Privacy Policy — Projonexa Mobile
Privacy Policy — Projonexa Mobile
1. Introduction
This Privacy Policy describes how Projonexa We collects, uses, stores, shares, and protects information when you use the **Projonexa Mobile** application (the “**App**”) on Android and iOS.
The App helps students and clients sign in, view project progress, communicate with their project team, and manage account settings. By creating an account or using the App, you agree to this Privacy Policy. If you do not agree, please do not use the App.
---
## 2. Who we are
| Item | Detail |
|------|--------|
| **App name** | Projonexa Mobile |
| **Publisher / developer name** | Projonexa |
| **Android application ID** | `com.projonexa.app` |
| **Website** | [https://projonexa.com](https://projonexa.com) |
| **Contact page** | [https://projonexa.com/contact](https://projonexa.com/contact) |
| **Privacy inquiries** | [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com) |
| **Support** | [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com) |
---
## 3. Scope
This policy applies to the Projonexa Mobile App and the backend services it connects to for authentication, project data, and messaging.
This policy does **not** govern:
- The Projonexa marketing website or student web portal (separate policies may apply on those properties).
- Third-party websites or services you open from the App (for example, links opened in your browser or email client).
---
## 4. Information we collect
We collect information in the following categories.
### 4.1 Information you provide directly
When you register, sign in, or contact support, we may collect:
| Data type | Examples | Required? |
|-----------|----------|-----------|
| **Account identifiers** | Name, email address | Yes (for account creation) |
| **Contact information** | Phone number | Optional at registration |
| **Authentication data** | Password (processed securely; not stored in plain text) | Yes (for password-based sign-in) |
| **Verification codes** | One-time passwords (OTPs) sent to your email for signup, password reset, or password change | When you use those features |
| **Support communications** | Content of emails you send us (for example, data access or account deletion requests) | When you contact us |
### 4.2 Information generated through your use of the App
When you use authenticated features, we may process:
| Data type | Examples | Purpose |
|-----------|----------|---------|
| **Project information** | Project titles, milestones, deliverables, team assignments, progress | Provide project tracking |
| **Messages** | Chat content between you and mentors, teams, or support | Enable in-app messaging |
| **Session and security data** | Login timestamps, session tokens, platform type (Android or iOS) | Authenticate you and protect your account |
> **Demo / preview mode:** Some App builds may display sample project and message content stored only on your device for demonstration purposes. That sample content is not uploaded to our servers unless you sign in and use live account features.
### 4.3 Information stored on your device
The App stores certain data locally on your phone or tablet to keep you signed in and remember preferences:
| Data type | Storage | Purpose |
|-----------|---------|---------|
| **Session token** | Device local storage (`SharedPreferences`) | Keep you signed in between App launches |
| **Basic profile cache** | Device local storage | Display your name and account details offline |
| **Theme preference** | Device local storage | Remember light, dark, or system theme |
You can remove locally stored session data by signing out of the App or clearing the App’s storage in your device settings.
### 4.4 Information we do **not** collect
Based on the current version of the App, we do **not** intentionally collect:
- Precise or approximate location (GPS)
- Contacts, calendar, or call logs
- Photos, videos, or files from your device storage
- Microphone or camera recordings
- Advertising identifiers for targeted advertising
- Health, financial, or government ID data through the App
The App requests **network (Internet) access** only, which is required to communicate with our servers.
### 4.5 Automatically collected technical information
When the App communicates with our backend API, standard technical data may be processed by our hosting infrastructure, such as:
- IP address
- Request timestamps
- Device platform (`android` or `ios`, sent in the `X-Platform` header)
- HTTP request/response metadata needed to deliver the service
We use this information for security, troubleshooting, and service reliability—not for selling or profiling you for advertising.
