Privacy Policy

How we collect, use, and protect your information

Last updated: October 2025

Introduction

EngiCell Technology ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:

  • Visit our website (engicell.com)
  • Use our web applications (sms.engicell.com, gps.engicell.com)
  • Use our mobile applications (Engicell SMS and Engicell GPS) on Android and iOS devices
  • Interact with our telecommunications and IT infrastructure services

By using our services, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Personal Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, username, password, and account credentials
  • Profile Information: Company name, job title, business address, country/region
  • Communication Data: Messages, SMS content, contact lists, and communication preferences
  • Payment Information: Billing address, payment card details (processed by third-party payment processors)
  • Support Information: Customer support inquiries, feedback, and correspondence

2. Information Collected Automatically

When you use our website:

  • IP address and device identifiers
  • Browser type, version, and language
  • Operating system information
  • Pages visited, time spent, and navigation paths
  • Referring and exit pages
  • Cookies and similar tracking technologies

When you use our mobile applications (Engicell SMS & GPS):

  • Device Information: Device model, manufacturer, operating system version, unique device identifiers (IMEI, Android ID, IDFA)
  • App Usage Data: Features used, time spent in app, app performance metrics, crash reports
  • Network Information: Mobile network operator, connection type (WiFi, cellular), network status
  • Installation Data: App version, installation date, update history

3. Location Information

Engicell GPS Application:

  • Precise Location: Real-time GPS coordinates, latitude/longitude data
  • Location History: Historical location data and movement patterns
  • Geofencing Data: Entry and exit times for designated geographic areas
  • Location data is collected only when the app is active or as configured in background location settings
  • You can control location permissions through your device settings

Engicell SMS Application:

  • Approximate Location: City-level location based on IP address or network
  • Location data helps optimize service delivery and compliance with regional regulations

4. Contacts and Permissions

Engicell SMS Application:

  • Contacts Access: Phone numbers and contact names (only when you grant permission)
  • SMS Permissions: Ability to send and receive SMS messages
  • Phone State: Phone number, call status (to manage SMS delivery)
  • Storage: Access to store message logs and media files

Engicell GPS Application:

  • Location Services: Continuous access to GPS and location services
  • Camera: To scan QR codes or capture photos (optional)
  • Storage: To store maps, routes, and offline data
  • Notifications: To send location alerts and updates

5. Analytics and Advertising Data

  • App analytics and performance metrics
  • User engagement and feature usage statistics
  • Advertising identifiers (GAID for Android, IDFA for iOS)
  • Third-party analytics service data (Google Analytics, Firebase)

How We Use Your Information

Service Delivery and Operations

  • Provide and maintain our SMS and GPS tracking services
  • Process and deliver SMS messages through our platform
  • Track and display real-time GPS location data
  • Manage user accounts and authentication
  • Process payments and maintain billing records
  • Provide customer support and respond to inquiries
  • Send service-related notifications and updates

Service Improvement and Analytics

  • Analyze usage patterns to improve app functionality
  • Monitor and analyze performance, errors, and crashes
  • Develop new features and services
  • Conduct research and analytics on user behavior
  • Test and optimize user experience
  • Generate aggregated, anonymized statistics

Communication and Marketing

  • Send promotional communications (with your consent)
  • Provide updates about new features and services
  • Conduct surveys and gather feedback
  • Send administrative and technical notifications
  • Communicate about service changes or policy updates

Security and Compliance

  • Detect, prevent, and respond to fraud and security threats
  • Verify user identity and prevent unauthorized access
  • Comply with legal obligations and regulatory requirements
  • Enforce our Terms of Service and other policies
  • Protect the rights and safety of our users
  • Investigate and resolve disputes

Location-Based Services (GPS App)

  • Provide real-time location tracking and monitoring
  • Generate location history reports and analytics
  • Enable geofencing and location-based alerts
  • Optimize routes and provide navigation assistance
  • Track fleet vehicles and assets
  • Emergency location services and SOS features

Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties.

