Last Updated: May 15, 2025
Phone Shield Retailer Application ("Phone Shield," "we," "us," or "our") is committed to protecting the privacy and security of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard personal and sensitive information when you use the Phone Shield Retailer Application ("the App") and related services. The App is designed for retailers to manage customer mobile devices through a Device Policy Controller (DPC) in compliance with Android Enterprise deployment standards. By using the App, you agree to the practices described in this Privacy Policy.
This Privacy Policy applies to information collected through the Phone Shield Retailer Application when used by retailers to manage customer devices enrolled in our services. It covers the use of the App’s DPC functionality, which allows retailers to configure and manage device policies, such as isolating work-related data, pre-configuring approved apps, or disabling specific device features (e.g., camera) for enterprise purposes. This policy complies with Google Play’s Developer Program Policies, including the User Data policy and Spyware policy, and applicable data protection laws, such as the General Data Protection Regulation (GDPR) where relevant.
We collect only the minimum information necessary to provide the App’s functionality, ensure security, and comply with legal and contractual obligations. The types of information collected include:
2.1 Retailer Account Information
- Data Collected: Name, email address, phone number, and business details provided during account registration.
- Purpose: To create and manage retailer accounts, authenticate users, and provide customer support.
- Source: Directly from the retailer during signup or account updates.
2.2 Device Information (Managed Devices)
- Data Collected: Device ID, operating system version, installed apps, and device settings (e.g., camera or Bluetooth status) for devices enrolled under the DPC.
- Purpose: To enable DPC functionality, such as creating work profiles, enforcing security policies, and managing approved apps via managed Google Play Accounts.
- Source: Collected automatically from managed devices with user or enterprise consent.
2.3 Usage Data
- Data Collected: App performance data, crash analytics, and interaction logs (e.g., policy changes applied via DPC).
- Purpose: To improve App performance, troubleshoot issues, and prevent abuse of services.
- Source: Automatically collected during App usage.
2.4 Customer Data (Managed Devices)
- Data Collected: Limited to work profile data (e.g., app configurations, policy settings) as authorized by the enterprise or customer. No personal data from customers’ personal profiles is accessed.
- Purpose: To isolate work-related data from personal data and enforce enterprise policies.
- Source: Collected from devices enrolled in the DPC with explicit enterprise or customer consent.
Note: The App does not collect sensitive personal data (e.g., location, SMS, or call logs) unless explicitly required for a policy-compliant feature and consented to by the user or enterprise. We do not access or collect data from personal profiles on managed devices.
We use the collected information solely for the following purposes:
- Providing App Functionality: To enable retailers to manage customer devices through DPC features, such as provisioning work profiles, configuring managed Google Play Accounts, and applying device policies.
- Security and Compliance: To enforce security policies, detect and prevent malware, and comply with Google Play’s Unwanted Software Policy and Developer Policy.
- Improving Services: To analyze performance data and crash analytics to enhance App reliability and user experience.
- Customer Support: To respond to inquiries and provide assistance to retailers.
- Legal Obligations: To comply with applicable laws, regulations, or contractual agreements.
We do not use your information for advertising, profiling, or any purpose unrelated to the App’s core functionality.
For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:
- Contractual Necessity: To fulfill our obligations under the terms of service with retailers (e.g., account management, DPC functionality).
- Consent: Where retailers or enterprises explicitly consent to data collection for specific features (e.g., device management policies).
- Legitimate Interests: For improving App performance and ensuring security, provided it does not override your rights and freedoms.
- Legal Obligation: To comply with applicable laws or regulations.
We implement robust security measures to protect your data from unauthorized access, disclosure, or loss:
- Encryption: All data is encrypted in transit (using TLS 1.2 or higher) and at rest (using AES-256 encryption).
- Access Controls: Only authorized personnel have access to personal data, and access is restricted to what is necessary for their role.
- Regular Audits: We conduct regular security audits and vulnerability assessments to ensure compliance with industry standards.
- On-Device Processing: DPC-related data processing occurs locally on the device where possible, and no screenshots or user data leave the device during phishing detection or policy enforcement.
