Privacy Policy

Smart NFC by NBApps — Last updated: February 14, 2026

Introduction

NBApps ("we", "our", "us") operates the Smart NFC mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

By using the App, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Account Information

When you create an account to use Smart Tags features, we collect:

  • Email address and password (if you sign up with email)
  • Apple ID information (if you sign up with Sign in with Apple: name and email, as provided by Apple)
  • User ID: A unique identifier generated by Firebase Authentication

2. Smart Tag Content Data

When you create Smart Tags, we store the content you provide, which may include:

  • Text, URLs, phone numbers, email addresses
  • WiFi network names and passwords
  • Contact information (vCard data)
  • SMS messages
  • Location data (addresses, coordinates)
  • Uploaded files (PDF documents, images)
  • Multi-link collections
  • UUID identifiers

This data is stored in Google Firebase Firestore and Firebase Storage and is associated with your user account.

3. Scan Analytics Data

When someone scans one of your Smart Tags, we collect the following information about the scanner:

  • Approximate geolocation (city, region, country) derived from the scanner's IP address using IP geolocation lookup. This is approximate and does not provide precise location.
  • Timestamp of the scan
  • No personal identifiers of the scanner are collected. We do not collect the scanner's IP address, device information, or any other personally identifiable information.

This data is used solely to provide you with analytics about your Smart Tags' usage.

4. Device Information

We collect limited device information through Firebase Analytics and Firebase Crashlytics:

  • Crash reports: Technical information about app crashes to help us improve stability
  • Usage analytics: Anonymous, aggregated data about how the App is used (screen views, feature usage)

5. Contacts

When you use the Contact Picker feature to create a vCard, the App accesses your device's Contacts. The selected contact data is:

  • Processed locally on your device for NFC tag writing
  • Stored on our servers only if you create a Smart Tag with that contact data
  • We never access, upload, or store your full contact list. Only the single contact you explicitly select is used.

6. NFC Tag Data

When you use the Read or Write features (without Smart Tags), all NFC operations are performed entirely on your device. No data is sent to our servers. Tag read history is stored locally on your device using SwiftData.

How We Use Your Information

We use the information we collect to:

  • Provide and maintain the App and its features
  • Store and deliver your Smart Tag content when scanned
  • Provide analytics about your Smart Tags' scan activity
  • Send push notifications when your Smart Tags are scanned (if enabled)
  • Improve the App through crash reports and anonymous usage analytics
  • Communicate with you about service-related matters

We do not:

  • Sell your personal information to third parties
  • Use your data for advertising or profiling
  • Share your contact data with any third party
  • Track users who scan your NFC tags beyond anonymous, approximate geolocation

Data Storage and Security

Storage

Your data is stored using Google Firebase services:

  • Firebase Authentication: Account credentials (encrypted)
  • Firebase Firestore: Smart Tag content and scan analytics
  • Firebase Storage: Uploaded files (PDF, images)

All data is stored on Google Cloud servers located in the United States and/or the European Union, secured by Google's enterprise-grade security infrastructure.

Security

We implement appropriate technical and organizational measures to protect your data:

  • All data in transit is encrypted using TLS/SSL
  • Firebase Authentication secures account access
  • Firestore Security Rules ensure users can only access their own data
  • Firebase AppCheck protects our backend from unauthorized access
  • File uploads are restricted to 10 MB and accessible only by the tag owner

Data Retention

  • Account data: Retained as long as your account is active. You can delete your account at any time.
  • Smart Tag data: Retained as long as the tag exists. You can delete individual tags at any time.
  • Scan analytics: Retained as long as the associated Smart Tag exists.
  • Local data (NFC read/write history): Stored on your device only. Deleted when you uninstall the App.
  • Crash reports and analytics: Retained according to Google Firebase's standard retention policies (typically 90 days for crash data).

Your Rights

You have the right to:

  • Access your personal data stored in the App
  • Modify your Smart Tag content at any time
  • Delete individual Smart Tags and their associated scan data
  • Delete your account and all associated data
  • Opt out of push notifications through your device settings
  • Export your data by viewing your Smart Tag content in the App

For EU/EEA Residents (GDPR)

In addition to the above, you have the right to:

  • Request a copy of all personal data we hold about you
  • Request rectification of inaccurate data
  • Request erasure of your data ("right to be forgotten")
  • Object to processing of your data
  • Data portability
  • Lodge a complaint with your local data protection authority

For California Residents (CCPA)

You have the right to:

  • Know what personal information is collected
  • Know whether your personal information is sold or disclosed and to whom
  • Opt out of the sale of personal information (we do not sell personal information)
  • Access your personal information
  • Request deletion of your personal information
  • Not be discriminated against for exercising your rights

Third-Party Services

The App uses the following third-party services:

Service Purpose Privacy Policy
Firebase Authentication User authentication Google Privacy Policy
Firebase Firestore Data storage Google Privacy Policy
Firebase Storage File storage Google Privacy Policy
Firebase Analytics Anonymous usage analytics Google Privacy Policy
Firebase Crashlytics Crash reporting Google Privacy Policy
Firebase Cloud Messaging Push notifications Google Privacy Policy
Sign in with Apple Authentication Apple Privacy Policy
geoip-lite IP-based geolocation for scan analytics Open-source, data processed on our servers only

Children's Privacy

The App is not intended for children under the age of 13 (or 16 in the EU/EEA). We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us and we will promptly delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy in the App
  • Updating the "Last updated" date at the top of this policy

You are advised to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

NBApps
Email: contact@nbapps.fr

This privacy policy is effective as of February 14, 2026.