Privacy Policy for Pangi

Effective date: 2026-03-31  ·  Last updated: 2026-03-31

Pangi is designed to be privacy-focused.

  • We do not sell your data.
  • We do not use advertising trackers.
  • We do not use third-party analytics in the app.
  • Your authenticator secrets are stored locally on your device and, if you enable sync, the synced account payload is encrypted on-device before upload.
  • Camera access is used only when you choose to scan QR codes.

Pangi is provided by Jacob Suchorabski ("we," "us," or "our"). This Privacy Policy explains how Pangi, including its iPhone app, AutoFill extension, and Apple Watch companion features, handles information.

Information Pangi Processes

1. Authenticator account information you provide

When you add, import, edit, back up, or sync accounts, Pangi may process:

  • issuer or service name
  • account name
  • secret key used to generate one-time codes
  • website field, if you add one
  • algorithm, code length, period, favorites, sort order, and related account metadata

This information is used only to provide authenticator functionality.

2. Locally stored app and security data

Pangi stores certain information on your device, such as:

  • account metadata in local app storage
  • secret values in the Apple Keychain
  • settings and sync state in local preferences
  • temporary clipboard content when you copy a code
  • encrypted backup files if you choose to create them

Copied codes are automatically cleared from the clipboard after a short delay set by the app.

3. Camera access

If you choose to scan a setup QR code, Pangi requests camera permission. QR scanning is used only to import supported authenticator setup data.

4. Biometric or device authentication

Pangi may use Face ID, Touch ID, or device passcode through Apple system frameworks to help protect access to your codes. Pangi does not receive or store your biometric templates.

5. Optional iCloud sync data

If you enable iCloud sync, Pangi may process account data for syncing across your devices. Before synced account payloads are uploaded, they are encrypted on your device. Those encrypted payloads are then stored in your private CloudKit database associated with your Apple account.

6. Optional Apple Watch and AutoFill data

If you use the Apple Watch companion or AutoFill features, Pangi may share the data needed for those features using Apple-provided device and app-extension mechanisms, including shared app storage, Keychain access groups, and watch connectivity.

How We Use Information

Pangi uses information only to:

  • store and display your authenticator accounts
  • generate one-time passcodes on your device
  • import accounts from QR codes or backup files
  • create encrypted backups you request
  • support AutoFill and Apple Watch features you enable
  • sync encrypted account data through iCloud if you choose to turn sync on
  • protect access to the app and improve reliability of core app functions

Data Sharing

We do not sell, rent, or share your personal data for advertising.

Pangi may rely on Apple services only when necessary to provide features you enable, such as:

  • CloudKit / iCloud for optional encrypted sync
  • iCloud Keychain or Apple keychain services for certain security-related storage
  • Password AutoFill frameworks for one-time-code AutoFill support
  • Watch connectivity services for paired Apple Watch functionality

Your use of those Apple services is also subject to Apple's own terms and privacy policies.

Tracking and Analytics

Pangi does not track you across apps or websites.

Pangi does not include third-party advertising SDKs and does not use third-party analytics SDKs in the app.

Data Retention

Pangi retains data for as long as needed to provide the app's functionality or until you delete it.

  • On-device account data remains until you remove the account or delete the app.
  • Encrypted backups remain wherever you save them until you delete them.
  • Optional synced cloud data remains until it is removed through the app or sync is turned off, subject to Apple's system behavior and retention policies.

Security

We use reasonable measures designed to protect your information, including:

  • storing secrets in Apple Keychain services
  • encrypting backup files you create with a password
  • encrypting synced account payloads on-device before upload
  • using system authentication features where available

However, no method of storage or transmission is completely secure, and we cannot guarantee absolute security.

Your Choices

You can choose to:

  • use Pangi without enabling iCloud sync
  • revoke camera permission in iOS Settings
  • delete accounts at any time
  • delete the app and its local data
  • delete exported backup files you created
  • disable AutoFill or Apple Watch usage through your device settings and app usage choices

Children's Privacy

Pangi is not directed to children under 13, and we do not knowingly collect personal information from children.

International Processing

If you use optional iCloud or Apple device services, information may be processed by Apple according to Apple's infrastructure and policies, which may involve storage or processing in countries outside your own.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the date at the top of this document.

Contact

If you have questions about this Privacy Policy, you can contact:

Jacob Suchorabski
Email: jacob@suchorab.ski