures are not necessary. However, information collected via Google AdMob is managed securely according to Google’s privacy policies.

7. Rights of Data Subjects and Methods of Exercising Them by Mobile App and Server

Since Passwordless X1280 does not collect user personal information, the rights and methods of exercising them do not apply. If users wish to delete a specific online service ID stored in the app, they can delete the service from the list of registered services in the Passwordless X1280 App.

8. Procedures and Methods for Destroying Personal Information by Mobile App and Server

Since Passwordless X1280 does not collect user personal information, there are no procedures or methods required for destroying personal information. The server deletes the linkage information between the user’s service ID and the Passwordless X1280 App immediately when the user disables the Passwordless service through the online service.

9. Installation/Operation and Rejection of Automatic Personal Information Collection Devices

Passwordless X1280 does not use cookies or other automatic collection devices. However, user device information or app usage information may be automatically collected for providing display advertisements through Google AdMob, in accordance with Google AdMob policies.

10. Personal Information Protection Officer and Contact Information

The Personal Information Protection Officer of Passwordless Alliance is as follows:

  • Legal Officer: Legal@passwordlessallince.org

11. Duty to Notify

This privacy policy is effective from May 26, 2024. Any additions, deletions, or modifications due to changes in laws, policies, or security technology will be notified through the website or app announcement at least 7 days prior to implementation.