---
## 5. How we use your information
We use personal information for the following purposes:
| Purpose | Description |
|---------|-------------|
| **Account creation and authentication** | Register your account, verify your email via OTP, sign you in, and manage password changes |
| **Core App functionality** | Display projects, milestones, deliverables, and messages tied to your account |
| **Customer support** | Respond to your questions, data requests, and account deletion requests |
| **Security and fraud prevention** | Protect accounts, detect abuse, and maintain service integrity |
| **Legal compliance** | Meet applicable legal obligations and respond to lawful requests |
| **Service improvement** | Understand reliability issues and improve App performance (without selling your data) |
We do **not** sell your personal information. We do **not** use your personal information for third-party advertising in the current App version.
---
## 6. Legal bases for processing (EEA, UK, and similar regions)
If you are located in the European Economic Area, United Kingdom, or another region that requires a legal basis for processing, we rely on:
- **Contract** — processing necessary to provide the App and your account features.
- **Legitimate interests** — securing our services, preventing misuse, and improving reliability, balanced against your rights.
- **Consent** — where required (for example, optional contact details or communications where consent is the appropriate basis).
- **Legal obligation** — where we must retain or disclose information under applicable law.
You may withdraw consent where processing is consent-based, without affecting the lawfulness of processing before withdrawal.
---
## 7. How we share your information
We share personal information only in limited circumstances:
| Recipient | Why we share | Safeguards |
|-----------|--------------|------------|
| **Cloud hosting providers** | Store and run our backend API and database | Contractual protections; access limited to service operation |
| **Email delivery services (SMTP)** | Send OTP and account-related emails | Used only to deliver messages on our behalf |
| **Typography / CDN providers** | The App may download fonts (for example, via Google Fonts) for display | Standard network requests; no account data intentionally shared for ads |
| **Legal and safety disclosures** | When required by law, court order, or to protect rights, safety, and security | Disclosures limited to what is legally necessary |
We do **not** share your personal information with data brokers or advertising networks for cross-app tracking.
If Projonexa is involved in a merger, acquisition, or asset sale, your information may be transferred subject to continued protection consistent with this policy. We will notify you where required by law.
---
## 8. International data transfers
Projonexa is operated from India. Our service providers may process data in India and other countries where they maintain infrastructure (for example, cloud regions used by our hosting partners).
Where required, we implement appropriate safeguards for cross-border transfers, such as contractual clauses and security measures consistent with applicable data protection laws.
---
## 9. Data retention
We retain personal information only as long as necessary for the purposes described in this policy:
| Data category | Retention period |
|---------------|------------------|
| **Active account data** | While your account remains active and you use the App |
| **Authentication and profile data** | Until you request deletion or we delete your account |
| **Messages and project records** | While your account is active, unless deleted earlier per your request or project completion policies |
| **OTP / verification records** | Short-term retention for security verification, then deleted or anonymized |
| **Support emails** | As long as needed to resolve your request and meet legal obligations |
| **Server logs** | Limited retention for security and troubleshooting, then deleted or anonymized |
After an approved **account deletion request**, we delete or anonymize personal data within **30 days**, except where retention is required by law (for example, tax, fraud prevention, or dispute records).
---
## 10. Security
We implement reasonable technical and organizational measures to protect your information, including:
- **Encryption in transit** — API communication uses HTTPS/TLS.
- **Password protection** — Passwords are hashed on our servers; we do not store plain-text passwords.
- **Access controls** — Access to production systems is limited to authorized personnel.
- **Session management** — Authentication tokens are used to secure API requests.
No method of transmission or storage is 100% secure. Please use a strong, unique password and keep your device secure. Notify us immediately if you suspect unauthorized access to your account.