We may share your information in the following circumstances:

Service Providers and Partners

  • Cloud Service Providers: AWS, Google Cloud, or other hosting providers for data storage and processing
  • SMS Gateway Providers: Telecommunications carriers and SMS routing services
  • Payment Processors: Stripe, PayPal, or other payment service providers
  • Analytics Services: Google Analytics, Firebase Analytics for app performance monitoring
  • Map Services: Google Maps, OpenStreetMap for location visualization
  • Customer Support Tools: Help desk and ticketing systems
  • Push Notification Services: Firebase Cloud Messaging, Apple Push Notification Service

Legal and Regulatory Compliance

  • When required by law, court order, or legal process
  • To comply with government or regulatory requests
  • To enforce our Terms of Service and other agreements
  • To protect the rights, property, or safety of EngiCell, our users, or others
  • To detect, prevent, or address fraud, security, or technical issues
  • In emergency situations to protect personal safety

Business Transfers

  • In connection with mergers, acquisitions, or sale of assets
  • During bankruptcy or similar proceedings
  • When we restructure or reorganize our business

With Your Consent

  • When you explicitly authorize us to share specific information
  • For purposes you approve at the time of collection
  • To third parties you choose to integrate with our services

Aggregated and Anonymized Data

  • We may share anonymized, aggregated data that cannot identify you personally
  • Usage statistics and trends for research and analytics purposes
  • Industry benchmarking and reporting

Data Security

We implement comprehensive security measures to protect your information from unauthorized access, disclosure, alteration, and destruction:

Technical Security Measures

  • Encryption: End-to-end encryption for data in transit (TLS/SSL) and at rest (AES-256)
  • Authentication: Multi-factor authentication (MFA) and secure password hashing
  • Access Controls: Role-based access control (RBAC) and principle of least privilege
  • Network Security: Firewalls, intrusion detection/prevention systems, DDoS protection
  • Secure APIs: Token-based authentication, rate limiting, and API security
  • Mobile App Security: Code obfuscation, secure storage, certificate pinning

Organizational Security Measures

  • Regular security audits and penetration testing
  • Employee background checks and security training
  • Confidentiality agreements with all personnel
  • Incident response and disaster recovery plans
  • Regular security patches and software updates
  • Secure development lifecycle practices

Data Backup and Recovery

  • Automated daily backups with redundancy
  • Geographically distributed backup locations
  • Regular backup testing and validation
  • Business continuity and disaster recovery procedures

Important Notice: While we implement industry-standard security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

Data Retention

We retain your information based on the following criteria:

Account Data

  • Active Accounts: Retained for the duration of your account relationship
  • Inactive Accounts: Deleted after 24 months of inactivity (with prior notice)
  • Deleted Accounts: Personal data removed within 90 days of deletion request

Service-Specific Data

  • SMS Messages: Retained for 90 days unless required for billing or legal purposes
  • Location Data (GPS): Historical data retained for 12 months or as configured by admin
  • Transaction Records: Retained for 7 years for accounting and tax compliance
  • Support Tickets: Retained for 3 years for quality assurance
  • Usage Logs: Retained for 90 days for security and troubleshooting

Legal and Compliance

  • Data may be retained longer when required by law or regulation
  • Data involved in legal proceedings retained until matter resolution
  • Backup copies may persist for up to 90 days after deletion

Data Deletion

When data is no longer needed, we securely delete or anonymize it using:

  • Secure deletion methods that prevent data recovery
  • Anonymization techniques for statistical data retention
  • Destruction of physical storage media when decommissioned

Your Privacy Rights

Depending on your location, you have the following rights regarding your personal information:

Access and Portability Rights

  • Right to Access: Request a copy of all personal data we hold about you
  • Right to Data Portability: Receive your data in a structured, machine-readable format (CSV, JSON)
  • Right to Information: Understand how we collect, use, and share your data

Control and Correction Rights

  • Right to Correction: Update or correct inaccurate or incomplete personal information
  • Right to Deletion: Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction: Limit how we process your data in certain circumstances
  • Right to Object: Object to processing based on legitimate interests or direct marketing

Consent and Withdrawal Rights

  • Withdraw Consent: Withdraw previously given consent at any time
  • Opt-Out of Marketing: Unsubscribe from promotional communications
  • Manage Permissions: Control app permissions through device settings

How to Exercise Your Rights

You can exercise these rights by:

  • In-App Settings: Manage data preferences directly in the app settings
  • Account Dashboard: Access and download your data from web portal
  • Email Request: Contact us at privacy@engicell.com or info@engicell.com
  • Written Request: Send a formal request to our contact address

Response Timeline

  • We will respond to your request within 30 days (or as required by applicable law)
  • We may request additional information to verify your identity
  • Complex requests may require up to 60 days with prior notification
  • No fees for reasonable requests; excessive requests may incur costs

Right to Lodge a Complaint

  • You have the right to lodge a complaint with your local data protection authority
  • EU users: Contact your national Data Protection Authority
  • UK users: Contact the Information Commissioner's Office (ICO)
  • California users: Contact the California Attorney General

International Transfers

As a global service provider, we may transfer your information across borders. We ensure appropriate safeguards are in place, including:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Binding corporate rules
  • Other approved transfer mechanisms

Cookies and Tracking

Our website uses cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze website performance and usage
  • Provide relevant content and services
  • Ensure website security and functionality

You can control cookie settings through your browser preferences.

