Skip to content
Call +1.424.284.2574

SUREFOX PRIVACY POLICY

INTRODUCTION

At 42Gears Systems Mobility Pvt. Ltd, including its subsidiaries and affiliates (hereinafter referred to as "we/us"), hold your privacy in high regard and are committed to safeguarding your personal data. This privacy disclosure/policy specifically pertains to SureFox, our Software ("Software/Application"). Its purpose is to inform our Customers who purchase the Software (referred to as "Customers/you/your") about the types of information collected by the Software. This Privacy Disclosure provides an overview of our policies and procedures regarding the collection, use, transfer, and disclosure of your information when you use the Software. By using the Software, you agree to the collection and use of information in accordance with this Privacy Policy.

 
OVERVIEW OF SUREFOX

SureFox is an ideal solution for locking down web browsing in kiosk setups. It can instantly turn any standard device into a secure web kiosk, enabling Customers to safely access specific websites and web apps and block restricted websites. The benefits of using SureFox include preventing accidental malware downloads, securing business data, cost savings, improved user productivity, maximum device uptime, dynamic adaptation to new web content, enhanced customer experience, and optimized browser settings.

 
DATA COLLECTION

Personal Identifiable Information (PII) or Personal data refers to information that can identify an individual or, with reasonable effort, enable identification. This encompasses data that directly identifies an individual or can be combined with other information to identify them. On downloading of the Application, 42Gears explicitly asks for the requisite consents from its Customers to utilize the Software functionalities. The collection and proper use of such information include the following:

I. RUN-TIME PERMISSIONS: Upon successful installation of the Application, Customers are explicitly asked to grant consent for configuring a few Run-time Permissions which are detailed as under:

a. Storage / Files and Media Access: SureFox may access limited files stored on the device to support kiosk setup and operation. This includes storing and displaying administrator-provided branding assets (such as logos or wallpapers), loading offline kiosk content, and applying configuration files required to run the app in a secure lockdown mode. File access is used only for administrator-configured enterprise purposes. SureFox does not scan personal files, access unrelated user media, or use stored data for advertising, tracking, or analytics. Configuration files are handled securely and only as required for setup, backup, or troubleshooting.

Note: Permission name by OS version may vary as below:

• Android 11 to 15+: "Photos and Videos” and “Music and Video”

• Android 10: "Files and media"

• Android 6.0 to 9.0: "Storage"

b. Telephone (Device Identity): We use limited device information (such as the device serial number or IMEI, where available) only to verify that the app is running on an authorized device. This helps us confirm the app license and keep enterprise features active on approved hardware. This information is used only for license validation. We do not use it for advertising, tracking, or analytics, and we do not share it with third parties.

c. Camera: We use the device camera only when required for administrator-approved actions. Camera access is used to scan a setup or configuration QR code during device provisioning, which helps quickly and securely configure the app without manual data entry. Camera access may also be used by authorized business web applications within the browser (for example, for identity verification, barcode or inventory scanning, or document uploads), as permitted by the administrator. The camera is activated only while the relevant feature is in use and is not accessed in the background. We do not use the camera to collect personal data for advertising, analytics, or tracking purposes, and we do not store camera images or video unless required for the specific administrator-approved function.

d. Microphone Permission: Microphone access is used only to support audio features within administrator-approved websites accessed through the secure browser. This includes real-time voice or video communication (such as WebRTC-based customer support portals or voice-enabled web interfaces) that are explicitly allowlisted by the administrator. The microphone is activated only while the approved website is in use. SureFox does not record, store, or process audio itself, and microphone access is not used for advertising, tracking, or analytics

e. Location: SureFox may access approximate location information only while the app is actively in use. Location access is used to support Wi-Fi–related functionality and to enable location-aware features on administrator-approved websites accessed through the browser, such as business portals that require location for services like logistics, check-ins, or geofenced access. Location data is shared only with whitelisted websites when required and only after user consent is provided at runtime. SureFox does not track location in the background, does not continuously monitor location, and does not store location data for advertising, analytics, or profiling purposes.

f. Notifications: We use notifications to inform users about important security events and to keep the app running properly on dedicated devices. Notifications help prevent the app from being stopped by the system and ensure the kiosk lockdown remains active. Notifications are used only for operational and security purposes. We do not use notifications for advertising, marketing, or analytics.

