Promo Network – Privacy Policy

1. Who We Are

Promo Network (the “App”) is operated by Aplit-Soft Ltd., Moshe Aviv 6, Or Yehuda 6037128, Israel.
Company ID 514600733.
Contact: trade.project@aplit-soft.com

2. Phone Number Collection

The phone number you enter during registration serves three purposes:

Account identifier & 2-Factor Authentication – the number is your unique login name and is verified via one-time code.
Mission-critical alerts – SMS is our guaranteed channel to notify store owners when a monitor goes offline or an ad fails.
KYC & fraud prevention – phone verification deters fake accounts that could publish inappropriate content.

We do not use the number for marketing or share it with third parties. It is stored encrypted (AES-256) and deleted within 30 days after full account deletion.

3. Data We Collect & Retention

Category	Details	Retention
Account Data	Phone number (username) and password Purpose: sign-in, 2FA	While account is active + 30 days backup
Business Profile	Store/Brand name, logo, business contact phone/e-mail	deleted when account deleted
Promotional Images	Photos you upload to display on monitors	User-controlled; erased on user request or 12 months of inactivity
Technical Logs	IP, device model, OS version, crash stack-traces (Firebase Crashlytics)	90 days, for diagnostics
Analytics	Aggregated, non-identifiable usage metrics (Firebase Analytics) Optional: Advertising ID if user opts-in to analytics/ads on device settings	26 months (Google default) or until opt-out

We do not collect sensitive categories such as government IDs, biometrics, or precise GPS location.

3. How We Use Your Data

Authenticate, authorise and manage your business account.
Create, store and broadcast promotional content to connected digital displays.
Send critical operational alerts (offline monitor, content errors) to the registered phone number.
Diagnose crashes and improve stability via anonymised analytics.

Your data will never be sold or used for purposes incompatible with this Policy.

4. Legal Bases

Processing activity	Lawful basis
Account creation, sign-in	Performance of contract (Art. 6 (1)(b) GDPR)
Business profile, promotion uploads	Performance of contract
Crash logs, basic device data	Legitimate interest (Art. 6 (1)(f)) – app reliability
Analytics (optional)	Consent (Art. 6 (1)(a)) or legitimate interest where permitted
Compliance with legal requests	Legal obligation (Art. 6 (1)(c))

Processing is also compliant with the Israeli Privacy Protection Law 1981, Google Play User Data policies and Apple App Store Review Guideline 5.1.1(i).

5. Storage & International Transfer

Data are encrypted at rest on Google Cloud servers in Belgium (EU) and in Tel Aviv (IL). Transfers outside the EEA rely on Standard Contractual Clauses (SCC) and Google’s Data Processing Addendum. Access is limited to:

Authorised Aplit-Soft personnel (role-based, least-privilege);
Google Firebase sub-processors (Analytics, Crashlytics) as required by their SDKs.

6. SDKs, Cookies & Similar Technologies

The App embeds Firebase Analytics and Firebase Crashlytics SDKs. These libraries may store cookies or mobile identifiers solely to perform the stated functions. You can disable analytics collection by e-mailing us at trade.project@aplit-soft.com.

7. Your Rights

Subject to Israeli law and, where applicable, the GDPR/UK GDPR and CCPA, you may:

Request access to the personal data we hold about you;
Request correction, deletion, or portability of your data;
Withdraw consent for analytics at any time;
Object to or restrict certain processing;
Delete your account (in-app “Delete Account” → data erased within 30 days).

To exercise any right, e-mail us at trade.project@aplit-soft.com. You may also lodge a complaint with the Israeli Privacy Protection Authority (PPA) or your local supervisory authority in the EEA/UK.

8. Security Measures

TLS 1.2+ encryption for all network traffic;
OAuth2 Bearer tokens with limited lifespan and refresh flow;
Server-side AES-256 encryption at rest;
Role-based access control and audit logging;

9. Changes to This Policy

We may update this Policy from time to time. The latest version will always be available both in Google Play, in the Apple App Store and inside the App (Welcome → Privacy Policy). For material changes we will display an in-app banner or send an e-mail to the account owner.

Effective date: 12 June 2025 Last updated: 23 July 2025