Introduction
Welcome to Authentify, operated by Diggit. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, store, and safeguard your information when you interact with our product verification service via WhatsApp or any other channel.
Information We Collect
We collect the following information when you use our service:
- Phone number — provided automatically when you message us on WhatsApp
- Name — from your WhatsApp profile (if available)
- Email address — if you choose to provide it for loyalty points
- GPS location — only if you voluntarily share it via WhatsApp for bonus points
- Product scan history — QR codes scanned, timestamps, and verification results
- Device and IP information — collected at scan time for fraud detection
- Report submissions — if you report a suspected counterfeit product
How We Use Your Information
The information we collect is used exclusively for the following purposes:
- Verifying product authenticity on your behalf
- Delivering verification results and loyalty points via WhatsApp
- Operating the customer loyalty and redemption points program
- Detecting and investigating counterfeit product patterns
- Generating anonymized analytics for brand owners (tenants)
- Processing counterfeit product reports for investigation
WhatsApp Integration
Our service communicates with you exclusively through the WhatsApp Business API. By messaging our WhatsApp number, you consent to receive automated responses containing product verification results, loyalty point updates, and redemption information.
We will never send unsolicited promotional messages. All outbound messages are direct responses to your actions — scanning a product, sharing a location, or requesting a coupon.
Location Data
Location sharing is entirely voluntary. When you share your GPS location via WhatsApp, we use it to:
- Award location-based loyalty bonus points
- Record the approximate scan location in verification logs for brand analytics
- Assist in identifying counterfeit product distribution patterns
We use OpenStreetMap (Nominatim) to convert GPS coordinates to a readable city and country name. No location data is sold or shared with advertisers.
Loyalty Points & Redemption
If you participate in our loyalty program, we store your points balance, transaction history, and any coupon codes generated through redemption. This data is linked to your phone number and is used solely to operate the loyalty program on behalf of the brand you scanned.
Data Sharing
We do not sell, trade, or transfer your personal information to third parties. Anonymized scan data and aggregate analytics may be shared with brand owners (tenants) for product security purposes. No personally identifiable information is shared without your consent.
Data Security
We implement industry-standard security measures including JWT-based authentication, encrypted database connections (PostgreSQL over TLS), and secure HTTPS API communications to protect your data from unauthorized access or disclosure.
Data Retention
Verification logs and scan history are retained for up to 24 months for security and analytics purposes. You may request deletion of your data at any time by contacting us.
Your Rights
You have the right to:
- Request access to your personal data we hold
- Request correction of inaccurate data
- Request deletion of your account and associated data
- Withdraw consent for location data collection at any time
Third-Party Services
Our service uses the following third-party services:
Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated via WhatsApp notification or through the application. Continued use of the service after changes constitutes acceptance of the updated policy.
Contact Us
For any questions, data requests, or concerns regarding this Privacy Policy, please contact us: