Storage and Identifiers Policy
MadeiraGovID Mobile Application — Local Storage and Technologies Analogous to Cookies
This notice describes the local storage and persistent identifiers used by the MadeiraGovID mobile application, and complements the Mobile Application Privacy Policy. Being a native application, it does not use cookies, but relies on equivalent forms of local storage described below.
1. Types of Storage Used
- System secure storage — Keychain on iOS and EncryptedSharedPreferences on Android, encrypted by the operating system and hardware-backed where available. Essential purpose, equivalent to session and authentication cookies;
- In-memory cache — transient data held only while the application is running. Essential and functional purpose, equivalent to session cookies;
- File-based cache — small files stored in the application's private storage area (for example, the profile picture), with a limited lifetime;
- Third-party operational identifiers — Firebase Installation ID, a pseudonymous identifier generated by Firebase to support push notification delivery and diagnostics, with no link whatsoever to advertising identifiers.
The application does not use storage for advertising purposes nor does it collect advertising identifiers (Android Advertising ID, iOS Identifier for Advertisers, Android SSAID, Google Signals).
2. Detailed Inventory
The following table lists the storage items used by the application:
| Item | Type | Purpose | Duration |
|---|---|---|---|
| OIDC tokens (access, refresh, identity) | Essential | Maintaining the authenticated session and automatic credential renewal. | Until sign-out or revocation. |
device_id (UUID) |
Essential / Security | Unique installation identifier used for cryptographic signing of backend requests. | Persistent, until application data is cleared or uninstalled. |
| ECDSA P-256 key pair (private key in Keychain / Keystore) | Essential / Security | Cryptographic signing of every HTTP request, in compliance with Article 32(1) GDPR. | Until device registration revocation or reinstallation. |
| FCM / APNs notification token | Essential | Receiving authentication notifications (2FA, QR sign-in, security alerts). | Refreshed by the operating system; cleared on sign-out. |
| Validated identifiers (NIC, NIF, date of birth, NISS, institutional emails) | Functional | Display in the user profile and authorised sharing with linked services. | While the validation remains active. |
| TOTP accounts (local authenticator) | Functional | Local generation of TOTP codes (RFC 6238) for multi-factor authentication in user services. | Until removed by the user. |
| Encrypted TOTP Vault (passphrase-protected) | Functional | End-to-end synchronisation of TOTP accounts across the user's devices. | Until the Vault is disabled. |
telemetry_consent |
Essential | Records the user's telemetry preference ("accept all" / "essentials only") to avoid repeating the choice on every launch. | Persistent, until preferences are reset or the app is uninstalled. |
| Profile, services and sessions cache (in-memory) | Essential | Application performance and temporary offline behaviour. | Session; cleared on sign-out. |
Profile picture cache (profile-photo.jpg) |
Functional | Display of the profile picture without a server round-trip. | 7 days or until sign-out. |
| Firebase Installation ID | Operational | Pseudonymous installation identifier supporting Firebase Cloud Messaging and Crashlytics. No link to AAID, IDFA or SSAID. | Until application uninstallation. |
Firebase Analytics app_instance_id (only in "Accept all" mode) |
Analytics | Session correlation and generation of retention and funnel reports in Firebase Analytics. | Until preference is changed to "Essentials only" or the app is uninstalled. |
3. Third-Party Identifiers
The Firebase Installation ID is a pseudonymous identifier generated by the Firebase system on first launch. It is reset whenever the application is uninstalled and reinstalled, or when the user clears the application's data at operating system level. There is no link between this identifier and advertising identifiers, as the Android Advertising ID, iOS IDFA and Android SSAID are not collected by the application.
4. Managing Local Storage in the Application
- Sign out — purges secure storage (tokens, validated identifiers, profile cache) and keeps only the
device_id, the device cryptographic key and the telemetry preference; - Change telemetry preferences — under Settings > Privacy > Telemetry preferences. Switching to "Essentials only" stops the use of the persistent Firebase Analytics
app_instance_id; - Uninstall the application — deletes all local storage, including the Firebase Installation ID, device keys and the telemetry preference;
- iOS: System Settings > MadeiraID > permission management;
- Android: Settings > Apps > MadeiraID > Storage > Clear data.
5. Additional Questions
For additional questions about local storage in the mobile application, or about the processing of your personal data in general, please contact:
Technical support: id@madeira.gov.pt
Data Protection Officer: gcpd@madeira.gov.pt
Last updated: 13 May 2026.