WebPKI Suite - Privacy Policy

Camera access:
The WebPKI suite requires access to the Camera in order to use the QR-code functions. The QR-code system transfers a specifically crafted URL to the WebPKI App which is used to launch one of the three sub-functions included in the App. The scanned Camera image is not stored in any way.

Internet access:
The WebPKI suite requires access to the Internet through HTTPS. When the App is started via the browser, it only calls the site which invoked the App. Starting the App locally never implies calling external sites.

Personal data:
If identity certificates have been requested, they are stored in the App's private data area, inaccessible by other applications. Each time you use an identity certificate to login to a Web site, the App will ask if you agree and offer you an option to cancel as well as an option to not ask again for the particular site (based on domain name).

The demo CA used by WebPKI only stores issued certificates locally on a secure server.

The Saturn payment demo doesn't save any personal information.

Device information:
The Device ID required to enroll identity certificates does not contain any personal information but utilizes the device-specific ANDROID_ID for creating a secure channel between the device and the CA.