- Compliance with Google Play Protect: The App integrates with Google Play Protect to scan for malware and ensure no malicious code is present. We adhere to Google Play’s Spyware policy and do not engage in unauthorized data collection or spying behaviors.
We do not sell, trade, or share your personal data with third parties except in the following limited circumstances:
- Service Providers: We may share data with trusted third-party providers (e.g., cloud hosting, analytics) who assist in operating the App. These providers are bound by strict confidentiality agreements and comply with applicable data protection laws.
- Google Play Services: To enable DPC functionality, we use Google Play Services and the DPC Support Library to provision managed Google Play Accounts and apply managed configurations. Limited device data may be shared with Google to comply with Play Protect requirements.
- Legal Requirements: We may disclose data if required by law, court order, or government authority, but only to the extent necessary.
- Enterprise Customers: Retailers may share device policy data with their enterprise customers (e.g., businesses enrolling devices), but only as authorized by the enterprise.
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy:
- Retailer Account Data: Retained for the duration of your account or until you request deletion, unless required by law to retain longer.
- Device and Usage Data: Retained for up to 12 months for analytics and security purposes, then anonymized or deleted.
- Customer Work Profile Data: Retained only for the duration of the device’s enrollment in the DPC, as directed by the enterprise.
You may request deletion of your data by contacting us at help.phoneshield@gmail.com. We will comply with deletion requests within 30 days, subject to legal obligations.
You have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your data, subject to legal obligations.
- Restriction: Request restriction of data processing in certain circumstances.
- Objection: Object to processing based on legitimate interests.
- Data Portability: Request a machine-readable copy of your data.
To exercise these rights, contact us at help.phoneshield@gmail.com. We will respond within 30 days, in accordance with applicable laws.
8.1 DPC-Specific Controls
- Phishing Detection Toggle: Retailers can enable or disable phishing detection in the App’s settings or Safety Center, separately for personal and work profiles.
- Consent: Enterprises and customers must provide explicit consent before enrolling devices in the DPC. Retailers are responsible for obtaining consent from their customers.
- Transparency: The App provides clear notifications when policies are applied or when sensitive permissions are requested.
The App uses the following third-party services, which may collect data as described in their privacy policies:
- Google Play Services: For DPC functionality, managed Google Play Accounts, and Play Protect integration. See Google’s Privacy Policy: https://policies.google.com/privacy.
- DPC Support Library: To facilitate provisioning and management of Android devices in an enterprise environment.
- Crashlytics (Firebase): For crash analytics and performance monitoring. See Firebase’s Privacy Policy: https://firebase.google.com/support/privacy.
We ensure all third-party services comply with Google Play’s User Data policy and do not engage in unauthorized data collection.
To ensure the App is genuine and free from malware or theft-related behaviors, we adhere to the following Google Play policies:
- Malware Policy: The App undergoes regular scans by Google Play Protect to detect and prevent malicious code. We do not include backdoors, billing fraud, or stalkerware.
- Spyware Policy: We limit access to personal and sensitive data to policy-compliant functionality, with prominent disclosure and user consent. The App does not engage in spying behaviors.
- Unwanted Software Policy: The App does not hide or misrepresent important information and complies with Google’s guidelines on permissions and APIs.
- Data Safety Section: We provide accurate information in the Google Play Data Safety section about our data collection and sharing practices.
- Permissions: The App requests only the minimum permissions necessary for DPC functionality (e.g., device admin permissions) and avoids restricted permissions unless critical and consented.
If the App is flagged by Google Play Protect, retailers can file an appeal as outlined in Google’s Developer Guidance.
The Phone Shield Retailer Application is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child has provided personal data, we will delete it immediately.
The App is operated from India and data may be stored or processed in other countries, including the United States, where our service providers are located. We ensure that international data transfers comply with applicable data protection laws, using mechanisms such as Standard Contractual Clauses for EEA data.
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify users of significant changes via email or in-app notifications at least 30 days before they take effect. The updated policy will be posted on our website at https://phoneshield.in/sandbox/api-1.0/pages-uonxa/privacy-policy.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Phone Shield Privacy Team
Email: help.phoneshield@gmail.com
Address: Vijay Nagar, Ratia-125051
Website: www.phoneshield.in www.jainamventure.com