---
## 11. Your choices and privacy rights
Depending on your location, you may have rights to:
- **Access** the personal information we hold about you
- **Correct** inaccurate or incomplete information
- **Delete** your account and associated personal data
- **Export** a copy of your data
- **Object to or restrict** certain processing
- **Withdraw consent** where processing is based on consent
- **Lodge a complaint** with your local data protection authority
### How to exercise your rights
**In the App**
- **Change password:** Settings → Privacy & security → Change password
- **Sign out:** Clears your local session token from the device
**By email**
Contact us at [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com) with:
- Subject line: `Projonexa Mobile — Data request` (for access/export) or `Account deletion request` (for deletion)
- The email address registered to your Projonexa account
We may verify your identity before fulfilling a request. We aim to respond within **30 days**.
---
## 12. Account deletion
You may request permanent deletion of your account and associated personal data by emailing [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com) from your **registered email address** with the subject **“Account deletion request.”**
We will:
1. Verify that you control the account
2. Confirm the request
3. Delete or anonymize eligible personal data within **30 days**, subject to legal retention requirements
Deleting your account may permanently remove access to projects, messages, and other App content linked to that account.
---
## 13. Children’s privacy
Projonexa Mobile is intended for users **13 years of age and older**. Where local law requires parental consent for users under 18, a parent or legal guardian must approve use of the App.
We do **not** knowingly collect personal information from children under **13**. If you believe we have collected information from a child under 13, contact us at [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com) and we will take steps to delete it.
---
## 14. Third-party links and services
The App may open external links (for example, our website, support email, or college projects page) using your device’s browser or email app. Those third parties have their own privacy practices. We encourage you to review their policies before providing personal information to them.
---
## 15. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the “Last updated” date at the top of this document
- Provide notice in the App (for example, on the Privacy & security screen) where appropriate
- Post the revised policy on our website
Your continued use of the App after the effective date of an updated policy constitutes acceptance of the changes, unless applicable law requires otherwise.
---
## 16. Contact us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:
**Email:** [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com)
**Website:** [https://projonexa.com](https://projonexa.com)
**Contact:** [https://projonexa.com/contact](https://projonexa.com/contact)
---
## Appendix A: Google Play Data safety disclosure summary
Use this section when completing **Play Console → App content → Data safety**. Adjust answers if your production deployment changes (for example, when live messaging APIs replace demo data).
### Data collected
| Data type (Play Console category) | Collected? | Shared? | Purpose | Optional? |
|-----------------------------------|------------|---------|---------|-----------|
| **Name** | Yes | No | Account management, App functionality | Required for account |
| **Email address** | Yes | No | Account management, App functionality, Developer communications (OTP) | Required for account |
| **Phone number** | Yes (optional field) | No | Account management | Optional |
| **User IDs** | Yes (internal account ID) | No | Account management, App functionality | Required for account |
| **Other in-app messages** | Yes (project chat content) | No | App functionality | Required for messaging feature |
| **App interactions** | Yes (project views, messaging activity) | No | App functionality | Required for core features |
| **Device or other IDs** | No advertising ID; platform type only | No | App functionality, Fraud prevention, Security | — |
### Data handling practices (typical answers)
| Question | Answer |
|----------|--------|
| Is data encrypted in transit? | **Yes** (HTTPS) |
| Can users request data deletion? | **Yes** (email request; see Section 12) |
| Is data sold to third parties? | **No** |
| Is data used for advertising or marketing? | **No** (current App version) |
| Is collection required or optional? | Account fields required for sign-in; phone optional |
### Permissions declared (Android)
| Permission | Purpose |
|------------|---------|
| `INTERNET` | Connect to Projonexa backend API |
No location, contacts, storage, camera, or microphone permissions are requested by the current App version.
---
## Appendix B: Plain-language summary
- We collect account details (name, email, optional phone) and content you create in the App (projects and messages).
- We use that information to run the App—not to sell ads.
- Passwords are hashed; network traffic is encrypted.
- You can request a copy of your data or delete your account by emailing us.
- The App is not directed at children under 13.
- Questions: [nisargalokhande@gmail.com](mailto:nisargalokhande@gmail.com)
*Projonexa Mobile — Where Innovation Meets Execution.*