EFANI BSP (Black Seal Protection) Privacy Policy

1. Information We Collect

We may collect the following categories of data

1.1. Personal Identification Information

- Phone Number: Required for account authentication and phone number security scanning
- No Email Collection: We do not collect email addresses directly from users

1.2. Device and Security Information

- Device Security Status: Jailbreak detection, debugger detection, and secure enclave availability
- No Device ID Collection: We do not collect or store device IDs, SIM serial numbers, or hardware identifiers

1.3. Phone Scan Results (Not Stored)

- Threat Intelligence Data: Phone number risk analysis results obtained in real-time from third-party security databases
- Associated Information: Names, email addresses, locations, and company information found in public data breaches (displayed but not stored)
- Location Data: Geographic information associated with phone numbers from public databases only (we do not use GPS or device location services)

2. How We Use Your Information

We use collected information solely to:
- Authenticate Users: Verify your identity through phone number and OTP verification
- Provide Security Services: Conduct real-time phone number risk analysis and device security scanning
- Send Security Alerts: Notify you of security threats or important service updates (no marketing communications)
- Comply with Legal Obligations: Meet applicable legal and regulatory requirements

We Do NOT:
- Store phone scan results or threat intelligence data
- Use data to improve algorithms or for analytics
- Conduct marketing or promotional activities
- Share data with third parties for any purpose

3. How We Protect Your Information

We implement enterprise-grade security measures including:
- AES-256 Encryption: All data at rest is encrypted using AES-256 encryption standards
- Encrypted Communications: All data transmission uses HTTPS/TLS encryption
- Secure Credential Storage: Authentication credentials stored securely in iOS Keychain
- Real-Time Processing: Phone scan data is processed in real-time without storage
- US-Based Infrastructure: All servers located in the United States with appropriate security controls
- Regular Security Audits: Routine security assessments and penetration testing

4. Data Sharing and Disclosure

We Do NOT sell, rent, or share your personal information. We may only disclose information in these limited circumstances:
- Legal Compliance: When required by law, regulation, court order, or government request
- Service Providers: With trusted technical service providers under strict confidentiality agreements (authentication services, security scanning APIs)
- Business Transfer: In the event of a merger, acquisition, or sale of assets (with prior user notification)

We Never Share Data With:
- Marketing companies or advertisers
- Data brokers or analytics services
- Other security companies (even for threat intelligence)

5. Data Retention

- Phone Numbers: Retained for the duration of your account usage and deleted upon account closure
- Phone Scan Results: Not stored - all results are generated in real-time via third-party APIs
- Device Security Scans: Not stored - scans performed locally on your device

6. Your Privacy Rights

You have the right to:
- Access Your Data: Request a copy of personal information we hold about you
- Correct Your Data: Update or correct inaccurate personal information
- Delete Your Data: Request deletion of your account and associated phone number
- Data Portability: Export your data in CSV format through our user portal

To exercise these rights: Contact us at support@efani.com or use our in-app user portal.

7. International Data Transfers

Our services are provided exclusively within the United States. All data processing and storage occurs on US-based servers. We currently do not serve users outside the United States.

8. Children's Privacy

BSP is intended for general audiences and does not knowingly collect information from children under 13. If we become aware that we have collected information from a child under 13, we will promptly delete it.

9. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our services or legal requirements. We will notify users of material changes through:
- In-app notifications
- Email notifications to registered users
- Updates posted in the mobile application

10. Third-Party Services

- Phone Scan APIs: We use third-party security databases to perform real-time phone number risk analysis. These services do not store your queries or results
- No Analytics: We do not use any third-party analytics services (such as Firebase, Mixpanel, or Google Analytics)

11. Security Compliance & Certifications

EFANI BSP maintains the following security standards:
- AES-256 Encryption: Industry-standard encryption for all stored data
- Privacy-First Architecture: All scanning services designed with privacy-first principles

12. Contact Information

For privacy-related questions, concerns, or requests:
Email: support@efani.com
Company: EFANI
Service: Black Seal Protection (BSP)

---

This Privacy Policy is effective as of [DATE] and governs your use of the EFANI BSP mobile application and related services.