Autiz Privacy Policy

Last updated: March 20, 2026

Overview

Autiz is a 2FA authenticator application. We are committed to protecting your privacy. This policy explains how Autiz handles your data.

Data Collection

Autiz collects the following data, which is stored exclusively on your device:

Authentication credentials: TOTP secret keys, encrypted locally
Account metadata: Service names (issuer), account labels, icons, colors, tags
User preferences: Theme, language settings

Data Storage

Local Storage (default):

By default, all data is stored locally on your device using browser storage (IndexedDB, chrome.storage) or on-device databases
TOTP secrets are encrypted using AES-256-GCM with keys derived via PBKDF2-SHA256
No analytics or tracking is implemented

Cloud Sync (optional, when available):

Autiz may offer an optional cloud sync feature to synchronize encrypted account data across your devices
Cloud sync is strictly opt-in — it is never enabled without your explicit consent
All data transmitted to cloud servers is end-to-end encrypted before leaving your device — the server cannot read your secrets
Cloud-synced data is encrypted with keys derived from your credentials, which are never sent to the server

Data Sharing

Autiz does not sell, transfer, or share any user data with third parties
Autiz does not use user data for purposes unrelated to its core functionality
Autiz does not use user data for creditworthiness or lending purposes
If cloud sync is enabled, encrypted data is transmitted solely to Autiz-operated servers for the purpose of multi-device synchronization

Permissions

Permission	Purpose
storage	Store encrypted account data and user preferences locally
activeTab	Capture current tab screenshot for QR code scanning
tabs	Detect current website URL for OTP autofill matching
identity	Google OAuth authentication for secure vault access

Host Permissions

Autiz injects a content script on web pages solely to detect OTP input fields and provide autofill functionality when explicitly requested by the user.

Data Deletion

Users can delete all stored data at any time by:

Removing individual accounts within the app
Using the "Reset all data" option in Settings
Uninstalling the extension (all local data is automatically removed)

Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected in the "Last updated" date above.

Contact

If you have questions about this privacy policy, please contact us at info@playsure.jp.