Privacy Policy

Your privacy is very important to us. This Privacy Policy outlines in detail how we collect, use, disclose, and safeguard your personal information when you use our application.

1. Information We Collect

We collect the following categories of personal data when you use our application:

• Identity Information: First Name, Last Name
• Contact Information: Email, Phone Number
• Organizational Information: Department, Section, Role, Joined Organizations, Primary Organization, Position in organizational hierarchy (organogram)
• Media: Profile Image or Image URL
• Privileges: Map of user privileges (permissions or roles, including admin and super admin access)
• Policy Interaction: List of approved policy versions
• System Metadata: Account creation and update timestamps, last login, device information
• Usage Data: Data related to how you interact with the app (e.g., login events, feature usage, navigation patterns)
• Organizational Data: Membership requests, organization creation and management activities, entity and location data within organizations
• Extension Preferences: Favorited extensions, search history within the extensions directory
• Shift Meal Data: Meal preferences and shift-related information (if applicable)
• Boffee Data: Internal utility usage data (if applicable)
• Notification Preferences: Push notification settings and delivery tokens
• Local Cache: Offline data cached locally on your device for improved performance

2. How We Use Your Information

We use the collected data for the following purposes:

• To provide and manage user authentication and security (including OTP verification)
• To personalize the app experience according to your department, section, and role
• To manage your profile and privileges within the application
• To track approved versions of policies for regulatory compliance
• To allow participation in specific organizations within the system
• To manage organization memberships, join requests, and organizational hierarchy (organogram)
• To enable organization switching and set your primary organization
• To provide access to the extensions directory with search, filtering, and favorites functionality
• To manage shift meal preferences and Boffee utility features for internal operations
• To enable admin and super admin functionalities, including organization creation and management
• To send push notifications about important updates, organization activities, and system alerts
• To check for and notify you about app updates to ensure you have the latest features and security patches
• To sync data between the cloud and your device for offline access and improved performance
• To maintain accurate account records, such as timestamps for account creation and updates
• To improve app performance, user experience, and functionality through usage analytics
• To respond to support requests and communicate important updates or changes

3. Data Storage and Protection

Your data is stored securely using the following measures:

• Cloud Storage: Primary data is stored on Firebase cloud infrastructure with enterprise-grade security
• Local Caching: We use Hive database for secure local caching to enable offline access and improve performance
• Sync System: Background synchronization ensures your data is up-to-date across devices while minimizing network usage
• Encryption: All data is encrypted both in transit (using HTTPS/TLS) and at rest
• Access Control: Strict authentication and authorization measures ensure only authorized users can access their data
• App Check: Firebase App Check protects our backend from abuse and unauthorized access

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may only share your data under the following circumstances:

• If required to comply with applicable laws, regulations, or legal processes
• To protect the rights, property, or safety of our users or others
• With trusted third-party service providers who support our platform (e.g., Firebase), under strict confidentiality agreements

5. Data Retention

We retain your data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. When you request account deletion, we will:

• Immediately flag your account with "to_delete" status
• Perform a manual review within 3 months to verify no outstanding issues
• Permanently delete all personal data after review completion
• Retain anonymized system logs for security purposes where required

6. Your Rights and Choices

You have the right to:

• Access and review your personal data
• Request corrections to inaccurate or incomplete data
• Withdraw your consent or delete your account at any time
• Request information about how your data is processed

7. Account and Data Deletion

How to Request Deletion

You may request deletion of your account and associated data through either of these methods:

1. In-App Method:
   • Open the app and navigate to Profile → Settings → Delete My Account
   • Confirm your request when prompted

What Happens After Request

• Your account will be immediately flagged for deletion ("to_delete" status)
• You will receive a confirmation email within 24 hours
• Our team will manually review the request within 30 days
• Upon approval, all personal data will be permanently erased from:
• User authentication systems
• Firestore databases
• Cloud storage (profile images)
• You will receive final confirmation when deletion is complete

Exceptions

We may retain certain data when required by law, including:

• Financial transaction records (if applicable)
• Security incident investigation data
• Content you created that other users still rely on

8. Children’s Privacy

This application is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have collected such data, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or technology. Any significant changes will be communicated within the app or through other means. We encourage you to review this policy regularly.

10. Contact Us

For data deletion requests or privacy concerns:

• Email: abdelaziz.elantaky@gmail.com

Last updated: January 30, 2026

11. Policy Metadata

Policy Version: 2.0

Effective Date: January 30, 2026

Last Updated: January 30, 2026