EguWallet

Privacy Policy

Last updated: February 23, 2026

1. Introduction

EguWallet ("we", "us", "our") is an EU Digital Identity Wallet application developed by EguildE S.R.L., compliant with the European Digital Identity framework (eIDAS 2.0, Regulation (EU) 2024/1183). This Privacy Policy explains how we access, collect, use, share, and protect your personal data when you use the EguWallet mobile application ("the App") available on Google Play.

By installing and using the App, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

EguildE S.R.L.
Ilfov County, Romania
Privacy Contact: privacy@eguwallet.eu

If you have questions, concerns, or requests regarding your personal data, you may contact us at the email address above. We will respond within 30 days.

3. Data We Collect

3.1 Account Registration Data

During wallet registration we collect:

  • Phone number — for SMS verification during registration
  • Email address — for email verification during registration
  • First name, last name — for identity association with your wallet instance
  • Selfie photo — for liveness verification and identity matching (processed on-device, transmitted to our server only during PID issuance)

3.2 Device Information

To ensure the security and integrity of your digital wallet, we collect:

  • Device identifier (Android ID) — a pseudonymous identifier used to bind the wallet to your device
  • Device model and manufacturer — to assess hardware security capabilities
  • Android OS version and security patch level — to verify device meets eIDAS 2.0 security requirements
  • Hardware security capabilities — availability of Trusted Execution Environment (TEE), StrongBox, and biometric sensors
  • Biometric enrollment status — whether fingerprint or face authentication is configured (we never access biometric data itself)

3.3 Camera (android.permission.CAMERA)

The App requires camera access for the following purposes:

  • QR code scanning — to read credential offers and verification requests from relying parties
  • Identity document scanning — to capture your national ID card or passport for Person Identification Data (PID) issuance
  • Selfie and liveness verification — to confirm you are a real person by detecting face orientation and movement (multi-pose check)
  • MRZ (Machine Readable Zone) reading — to extract data from your identity document using on-device text recognition

On-device processing: All camera images are processed locally on your device using Google ML Kit. Face detection, selfie segmentation, text recognition, and barcode scanning models run entirely on-device. Raw camera images are not uploaded to our servers unless you explicitly initiate PID issuance, in which case only the document image and selfie are transmitted over an encrypted connection.

3.4 Bluetooth (BLE) and NFC

The App uses Bluetooth Low Energy (BLE) and Near Field Communication (NFC) for offline credential presentation per the ISO 18013-5 standard:

  • BLE — used for proximity data transfer when presenting credentials (e.g., mobile driving licence, digital ID) to a verifier device in person
  • NFC — used for device engagement handshake (tap your phone to a verifier terminal to initiate presentation)

BLE and NFC are only activated when you explicitly choose to present a credential in proximity mode. No location data is derived from Bluetooth or NFC. No data is shared with third parties through these channels — communication is end-to-end encrypted between your device and the verifier.

3.5 Digital Credentials

Your digital identity credentials (PID, mobile driving licence, qualified electronic attestations) are stored encrypted in the Android hardware-backed keystore (TEE/StrongBox) on your device. We do not have access to the contents of your credentials. During presentation, only the specific data fields you explicitly approve are shared with the verifier through selective disclosure.

3.6 Push Notifications

The App uses Firebase Cloud Messaging (FCM) to deliver push notifications about:

  • Credential issuance status (when your PID or other credential is ready)
  • Verification requests from relying parties
  • Wallet attestation renewal reminders

We store a FCM device token on our server to deliver these notifications. You can disable notifications at any time through your Android system settings.

4. How We Use Your Data

  • Registration: phone number and email are used solely for identity verification during wallet setup
  • Wallet attestation: device information is used to assess whether your device meets eIDAS 2.0 security requirements (Level of Assurance High)
  • Credential issuance: your identity data (name, document scan, selfie) is transmitted to the PID Provider to issue your digital identity credential
  • Credential presentation: when you present credentials to a verifier, only the fields you approve are shared (selective disclosure)
  • Device integrity: Play Integrity API results are used to verify the App has not been tampered with and the device is genuine
  • Compliance: eIDAS 2.0 mandatory audit records are maintained without storing personal data in logs
  • Notifications: FCM tokens are used to send you relevant wallet notifications

5. Third-Party Services and SDKs

The App integrates the following third-party services. Each processes data as described:

5.1 Google Play Services

  • Google Play Integrity API — verifies device and app integrity. An opaque integrity token is sent to Google servers; no personal data is included. Google Privacy Policy
  • Google ML Kit (Face Detection, Text Recognition, Barcode Scanning, Document Scanner, Selfie Segmentation) — all models run on-device. No image data is sent to Google. ML Kit Terms
  • Google Identity Services — used for phone number hint during registration. No personal data is shared without your action.

