Privacy Policy — 2FA Authenticator

Privacy Policy — 2FA Authenticator


1) Who we are


  • 2FA Authenticator (the “App”) is provided by Ditlev Carlsen (“we”, “us”).

Contact: dltlevcarlsen@icloud.com


2) What this policy covers


This Privacy Policy explains what data the App collects (if any), how it is used, how it is shared, how long it is retained, and how you can request deletion or revoke consent.  


3) Data we process

A. Authenticator data (your tokens)

The App is designed so your authenticator entries (e.g., issuer name, account label, secret keys, and generated codes) are stored on your device.


  • We do not collect or receive your 2FA secret keys or generated codes on our servers unless you explicitly use a feature that sends them (for example, a manual export you initiate).
  • Optional iCloud sync (if enabled): If you enable iCloud/Apple sync features, your data may be stored and synced via your Apple/iCloud account. Apple acts as the service provider for that sync. We do not operate those servers and do not access your iCloud content except as allowed by Apple’s APIs and your device settings.



B. Camera access (QR scanning)

If you use QR scanning, the App requests camera access to scan QR codes. QR processing occurs on-device.



C. Subscription and purchase information

If you purchase a subscription, Apple processes the payment. We may process subscription status (e.g., active/expired) and transaction/receipt-related identifiers needed to unlock premium features and prevent fraud. (We do not receive your full payment card details.)


Apple requires that subscription purchase flows disclose subscription title, length, price, and provide in-app links to this Privacy Policy and the Terms of Use.  



D. Support communications

If you email us, we receive your email address and the content of your message (and any attachments you send). We use this only to respond and provide support.



E. Diagnostics (optional)

Depending on your device settings and Apple’s platform behavior, we may receive crash reports or diagnostic information (often aggregated or device-level) to improve stability and fix bugs.



4) How we use data


We use data only to:


  • Provide core functionality (create and display tokens, scan QR codes)
  • Enable and manage premium features/subscription access
  • Provide customer support
  • Improve reliability and security (e.g., diagnosing crashes)



5) Sharing of data


We do not sell your personal data.


We may share limited data only:


  • With Apple for App Store purchase processing and subscription management (Apple is the merchant of record for App Store transactions).
  • With service providers (only if used) for essential functions like crash reporting; such providers must protect the data consistent with this policy. Apple requires your privacy policy to confirm third parties provide equal protection when they access user data.  
  • For legal reasons if required by law or to protect rights, safety, and security.


Refund-Related Data Sharing

We may share limited anonymized information with Apple when a user requests a refund for an in-app purchase. This includes (but is not limited to) time since installation, usage duration, an anonymous account identifier, purchase consumption details, and transaction amounts, solely for the purpose of processing and verifying refund requests. No personally identifiable information is shared.


6) Data retention and deletion


  • Authenticator data: retained on your device until you delete it from within the App, uninstall the App, or disable/remove any sync backups you control.
  • Support emails: retained as long as reasonably necessary to address your request and comply with legal obligations.
  • Subscription status/entitlements: retained as needed to provide access and maintain records.


You can request deletion of any personal data we control by emailing dltlevcarlsen@icloud.com. We will respond in accordance with applicable law. Apple also requires your policy to explain retention/deletion and how users can revoke consent/request deletion.  



7) Your choices and rights


Depending on where you live, you may have rights to access, correct, delete, object, restrict processing, or receive a copy of your personal data. You may also have the right to lodge a complaint with a data protection authority.


To exercise rights: email dltlevcarlsen@icloud.com.



8) Security


We use reasonable technical and organizational measures designed to protect your data. No method of storage or transmission is 100% secure.



9) Children’s privacy


The App is not intended for children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children.



10) International transfers


If you contact us from outside the country where we operate, your information may be processed in other countries. Where required, we use appropriate safeguards.



11) Changes to this policy


We may update this Privacy Policy from time to time. The “Last updated” date will reflect changes. Continued use of the App after updates means you accept the updated policy.




Report Page