Data Processing Guide

After the EngageLab SDK is initialized in your application, it collects data to enable silent identity verification and prevent security risks. To help you meet global privacy compliance requirements, please refer to this guide to manage user consent for data collection.

Data Processing Principles

• Minimization Principle: The data automatically collected by the EngageLab SDK typically does not constitute PII (Personally Identifiable Information) and is designed to adhere to the principle of data minimization to ensure service compatibility.
• Role Definition: In the Silent Auth service, your application (developer) acts as the data controller, responsible for collecting and determining the purpose of processing; EngageLab and its vendors act as data processors, processing information only under your instructions.

Obtaining User Consent

• Ensure that the SDK is initialized only after the user clicks the "Agree" button in the privacy agreement.
• You need to explicitly inform end users in your privacy policy that their authorization allows wireless carriers to disclose phone numbers and device information to the application and its service providers for identity verification and fraud prevention.

  Important Note: To meet compliance requirements, you must not initialize the EngageLab Silent Auth SDK before the user agrees to the privacy agreement.