1. Introduction

This Policy describes how R-Guard, published by Rosario Group LLC, handles information related to use of the App.

General principle: authentication secrets (TOTP/HOTP keys) are designed to remain on your device; Rosario Group LLC does not operate its own “secrets cloud” to store generic account secrets.

2. Data stored on the device

2FA account metadata (issuer, account name, algorithm, digits, period, favorites, order) and associated secrets in the system Keychain when applicable.

Preferences (language, appearance, biometric/hardware lock, protected reveal).

Backup codes you import or scan, stored in the local Keychain.

SSO pairing data (if paired): user/device identifiers, server URL, pairing cryptographic material as implemented.

Push notification tokens from the OS when you grant permission.

3. Data that may be sent over the network (only if you use paired SSO)

When polling or responding to push login challenges, the App may communicate with the SSO server you paired and exchange challenge identifiers, match text/number, client metadata provided by the server (e.g. IP or user-agent), and your approve/deny decision.

Limited sync of SSO backup codes with the paired server may occur. This does not mean Rosario Group LLC sells your data to advertisers.

Without SSO pairing, everyday local TOTP/HOTP generation does not require sending secrets to our servers.

4. System permissions

Camera: scan account or pairing QR codes.

Face ID / biometrics: unlock the App or reveal codes when you enable it.

NFC: communicate with compatible security keys (e.g. YubiKey).

Notifications: receive push challenge alerts when enabled.

5. Widget and App Group

The widget may read account metadata and, when the Keychain is accessible (device unlocked), generate codes. We do not prompt for Face ID in the widget; access is limited by system protections.

6. Retention and deletion

Local data remains while the App is installed or until you delete it (accounts, codes, unpair, uninstall).

Data on an SSO server is governed by that service’s and your organization’s policies.

7. Sharing and sale

We do not sell personal data. We do not share TOTP secrets with third parties for advertising.

We may use infrastructure providers only as needed to operate Rosario Group SSO products, subject to appropriate contractual controls when applicable.

8. Security

We use the system Keychain, password-based encrypted export (e.g. AES-GCM with strong key derivation), and optional App lock controls. No system is 100% secure; keep the device updated and use App lock.

9. Your rights

Depending on your jurisdiction, you may have rights of access, correction, deletion, or objection. For device-only data, you can often exercise them by clearing data in the App or uninstalling.

For corporate SSO data, also contact your organization administrator.

10. Children

The App is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect children’s data.

11. App Store privacy labels

For App Store Connect we declare that R-Guard does not track users for advertising and does not sell personal data.

Without SSO pairing: 2FA secrets and account metadata stay on the device (Keychain / local storage). Rosario Group LLC does not receive those secrets.

With optional SSO pairing: user/device identifiers, push notification tokens (APNs), and login-challenge information (approve/deny) may be processed on the SSO server you linked (e.g. sso.rosariogroupllc.com) for authentication and account security — not for advertising.

The App may access system APIs (e.g. UserDefaults preferences, file timestamps, system boot time) only for App functionality, as declared in the included Privacy Manifest.

Public URL for this policy (required by Apple): https://rosariogroupllc.com/R-Guard/politica-de-privacidad

12. Contact and web version

The public version of this policy is at https://rosariogroupllc.com/R-Guard/politica-de-privacidad and is also reflected inside the App (same source).

Privacy / App Store support contact: Rosario Group LLC — https://rosariogroupllc.com — support email listed on the App’s App Store Connect record.