Subsequent to these steps, the User must provide authorization to enable administrative controls such as changing screen lock, setting passwords and bluetooth policies and many more. Non-compliance may curtail certain application features. Such permissions apply irrespective of whether the User operates a full version or is under a trial period.

II. HARDWARE AND DEVICE INFORMATION: During the sign-up process for SureFox activation and enabling full features in kiosk lockdown, we collect specific hardware and device information, including device model, IP address, IMEI, IMEI2, WiFi Mac, Bluetooth Mac, Android ID, Serial Number, and device OS. This information is used to uniquely identify devices and associate them with Customer accounts and their license. Additionally, the collected data may be utilized to display device details for Customer use cases within the SureFox Admin Settings, such as showing IMEI, IMEI2, Android ID, Serial Number, GUID, WiFi Mac Address, and Bluetooth Mac Address in the "About SureFox" section.

III. USER REGISTRATION INFORMATION: When You register for our Software, We collect essential user information, including your Company Name, Email Address, Phone Number, and Country of Origin, collectively referred to as 'User Registration Information.' This data is used for license upgrades and to enable ongoing business and transactional communications with our Customers. 

CUSTOMER PORTAL

Upon completion of registration, the Customer will receive an email containing their username, password, and an Activation Code. This code allows them to view all the hardware and device information gathered during the sign-up process on their Customer Portal once added. Non-usage of Activation Code shall limit certain functionalities of the Software such as an access to the limited websites, and unavailability of SureFox Pro settings etc.
Please note that If you are Purchasing SureFox through the sales team, additional information might be needed for transaction purposes, such as a technical email address to ensure processing.

 
USE OF PERSONAL DATA
We use personal data with your consent to provide you with a smooth and personalized experience. During Software sign-up, we collect information for the following purposes:
a. Service Provision and Maintenance: We use the data to ensure our services run smoothly, monitor usage, and ensure compatibility with your device.

b. Communication: We may contact you through email, phone calls, texts, or push notifications to provide updates, inform you about new features, or share important information related to our services or products you have contracted.

c. Contractual Obligations: If you have purchased our Software or entered into an agreement with us, we use the data to fulfill our contractual obligations, including Software development and compliance.

 
PRIVACY AND SECURITY CONTROLS

In accordance with our shared responsibility model with Customers, we are committed to ensuring the security of data within our services.
Our objective is to safeguard and protect personal data against unauthorized access, misuse, disclosure, alteration, loss, or any other security risks. To achieve this, we have implemented reasonable technical and organizational security measures in line with established industry standards and practices. These measures are designed to prevent unauthorized access, maintain data confidentiality and integrity, and mitigate potential security vulnerabilities. However, it is imperative for our Customers to acknowledge their role in maintaining effective security while utilizing our services. By adhering to secure practices and exercising caution in their interactions, Customers can contribute to the creation of a secure environment for their data.
Furthermore, all communications originating from our application are secured through the utilization of robust SSL/TLS protocols. This ensures that data transmitted between the application and our servers remains confidential and protected during the transmission process, safeguarding against unauthorized interception, or tampering.

 
CONSENT

Prior to gathering any data from Customers' devices, we strictly adhere to the principle of obtaining their informed consent. We display a consent dialog requesting your approval to gather data necessary for the Software's operation, as outlined in our policy, wherein we provide a comprehensive summary that outlines the necessity of the permission. Our objective is to ensure Customers are well-informed about the reasons behind each runtime and special permission request (such as configuring, display over other apps and so forth), empowering them to make an informed decision. We uphold user privacy and transparency as integral aspects of our data collection process, aligning with legal requirements and best practices. Furthermore, within the Customer Portal, Customers have the ability to revisit and withdraw their consent for receiving emails concerning renewals and other transactional mails.

