Privacy Policy

Ironlink Provisioning App

Effective Date: January 28, 2026

Embedded Iron Inc. ("we", "us", or "our") operates the Ironlink Provisioning App (the "App"). This Privacy Policy describes what information the App accesses, how it is used, and your choices regarding that information.

1. Information the App Accesses

The App accesses the following information solely to provision IronNode devices:

• QR Code Data — Device MAC address, model, and pre-shared key scanned from a device label.
• Network Configuration — WiFi network name, WiFi password, IP address settings, and DNS settings that you enter to configure a device.
• Device Configuration — Hostname and admin password that you enter during setup.
• Available WiFi Networks — A list of nearby WiFi network names and signal strengths retrieved from the device being provisioned.

2. Device Permissions

The App requests the following Android permissions:

• Bluetooth — Required to communicate with IronNode devices via Bluetooth Low Energy (BLE).
• Camera — Required to scan QR codes on device labels.
• Location — Required by Android (versions prior to 12) to enable BLE scanning. The App does not track, record, or transmit your location.
• WiFi — Required for an alternate provisioning method over WiFi SoftAP.
• Internet — Used for network connectivity checks during provisioning.

3. How Information Is Used

All information accessed by the App is used exclusively to configure an IronNode device during a provisioning session. Configuration data is encrypted using AES-256-GCM before being transmitted to the device over BLE.

4. Data Storage and Retention

The App does not permanently store any personal or device data. All information exists only in temporary memory during an active provisioning session and is cleared when the session ends. The App does not use databases, local files, or cloud storage for your data.

5. Data Sharing

We do not sell, share, or transmit your data to any third parties. All communication occurs directly between the App and the IronNode device being provisioned. There are no analytics services, advertising SDKs, or telemetry in the App.

6. Security

The App implements the following security measures:

• ECDH P-256 key exchange for establishing secure sessions with devices.
• AES-256-GCM encryption for all configuration data transmitted via BLE.
• Pre-shared key authentication to ensure only authorized devices are provisioned.
• Cryptographic keys are securely cleared from memory after each session.
• Android system backup of app data is disabled.

7. Children's Privacy

The App is not intended for use by children under the age of 13. We do not knowingly collect information from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

9. Contact Us

If you have questions about this Privacy Policy, contact us at:

Embedded Iron Inc.
support@embeddediron.com