Already have passQi on your iPhone?
Drag the button on the right, and drop it onto the bookmark bar of your browser -

Show me!

Privacy Policy

 

General

General

This policy applies to the user of the passqi.com web site, the passQi application, and the passQi mFactor online store. Different considerations apply in each context.

passQi, Inc. is committed to transparency in all aspects of its business, and provides a basic personal credential management solution which may be used completely anonymously.  Some opt-in services or products will require personal information such as email addresses be provided.  These are never associated in any way with the behavior of any distinct device using the passQi application.

The passQi application

  • The passQi application is designed to securely store and relay your web site passwords to browser login sessions. For details of its mechanism, visit passqi.wpengine.com. Password information is only ever relayed across the Internet having first been encrypted with a one-time 256 bit AES encryption key that has been generated in concert with the browser and is only know to the application upon scanning. The passQi services have no knowledge of, or access to, the keys used to encrypt this data, which are never transmitted over the network.
  • Logs are kept of all transactions although encrypted credential payloads are deleted from the environment directly upon completion of the authentication workflow.
  • User behavior may be aggregated for analysis by unique device identifiers; however, these identifiers are anonymous and cannot be correlated with personally identifiable information.
  • Your registration of this device is anonymous and not tied to any personally identifying information.
  • Your phone number may optionally be provided at registration, and is used in the cloud only once for purposes of confirming phone ownership by sending an SMS message. Once sent, the phone number is deleted from the cloud environment. The phone number and PIN are not stored online, but cryptographic keys (“hashes”) are stored and associated with your application instance’s unique identifier for purposes of allowing disablement of the password Vault contents when you re-enter your mobile phone number and PIN, which allows re-generation of the device keys. This identifier is specific to the passQi application and is not otherwise associated with your phone.
  • Future service offerings may provide features that correlate device registration with personal information. Any such future features will be enabled on an opt-in basis only.

 

Consent to Share Page Analysis Results

As part of its operation, the passQi application will analyze the structure of login pages the first time they are encountered by the system. These results are collected pursuant to the “Consent to Use of Data” terms of the APP LICENSE and are shared with the passQi userbase to enhance the collective experience.

The passQi web site

The passQi web site uses cookies for internal session maintenance and coordination only.  This may be analyzed for site behavior purposes and aggregated anonymously for analytic purposes.  Such aggregated information may be shared with third parties.  Your use of this web site is subject to your consent to these practices.

 

The passQi mFactor online store

The passQi online store (store.passqi.com) allows users to purchase passQi mFactor subscriptions.  As a commerical transaction, certain information will be exchanged and stored.

passQi uses stripe.com to process its payments.  No personal information from the stripe.com purchase flow is retained by us, and credit card data is stored by stripe.com, who is responsible for PCI compliance.  stripe.inc does maintain a record of the customer’s credit card information, including your credit card number for periodic billing, Name, Address, Card type, and card expiration.  This information is available to us through our stripe.com, excepting the credit card number.

Please see their merchant terms of use which governs our relationship with stripe.com and details the kind of information that may be shared with them further to normal payment processing or dispute resolution.  To register for a subscription at the passQi mFactor online store, you will need to provide an email address as part of your account registration (this may be distinct from and email address provided as part of the stripe.com purchase flow). Email addresses provided in this way  will not be shared with any third parties (excepting stripe.com).

For each domain you register under you subscription, you may also be required to provide the requesting administrator’s email address (which may or may not correspond with the subscription account email address).  Email addresses provided in this way will be used exclusively for subscription status (e. g., expiration notification) or security updates as may be appropriate to your subscription, and will not be shared with any third party (excepting service providers involved in message delivery).  By providing this information as part of subscription enrollment, you give your consent to be contacted for purposes stated.

passQi mFactor plugins and the store may share information about a subscription request in cookies in order to manage the subscription workflow.  This is limited to contextual information needed to correlate the site key with the subscription account.

No  personally identifiable information provided through cookies will be made available to any third parties.  Aggregated information derived for analytic usage may be disclosed to third parties at the company’s discretion.