5.2 Firebase (Google)

  • Firebase Cloud Messaging — delivers push notifications. Google processes your FCM token and IP address. Firebase Privacy
  • Firebase Analytics — included in the SDK but the App does not actively send custom analytics events. Standard Firebase Analytics data collection (crash-free users, session data) may apply per Firebase data collection policies.

5.3 EU Digital Identity Libraries

  • EUDI ISO 18013-5 Data Transfer Library — handles proximity presentation via BLE/NFC. All communication is device-to-device, encrypted per ISO 18013-5 session encryption. No data is sent to external servers.
  • EUDI Document Manager Library — manages credential lifecycle on-device. No external data transmission.

5.4 Cryptographic Libraries

Bouncy Castle, Nimbus JOSE JWT, and other cryptographic libraries are used for digital signatures, certificate validation, and secure token handling. These operate locally and do not transmit data.

6. Data Storage and Security

  • Cryptographic keys are stored in Android hardware-backed keystore (TEE/StrongBox) and never leave the secure hardware
  • Credentials are encrypted at rest using hardware-backed keys
  • Local app data is encrypted using AndroidX Security Crypto (AES-256-GCM)
  • All network communication uses TLS 1.3 encryption
  • DPoP (Demonstration of Proof-of-Possession) tokens bind API requests to your device cryptographically
  • JWT attestations are signed with ES256 (ECDSA P-256)
  • Server-side data is stored exclusively in the European Union (Romania)
  • We implement GDPR-compliant data retention and security policies

7. Data Sharing

We do not sell, rent, or trade your personal data. Data is shared only in these circumstances:

  • With verifiers you approve — when you present credentials, only the fields you explicitly consent to are disclosed (selective disclosure)
  • With credential issuers — during PID or attestation issuance at your request
  • With Google Play Integrity API — an anonymous device integrity check (no personal data included)
  • With Firebase Cloud Messaging — your FCM token for push notification delivery
  • Legal requirements — if required by law, court order, or regulatory authority

We do not share your data with advertisers, data brokers, or any parties for marketing purposes.

8. Your Rights (GDPR)

Under the General Data Protection Regulation (EU) 2016/679, you have the right to:

  • Access — request a copy of all personal data we hold about you
  • Rectification — correct inaccurate personal data
  • Erasure — request deletion of your personal data ("right to be forgotten")
  • Restriction — restrict the processing of your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interests
  • Withdraw consent — withdraw consent at any time without affecting prior processing

The App provides in-app GDPR tools including transaction history, connected parties overview, data export, and data erasure request. You can also exercise these rights by contacting privacy@eguwallet.eu. We will respond within 30 days.

You also have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) or your local data protection authority.

9. Account and Data Deletion

You may delete your wallet and all associated data at any time:

  • In-app: Go to Settings → Delete Wallet. This removes all credentials, keys, and local data from your device and requests deletion of your server-side account data.
  • By email: Contact privacy@eguwallet.eu with your request.

Upon deletion, your personal data is removed from our servers within 30 days, except for eIDAS 2.0 mandatory audit records (which contain no personal data) retained for 7 years as required by regulation.

10. Data Retention

  • Wallet attestations: 7 days (automatically renewed)
  • Verification codes (SMS/email): 15 minutes
  • DPoP nonces: 5 minutes
  • eIDAS 2.0 audit logs: 7 years (regulatory requirement, no personal data stored)
  • Account data: retained until you delete your wallet
  • FCM tokens: retained until you delete your wallet or uninstall the App

11. Children's Privacy

EguWallet is not intended for use by children under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly. If you believe a child has provided us personal data, please contact privacy@eguwallet.eu.

12. International Data Transfers

Your personal data is processed and stored exclusively within the European Union (Romania). We do not transfer personal data outside the EU/EEA. Third-party services (Google Play Services, Firebase) may process limited technical data (such as device tokens and IP addresses) in accordance with their own privacy policies and EU Standard Contractual Clauses.

13. Legal Basis for Processing (GDPR Art. 6)

  • Consent (Art. 6(1)(a)) — camera access, biometric authentication, push notifications
  • Performance of a contract (Art. 6(1)(b)) — wallet registration, credential issuance, credential presentation
  • Legal obligation (Art. 6(1)(c)) — eIDAS 2.0 mandatory audit records, regulatory compliance
  • Legitimate interest (Art. 6(1)(f)) — device security assessment, fraud prevention, app integrity verification

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. If we make material changes, we will notify you through the App or by email. Continued use of the App after changes constitutes acceptance of the updated policy.

15. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data:

EguildE S.R.L.
Ilfov County, Romania
Email: privacy@eguwallet.eu