This policy describes the native iOS and Android app that loads the Arka web application. Last updated April 2026.
The mobile app is provided as part of Arka for authorised staff users. The same organisation that operates the Arka web service is responsible for this app.
The app displays the live Arka website inside a secure in-app browser. When you sign in, your username and password are sent to our servers over HTTPS using the same login flow as the website. Session cookies may be stored on your device so you stay signed in until you log out or the session expires.
If you allow notifications, a push token from Apple (APNs) or Google (FCM) is registered with our servers so we can deliver alerts related to your account (for example new messages). You can turn notifications off at any time in your device settings.
If you choose to enable it, your device may store your username and password in the secure keychain (iOS) or encrypted device storage (Android) so you can sign in with Face ID, Touch ID, or your device screen lock. This data stays on your device; we do not receive your biometric information. You can remove it by logging out of the app or clearing app data.
The embedded website may use the same analytics as the browser version of Arka (for example measurement scripts loaded by those pages). The native shell itself does not add separate cross-app trackers.
Server-side handling of your account data is governed by the same terms and practices as the main Arka service. For access, correction, or deletion requests, use the same contact or support channels your organisation uses for Arka.
We may update this page from time to time. The “Last updated” note at the top will change when we do.