App data safety summary
This page gives you a concise, structured summary of what data the mintus Wallet and the mintus Cashier apps collect, why they collect it, and whether it is shared. It is consistent with our Privacy Policy, which contains the legally authoritative details.
1. Data the app collects
| Data type | Collected? | Purpose | Required or optional |
|---|---|---|---|
| Name (display name) | Optional | Account function, personalisation | Optional |
| Email address | Yes | Account function, recovery, security notifications | Required |
| User ID (mintus username) | Yes | Account function | Required |
| Other user-generated content | Optional | Voucher artwork uploaded by Merchants, support messages | Optional |
| App interactions | Yes | Analytics, product improvement | Required |
| Crash logs | Yes | App stability and bug-fixing | Required |
| Diagnostics | Yes | Performance monitoring | Required |
| Device identifiers | Yes | Security, fraud prevention, analytics | Required |
| Push notification token | Only when granted | Deliver notifications about wallet activity, inbound messages, and account-security events; routed via Firebase Cloud Messaging (Android) / Apple Push Notification service (iOS) | Optional — controlled by the system notification permission and revocable at any time in device settings |
| IP address | Yes | Security, fraud prevention, abuse detection | Required |
| Approximate location (derived from IP) | Yes | Localisation, fraud prevention | Required |
| Precise location | No | — | — |
| Photos / camera | Only when invoked | To scan QR codes for voucher actions; processed on-device, not uploaded | Optional |
| Contacts | No | — | — |
| Messages / SMS | No | — | — |
| Health / fitness | No | — | — |
| Financial info (Merchants only) | Yes | Billing for paid tiers | Required for paid tiers |
| Sensitive personal data (race, religion, sexual orientation, etc.) | No | — | — |
2. Data sharing
We share personal data only with service providers acting on our behalf (hosting, communications, security, analytics), with merchants you transact with (only the minimum needed to fulfil your request), and with regulators or law enforcement when legally compelled. We do not sell or rent personal data.
We do not share data with third-party advertising networks, and we do not embed any third-party ad SDK in the apps.
3. Encryption
All data transmitted between the apps and our servers is encrypted in transit using TLS. Personal data is encrypted at rest in our backend stores. Wallet signing keys are protected by hardware-backed secure storage on the device (iOS Secure Enclave / Android Keystore) and supplemented by threshold cryptography for recovery.
4. Your controls
- You can review the categories of data we hold about you and request a portable copy at any time.
- You can correct or update your data inside the app.
- You can delete your account and the associated personal data following the steps in our Account Deletion page.
- You can opt out of optional analytics and marketing communications in Settings → Privacy.
5. Third-party services we use
We currently use the following processor categories. Specific vendor names change over time; the current list is available on request.
- Cloud infrastructure (compute, storage, CDN)
- Crash reporting
- Product analytics (privacy-respecting, first-party)
- Transactional email delivery
- Push notification gateway (Google Firebase Cloud Messaging for Android; Apple Push Notification service for iOS)
- Customer-support helpdesk
6. Children
The mintus apps are not directed to and are not intended for use by children under 13 (or the higher local minimum age). We do not knowingly collect data from such users.
7. Changes
This disclosure is updated whenever our app data practices change in a way that affects you, alongside the corresponding update of our Privacy Policy.
8. Contact
Email privacy@mintus.world.