Privacy Policy

1 Overview

CITF ("we", "our", or "the App") is a business-to-business (B2B) enterprise manufacturing quality inspection and inventory management system developed by K2M. This Privacy Policy describes what personal data we collect, how we use it, and your rights with respect to that data.

The App is intended for use by employees of manufacturing enterprises who have been issued accounts by their company administrator. It is not directed at the general public or children under the age of 13.

2 Data We Collect

We collect only the minimum data necessary to provide the App's functionality:

We do not collect: name, email address, phone number, physical address, payment information, health data, browsing history, location data, advertising identifiers, or any other personal data not listed above.

3 How We Use Your Data

Data collected is used exclusively for the following purposes:

• Authentication: Your User ID and session token are used to verify your identity and maintain your login session within the App.
• Quality Inspection Records: Photos you take or select are uploaded to your company's private server as part of quality inspection documentation. Photos are stored in your company's account and are accessible only to authorized personnel within your organization.
• Session Management: The anonymous device identifier is used to enforce device login limits set by your company administrator and to allow you to manage active sessions.
• Local Personalization: App preferences (language, theme, dashboard card arrangement) are stored locally on your device via iOS UserDefaults and are never transmitted to any server.

We do not use your data for advertising, analytics profiling, cross-app tracking, or any purpose beyond direct app functionality.

4 Data Storage & Security

All data transmitted from the App is sent to your company's private cloud server via HTTPS/TLS encryption. We do not use third-party analytics, advertising, or cloud storage services.

• Servers are operated by individual enterprise customers; K2M does not have access to customer data stored on those servers.
• Authentication tokens are stored in the device's secure local storage and are cleared on logout.
• App preferences are stored via iOS UserDefaults on-device only and are not transmitted.
• Photos uploaded for inspection records are transmitted over TLS and stored on the company's private server, accessible only to authorized personnel.

5 Data Sharing & Third Parties

We do not sell, rent, or share your personal data with any third party for marketing, advertising, or commercial purposes.

Your data may be shared with the following parties only as described:

• Your employer (the enterprise customer): Quality inspection records, photos, and operational data are accessible to authorized personnel within your company as required for business operations.
• Legal requirements: We may disclose data if required to do so by applicable law, court order, or regulatory authority.

No third-party SDKs for advertising, analytics, or data brokering are included in the App.

6 Tracking

We do not track you. The App does not use Apple's advertising identifier (IDFA), does not link data across apps or websites owned by other companies, and does not share data with data brokers.

The App's NSPrivacyTracking value is false.

7 Data Retention

Data retention is controlled by the enterprise customer (your employer), not by K2M. Your company administrator determines how long inspection records, photos, and user accounts are retained in accordance with your organization's data governance policies.

Local data (session tokens, preferences) stored on your device is deleted when you log out of the App or uninstall it.

8 Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Withdraw consent (where processing is based on consent)
• Lodge a complaint with a supervisory authority

To exercise these rights, contact your company administrator (who controls the enterprise account) or contact us directly at the address below. Account deletion requests will be processed within 30 days.

9 Camera & Photo Library Permissions

The App requests access to your device camera and photo library. These permissions are used exclusively for:

• Camera: Taking photos of manufacturing inspection items and standard reference images for quality inspection documentation records.
• Photo Library: Selecting existing photos from your library to supplement inspection records or upload archived reference images.

Photos are not used for any purpose other than the specific quality inspection record you are creating at the time. You can revoke these permissions at any time in Settings → CITF on your device.

10 Children's Privacy

The App is a professional B2B enterprise tool not directed at children. We do not knowingly collect data from anyone under the age of 13. Access requires an account issued by a corporate administrator.

11 Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. Continued use of the App after changes constitutes acceptance of the revised policy.

For material changes, we will notify enterprise administrators through the App's in-app notification system.

12 Contact Us

If you have questions about this Privacy Policy or wish to submit a data request, please contact us: