A structured description of how VTCYBER Security Management processes account, security, communication, device and notification data in the Apple application.
VTCYBER Security Management is an internal communication and notification application connected with the VTCYBER system. The organization operating the VTCYBER system is the controller for account, security and communication data processed in the app. Contact: kontakt@vtcyber.pl.
The app is used for authenticated access to encrypted VTCYBER communications, private chats, group chats, the general operational chat, device vault activation, pairing of trusted devices, duty information and secure notifications.
Where Secure Messaging is active, message content is end-to-end encrypted. The Secure Messaging framework uses a recoverable multi-device E2EE model following a Threema-style design: every trusted device has its own key material, pairing transfers an encrypted activation package, and the server stores encrypted payloads plus delivery metadata needed to synchronize messages. Private keys are stored locally in the device vault and protected by Keychain. Face ID or the device passcode may be used to protect access to the app content.
The app is prepared for iPhone and iPad. It may also be made available on Apple Silicon Macs as an iPhone/iPad app on Mac. Apple Watch is used for notification delivery only: watch notifications state that a message has arrived but do not expose plaintext message content and do not provide a separate chat interface.
Push and local notifications do not show the plaintext message content. They may state that a private, group or general chat message has arrived. Delivery is handled through Apple Push Notification service where applicable.
The Apple submission package includes the VTCYBER home screen label, the privacy manifest PrivacyInfo.xcprivacy, App Store materials, this privacy policy in Polish and English, and the public privacy URLs for Apple review.
The app does not use advertising identifiers, does not track users across apps or websites, does not sell personal data, and does not use third-party advertising analytics. The app does not request access to contacts, photos, health data, payments or precise location for its core communication function.
Message and security records are retained according to the VTCYBER system configuration and the controller's organizational retention rules. Archiving or removing a chat from the mobile list affects visibility for the signed-in user and does not necessarily delete records required by organizational retention, audit or security obligations.
Users may contact the VTCYBER administrator or the controller at kontakt@vtcyber.pl to request information about data processing, access, correction, restriction or deletion where applicable under law and organizational policy.
