Privacy Policy

Last Updated: January 24, 2026

Overview

Bliksem Scanner is a security demonstration application developed by Helioz Systems PTY (Ltd) to educate users about RFID skimming vulnerabilities in contactless payment cards. This privacy policy explains how the app handles information when you use it.

1. Data Collection

What We Collect

None. Bliksem Scanner does not collect any personal information.

What We DON'T Collect

• No user accounts - The app does not require registration or login
• No personal information - We do not ask for your name, email, phone number, or address
• No payment card storage - Card data is never saved to device storage or databases
• No analytics or tracking - We do not use Google Analytics, Facebook Pixel, or any tracking tools
• No location data - The app does not access your GPS or location services
• No device information - We do not collect device IDs, IP addresses, or hardware details

2. NFC Card Data

How It Works

When you tap "Start Scan" and hold a contactless card to your phone, the app temporarily reads publicly available data from the card's NFC chip, which may include:

• Card number (PAN)
• Expiry date
• Card scheme (Visa, Mastercard, etc.)

What Happens to This Data

Card data is:

• Displayed on screen only - Shown to demonstrate RFID vulnerability
• Stored in RAM temporarily - Exists only in your phone's active memory while the app is running
• Immediately discarded - Deleted from memory when you:
  • Press "Exit" or "Cancel"
  • Press "Return" from the results screen
  • Close the app
  • Lock your phone
• Never transmitted - No internet connection is required or used
• Never saved - Data is not written to files, databases, or cloud storage

3. Permissions

NFC Access

The app requires NFC (Near Field Communication) permission to scan contactless cards. This permission:

• Is only activated when you explicitly press "Start Scan"
• Automatically deactivates after 60 seconds or when you cancel
• Cannot be used without your active interaction
• Does not run in the background

4. Third-Party Services

This app uses the following third-party frameworks for development purposes only:

• React Native (Meta Platforms, Inc.) - App framework
• Expo - Development platform

Neither service collects personal data from this app. The app does not integrate:

• Analytics platforms (Google Analytics, Firebase, Mixpanel, etc.)
• Advertising networks
• Social media SDKs
• Crash reporting services

5. Children's Privacy

Bliksem Scanner does not knowingly collect information from anyone, including children under the age of 13. The app is designed for educational security awareness and does not target or market to children.

6. Data Security

Since no data is collected, stored, or transmitted, there is no risk of data breaches or unauthorized access. The app operates entirely offline on your device.

7. Changes to This Policy

We may update this privacy policy from time to time. Continued use of the app after changes constitutes acceptance of the updated policy. The "Last Updated" date at the top of this page indicates when changes were last made.

8. Your Rights Under POPIA

Under South Africa's Protection of Personal Information Act (POPIA), you have rights regarding your personal data. However, since this app does not collect, process, or store any personal information, these rights do not apply to app usage.

If you have questions about data protection, you may contact the Information Regulator at: www.justice.gov.za/inforeg