Third-Party Services

Our website may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

Mobile App Permissions

Our mobile applications require specific permissions to function properly:

Engicell SMS App Permissions

  • SMS (Read/Send/Receive): Required to send and receive SMS messages through our platform
  • Contacts: Optional - to select recipients from your contact list
  • Phone: To identify your device and manage SMS functionality
  • Storage: To store message logs and attachments locally
  • Network/Internet: To connect to our servers and sync data
  • Notifications: To alert you of new messages and delivery status

Engicell GPS App Permissions

  • Location (Precise/Background): Required for real-time tracking and location services
  • Camera: Optional - for QR code scanning and photo capture
  • Storage: To cache maps and store location history
  • Network/Internet: To transmit location data and receive updates
  • Notifications: For geofence alerts and location-based notifications
  • Boot Completion: To restart tracking after device reboot (if configured)
  • Foreground Service: To maintain continuous location tracking

Managing Permissions

You can manage app permissions at any time through your device settings:

  • Android: Settings > Apps > Engicell [App Name] > Permissions
  • iOS: Settings > Privacy > [Permission Type] > Engicell [App Name]
  • Revoking critical permissions may limit app functionality
  • We only request permissions necessary for app features you use

Third-Party Services and SDKs

Our mobile applications use the following third-party services:

Analytics and Performance

  • Google Analytics / Firebase Analytics: App usage analytics and crash reporting
  • Firebase Crashlytics: Error tracking and app stability monitoring
  • Google Play Services: Location services, maps, and notifications (Android)

Infrastructure and Communication

  • Firebase Cloud Messaging (FCM): Push notifications (Android)
  • Apple Push Notification Service (APNS): Push notifications (iOS)
  • Google Maps Platform: Map display and location visualization
  • Cloud Service Providers: Data storage and processing

Payment Processing

  • Google Play Billing: In-app purchases (Android)
  • Apple In-App Purchase: In-app purchases (iOS)
  • Payment Gateways: Credit card and payment processing

Each third-party service has its own privacy policy. We encourage you to review them:

  • Google Privacy Policy: https://policies.google.com/privacy
  • Apple Privacy Policy: https://www.apple.com/privacy/
  • Firebase Privacy: https://firebase.google.com/support/privacy

Children's Privacy

Our services are not intended for children under 13 years of age (16 in the EU).

  • We do not knowingly collect personal information from children
  • If we discover we have collected data from a child, we will delete it immediately
  • Parents or guardians who believe we have collected children's data should contact us at info@engicell.com
  • Our apps are designed for business and commercial use by adults

Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices on our website

Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: info@engicell.com

Subject Line: Privacy Policy Inquiry

Response Time: We aim to respond within 48 hours

Regional Privacy Rights

California Residents (CCPA/CPRA)

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information

We do not sell personal information.

European Union/EEA Residents (GDPR)

  • Legal basis for processing: Contract performance, legitimate interests, legal compliance, consent
  • Right to lodge complaints with supervisory authorities
  • Right to withdraw consent without affecting lawfulness of prior processing
  • Data transfers outside EU/EEA protected by Standard Contractual Clauses
  • Automated decision-making: We do not use automated decision-making or profiling with legal effects

UK Residents (UK GDPR)

  • Same rights as EU/EEA residents under UK GDPR
  • Right to lodge complaints with the Information Commissioner's Office (ICO)
  • International transfers protected by UK-approved mechanisms

Other Jurisdictions

  • Canada (PIPEDA): Right to access and correct personal information
  • Australia (Privacy Act): Australian Privacy Principles compliance
  • Brazil (LGPD): Rights similar to GDPR for Brazilian residents
  • India (DPDPA): Data protection compliance for Indian users

Compliance and Certifications

EngiCell Technology is committed to compliance with applicable data protection laws and standards:

  • GDPR - General Data Protection Regulation (EU/EEA)
  • CCPA/CPRA - California Consumer Privacy Act and Rights Act
  • PIPEDA - Personal Information Protection and Electronic Documents Act (Canada)
  • PDPA - Personal Data Protection Act (Singapore, Thailand)
  • LGPD - Lei Geral de Proteção de Dados (Brazil)
  • ISO 27001 - Information Security Management System (pursuing certification)
  • SOC 2 - Service Organization Control compliance
  • Other applicable regional and industry-specific privacy laws

Quick Links

Related Documents

Data Protection

Your privacy is important to us. We use industry-standard security measures to protect your information.

Questions? Contact us at info@engicell.com