Important: The PipraPay Enterprise Companion mobile application (the “App”) is intended only for authorized PipraPay enterprise customers who have a self-hosted PipraPay server. The App is not a consumer app and has no standalone use for the public. Its sole function is to archive and sync authorized business SMS messages from company-owned devices to the customer’s self-hosted PipraPay server for CRM, record-keeping, and auditing purposes.
Last updated: 2026-01-17
The App requests READ_SMS and RECEIVE_SMS permissions solely to read business-related SMS messages from authorized enterprise systems.
Only messages from pre-approved, whitelisted enterprise sources are processed. Personal, promotional, or unrelated messages are ignored.
Processed SMS messages are transmitted securely to your configured self-hosted PipraPay server and appear in your dashboard for CRM, record-keeping, or audit purposes.
No SMS content is used for advertising, analytics, or shared with third parties outside of enterprise operations.
SMS content is not sent to PipraPay corporate systems unless explicitly configured by the enterprise.
The App requests the CAMERA permission only for scanning QR codes to log in or access enterprise features. The App does not record, store, or transmit photos or videos.
On Android 13+, the App requests the POST_NOTIFICATIONS permission to:
Inform you about background syncing status and errors.
Alert you to operational issues (e.g., failed sync, permissions required).
Notifications are local to your device; we do not collect notification content for analytics or advertising.
Users log in with authorized PipraPay enterprise credentials to authenticate with the self-hosted server. Credentials are used strictly for secure syncing and enterprise operations, and are not used for other purposes.
The App may collect technical information such as device model, operating system version, IP address, app configuration, and crash diagnostics. This data is used only to monitor performance, troubleshoot issues, and improve reliability.
We use Firebase Crashlytics to monitor app stability. Crashlytics may collect device model, OS version, app version, time of crash, stack traces, and a randomly assigned app instance ID. This data is used only for troubleshooting and improving the App.
The App does not access, request, or use the device’s Advertising ID.
Permission / Feature | Purpose | Data Handling |
|---|---|---|
| Communicate securely with your self-hosted PipraPay server. | Network requests limited to your server and essential third-party services (e.g., crash reporting). |
| Display operational status, sync results, and errors. | Notification content is local; not collected for analytics or ads. |
| Archive enterprise SMS messages for CRM and auditing. | Only whitelisted business sources are processed; no personal SMS accessed. |
| Scan QR codes for enterprise login and workflows. | No photos/videos are stored or transmitted. |
| Run foreground service to sync data reliably in the background. | Persistent notification shown; no additional personal data collected. |
| Improve sync stability under battery optimization. | User-controlled; no personal data collected. |
| Resume essential background tasks after device restart. | No user content is read at boot. |
Self-hosted: PipraPay Enterprise is deployed on customer-controlled servers. All synced data stays within the customer’s environment.
SMS Archiving Setting: configure retention period or delete archived messages locally.
Clean All: delete all locally stored SMS data at any time. Server data is managed separately on your self-hosted dashboard.
Local App Data: delete via Clean All or retention settings.
Server Data: managed on the self-hosted PipraPay server. Admins can delete records, accounts, or logs.
General requests: https://help.piprapay.com/hc/articles/24/25/35/data-deletion-piprapay-companion
Securely archive and sync authorized business SMS to your self-hosted server.
Enable QR-based enterprise login and workflow access.
Deliver operational notifications about sync status and errors.
Monitor and improve app performance, reliability, and security.
No data is used for advertising or shared with third parties outside enterprise operations.
Data is transmitted over encrypted channels to your self-hosted server. Access is controlled by your account permissions. Industry-standard safeguards protect information during transmission and on-device storage.
No personal or business SMS content is shared with advertisers or external data brokers. Trusted service providers (e.g., Crashlytics) may process limited technical data only as instructed.
SMS data is processed only to sync with your self-hosted server. Longer-term retention occurs on your server under your organization’s policies. Crash reports are retained per provider standards for troubleshooting.
Revoke SMS, Camera, or Notification permissions at any time (some features will stop working).
Enable/disable specific whitelisted sources from the Filters tab.
Use SMS Archiving Setting or Clean All to remove local data.
Sign out at any time; contact your server admin to delete server data.
The App is not developed by or for any government organization.
The App is not intended for children under 13, and we do not knowingly collect data from children.
The App contains no third-party advertising.
We may update this policy occasionally. The “Last updated” date will reflect the most recent changes. Significant changes will be posted in the App or on our website.
If you have questions, contact your organization’s admin or reach us for support regarding your self-hosted server.