Privacy Policy for Committee Book App (BC/Beesi Manager)

Thank you for using the Committee Management App.
Your privacy is important to us. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.

This Privacy Policy complies with Google Play Store, Apple App Store, and applicable privacy regulations.

1. Information We Collect

We only collect information necessary to operate the App's features.

1.1 Personal Information

• Name / Display Name
  
  

• Phone Number (used for OTP login)
  
  

• Email Address (optional)
  
  

• Profile Photo (optional)
  
  

1.2 Committee & Activity Information

• Committees you create or join
  
  

• Draw results and participation history
  
  

• Payment status (marked paid/pending/defaulter)
  
  

• Payment proof metadata
  
  

• Dispute records
  
  

• Group chat & announcements messages
  
  

1.3 Uploaded Files (Payment Proofs)

You may upload images or PDF files as proof of payments.
These files:

• Are stored securely in cloud storage
  
  

• Are only visible to Admin and the elected payout recipient
  
  

• Are never publicly shared
  
  

1.4 Device & App Usage Data

For debugging, analytics, and security:

• Device type
  
  

• OS version
  
  

• Crash logs
  
  

• Basic usage patterns
  (All collected via Firebase Crashlytics & Analytics)
  
  

1.5 Authentication Information

• Phone number for OTP verification
  
  

• Firebase-issued secure tokens
  
  

We do NOT collect:
✖ CNIC / ID information
✖ Bank details
✖ Credit/debit card numbers
✖ Sensitive financial information

2. How We Use Your Information

We use your information strictly to operate the App and deliver its features.

2.1 To Provide App Functionality

• User login & account management
  
  

• Committee creation, joining, and management
  
  

• Draw execution using server-side logic
  
  

• Payment tracking and proof verification
  
  

• Group chat and announcements communication
  
  

2.2 To Maintain Transparency & Auditability

• Generate audit logs for admin actions
  
  

• Store draw seeds for reproducible results
  
  

2.3 To Send Notifications

• Draw reminders
  
  

• Payment deadlines
  
  

• New announcements
  
  

• Chat messages
  
  

• Committee updates
  
  

2.4 To Improve the App

• Fix crashes
  
  

• Improve performance
  
  

• Prevent fraud and abuse
  
  

We never use your data for advertising or selling to third parties.

3. How We Share Your Information

Your data is not shared with advertisers or unauthorized parties.

3.1 Within the Committee

Depending on the committee workflow:

• Admins can see all member information except private proofs of other members
  
  

• Members can see general committee data but cannot see other members’ proof files
  
  

3.2 Service Providers

We use secure third-party services (Firebase by Google) for:

• Authentication
  
  

• Database
  
  

• File storage
  
  

• Cloud Functions
  
  

• Push notifications
  
  

These providers follow strict global security standards (ISO/IEC 27001, GDPR).

3.3 Legal Compliance

We may disclose information if required to:

• Comply with law enforcement
  
  

• Prevent fraud or abuse
  
  

• Protect user safety
  
  

We never sell or rent your data.

4. Data Storage & Security

Your data is stored securely using:

• Firebase Authentication
  
  

• Firebase Firestore / Realtime Database
  
  

• Firebase Cloud Storage
  
  

Security Measures:

• Encrypted data at rest and in transit
  
  

• Role-based access control
  
  

• Strict Firebase Security Rules
  
  

• Limited access to uploaded proofs
  
  

We apply industry-standard security practices.

5. Data Retention Policy

Based on your BRD requirements:

• Payment proofs: kept for 12 months (configurable).
  
  

• Completed committee data: archived after 6 months.
  
  

• Archived data: deleted automatically after 24 months.
  
  

• Your account data: stored until you request deletion.
  
  

6. Your Rights

Depending on your region, you may request:

• Access to your data
  
  

• Correction or update of information
  
  

• Deletion of account and associated data
  
  

• Withdrawal of consent
  
  

• Disable notifications
  
  

Requests can be made by contacting us at:
[Insert Support Email]

7. Children’s Privacy

This App is not intended for children under 13.
We do not knowingly collect information from children.
If such data is discovered, it will be deleted immediately.

8. Cookies and Tracking

We do not use cookies.
Only Firebase analytics & crash reporting are used to improve app stability.

9. Third-Party Services Used

The App uses the following trusted services:

• Firebase Authentication
  
  

• Firebase Firestore / Realtime Database
  
  

• Firebase Cloud Storage
  
  

• Firebase Cloud Functions
  
  

• Firebase Analytics
  
  

• Firebase Crashlytics
  
  

• Firebase Cloud Messaging
  
  

Each service follows its own privacy policy by Google.

10. Data Transfers

Your data may be processed on servers outside your country.
Firebase follows global data protection and international transfer standards.

11. Account & Data Deletion

You can request full deletion of your:

• Account
  
  

• Committees you created
  
  

• Messages
  
  

• Uploaded proofs
  
  

• Activity logs
  
  

To request deletion, email us at [Insert Support Email] or use the in-app deletion option (if available).

12. Changes to This Privacy Policy

We may update this policy to reflect new features or legal requirements.
The updated version will always be available inside the App and on the store listing.