 
PERSONAL DATA TRANSFER AND DATA STORAGE

When SureFox is used as a standalone product, we process and store data about you on AWS servers located in the N.Virginia region. However, in case SureFox is used by the customer in integration with SureMDM, then the data shall be stored in either AWS server location from India, US, and UK as the customer chooses while signing up. Your Personal data may therefore be transferred to, using appropriate security protocols, processed and stored in a country different from your country of residence, and be subject to privacy laws that are different from those in your country of residence. The Personal Data that we store is not highly sensitive and is required to conduct normal and expected business practices. Specifically, Personal Data, as described in this policy, is stored on AWS N.Virginia data servers. We and all third-party companies with which we are engaged have committed to complying with the 2018 EU GDPR privacy regulation , California Privacy Rights Act 2023, and other applicable data protection laws. We store and use minimal Customer personal data, ensuring there's a legitimate legal basis for its storage and usage which we have clearly outlined in this policy and also our Global Privacy Policy.

 
DATA RETENTION AND DELETION

Your Personal data will be kept for the duration of your active account:

  • as required to deliver products or services to you; 
  • as specified in the End User License Agreement/Terms of Use agreement; 
  • as necessary for the purposes mentioned in this policy or during the data
    collection process; as mandated by our legal obligations;
  • to address Unsubscribe requests, resolve disputes, fulfill financial audit
    requirements, enforce our agreements; or
  • as permitted by applicable law.

You may delete the Software from the "Settings" option using "Uninstall SureFox" or uninstall from device system settings in the application settings. To request data deletion or exercise any rights related to your personal data, please complete and submit the Subject Access Request form or write to us at privacyinfo@42gears.com

Except as provided in this privacy disclosure, on deletion of the Software, the data deletes from the devices and the Activation Portal (an internal system to manage customer’s data) from the live system immediately. However, the data remains in the secured database as a backup for 60 days, after which the data gets permanently deleted thereafter. Please note that a deletion request may not result in the complete deletion of your data, specifically purchase information that will be maintained for legal and financial audit purposes.

SUREFOX INTEGRATION WITH SUREMDM

When the Software is integrated with SureMDM, it collects the hardware data in addition to the data collected by SureMDM itself. Under Android Enterprise enrollment [DO (device owner)/PO (profile owner)], Customers can erase the SureFox data from SureMDM. Generally, If SureFox is used in conjunction with SureMDM, it is possible to uninstall the SureFox application using the Run Script feature. Further, to use the Run Script feature We provide an analytics key for integration of SureMDM and SureFox to transfer analytics reports. These reports comprise metrics such as website visits, time spent, and webpage titles for reporting purposes.

CHANGES TO PRIVACY POLICY

We will occasionally change and update this Privacy Policy. Any changes made to this Privacy Policy will be posted on the Software. If we make any substantial changes to our Privacy Policy, we will post a notice on the website or send an email notification to the Customer's email address available with us.

EXERCISING YOUR RIGHTS

To exercise any of your rights enshrined in the applicable data privacy regulations, including GDPR, please refer to the "RIGHTS" tab of our global privacy policy here.
If the devices of a User are managed by the Customer, then Customers should direct their query to the Customer itself for right to access, or who seeks to correct, amend, or delete inaccurate data. If the Customer requests us to modify or remove the data, we will respond to the Customer's request in accordance with our agreement with the applicable Customer or as may otherwise be required by applicable law.
 
CONTACTING US

If you have any questions about how we handle your data or want to make changes to the data we have or how we contact you in the future, please contact us at privacyinfo@42gears.com.

 

Version 2.0

Release Date: 22/12/2025