Privacy Policy

Last Updated: October 25, 2025

Jubayer Ahmad built the Campus Dirasah app as a Commercial app. This SERVICE is provided by Jubayer Ahmad and is intended for use as is.

This page is used to inform visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service.

If you choose to use our Service, then you agree to the collection and use of information in relation to this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy.

The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which is accessible at Campus Dirasah unless otherwise defined in this Privacy Policy.

Information Collection and Use

For a better experience, while using our Service, we may require you to provide us with certain personally identifiable information, including but not limited to:

• Name (Display Name)
• Email Address
• Profile Photo URL
• User ID (UID)
• Account Creation Timestamp
• Last Login Timestamp
• Admin Role Information
• App Notification Token (FCM Token)
• Device Information (Device Model, Operating System, Device IDs)
• IP Address (used to derive approximate location at city/country level)

The information that we request will be retained by Jubayer Ahmad and used as described in this privacy policy.

The app does use third party services that may collect information used to identify you.

Link to privacy policy of third party service providers used by the app:

• Google Play Services - https://policies.google.com/privacy
• Google AdMob - https://support.google.com/admob/answer/6128543
• Google Analytics for Firebase - https://firebase.google.com/support/privacy
• Firebase Crashlytics - https://firebase.google.com/support/privacy
• Firebase Authentication - https://firebase.google.com/support/privacy
• Firebase Firestore - https://firebase.google.com/support/privacy
• Firebase Realtime Database - https://firebase.google.com/support/privacy
• Firebase In-App Messaging - https://firebase.google.com/support/privacy
• Firebase Cloud Messaging - https://firebase.google.com/support/privacy
• Firebase Performance Monitoring - https://firebase.google.com/support/privacy
• Google User Messaging Platform (UMP) - https://support.google.com/admob/answer/10113004?hl=en

Google Play Data Safety Declaration

We collect and declare the following data types in accordance with Google Play's Data Safety Form requirements:

Location Data:

• Approximate location (derived from IP address only - NOT precise GPS)
• Purpose: Regional content delivery, analytics, fraud prevention
• Collected by: Firebase Analytics, Firebase Performance Monitoring, AdMob
• User control: Cannot be disabled as it's automatic from IP address

Personal Information:

• Name (Display Name from Google Sign-In)
• Email Address
• User ID (UID)
• Profile Photo URL
• Purpose: Account authentication and profile management
• User control: Required for account functionality

Device and App Identifiers:

• Android Advertising ID (AAID)
• Firebase Installation ID
• App Instance ID
• Device model, manufacturer, OS version
• Purpose: Analytics, advertising, crash reporting, performance monitoring
• User control: AAID can be reset or personalization disabled via device settings

App Activity:

• App interactions and usage patterns
• Screen views and navigation
• In-app actions and events
• Purpose: Service improvement, user experience optimization
• User control: Core functionality, cannot be fully disabled

App Performance and Diagnostics:

• Crash logs and stack traces
• Performance metrics (load times, network latency)
• Error reports and debugging information
• Purpose: Bug fixing, stability improvement, app optimization
• User control: Automatic for service quality

Messages:

• Push notification tokens (FCM tokens)
• In-app message interaction data
• Purpose: Delivering notifications and announcements
• User control: Can be disabled via device notification settings

All data collection is transparently disclosed and complies with Google Play's Data Safety requirements. Data sharing is limited to Google Firebase, Google AdMob, and Google Play Services as described in the "Data Sharing" section below.

Data We Collect and How We Use It

1. Account Information (via Google Sign-In)

When you sign in with Google, we collect:

• User ID (UID)
• Display Name
• Email Address
• Profile Photo URL
• Account creation time
• Last login time
• Admin role flags (for app moderation features)
• FCM notification token (for push notifications)

This data is stored in Firebase Firestore and Firebase Authentication to manage your account, authenticate your identity, and provide core app functionality.

2. Google Play Services and Advertising ID

Google Play Services is a core Android service that enables app functionality. It collects the following data:

Android Advertising ID (AAID):

• Purpose:
  • Serving personalized advertisements based on user interests
  • Ad performance measurement and attribution
  • Analytics and user behavior insights
  • Fraud detection and prevention
• Shared with: Google AdMob, Firebase Analytics, authorized advertising partners
• User Control:
  • Users in EEA/UK/Switzerland can choose consent preferences via in-app dialog
  • All users can opt out via Android Settings > Google > Ads > "Opt out of Ads Personalization"
  • Users can reset their Advertising ID via Android Settings > Google > Ads > "Reset advertising ID"
• Data Retention: Retained according to Google AdMob's data retention policies
• Declaration: This app requests the AD_ID permission to access the Advertising ID

Device Information:

• Device model, manufacturer, OS version
• Network and connection information
• App usage statistics
• Purpose: App functionality, performance optimization, analytics

For more information, visit Google Play Services Privacy Policy: https://policies.google.com/privacy

3. Analytics and Performance Data

Google Analytics for Firebase automatically collects:

• App-instance ID (a randomly generated number that uniquely identifies each app installation for computing user metrics. This ID is NOT linked to your personal identity.)
• Device model and operating system version
• App interactions and user events
• Session duration and app usage patterns
• Screen views and app lifecycle events
• In-app purchases and subscription events
• Masked IP address (used to derive approximate location at city or country level)

Firebase Performance Monitoring collects:

• App startup time
• Screen rendering performance
• Network request latency and performance metrics
• CPU and memory usage of the application
• Relevant device metadata to filter performance data

IP Address and Approximate Location:

The following services automatically collect your device's IP address:

• Firebase Analytics
• Firebase Performance Monitoring
• Google AdMob

Your IP address is used to derive approximate location at city or country level. We DO NOT collect precise GPS location.

Purpose of Approximate Location (from IP address):

• Provide region-specific content and advertisements
• Prevent abuse, spam, and fraudulent activity
• Generate aggregate analytics reports by geographic region
• Optimize app performance based on geographic distribution
• Comply with regional legal and regulatory requirements

Data Safety Declaration:

This app collects "Approximate location" data type as declared in Google Play Data Safety Form. The approximate location is derived solely from your IP address by Google's backend services - we do NOT request or access your device's GPS, Wi-Fi-based location, or any precise location services.

Important Clarifications:

• We do NOT request ACCESS_FINE_LOCATION or ACCESS_COARSE_LOCATION permissions
• We do NOT access your device's location services
• We do NOT collect or store precise GPS coordinates
• IP addresses are NOT stored permanently
• IP addresses are automatically anonymized in analytics reports after initial processing

User Control:

• IP-based location cannot be fully disabled as it's automatically derived by Firebase and AdMob servers
• Users can use VPN services to mask their IP address if desired
• Users in EEA/UK/Switzerland can manage consent for personalized ads which affects how location data is used for advertising

This data helps us understand how users interact with the app and improve performance and stability.

4. Google Signals (Optional Feature)

If you are signed in to your Google Account on your device and have enabled "Ads Personalization" in your Google Account settings, Google Analytics may collect:

• Google Account ID (hashed and anonymized)
• Cross-device activity data
• Demographic information (age range, gender, interests) as provided by Google

This feature is controlled by your Google Account settings, NOT by our app. To manage or disable Google Signals:

1. Visit your Google Account: https://myaccount.google.com/
2. Go to "Data & Privacy"
3. Under "Ad settings," turn off "Ad Personalization"

We do not directly access your Google Account information. This data is processed entirely by Google Analytics according to Google's privacy policies.

5. Crash Reports

Firebase Crashlytics automatically collects crash logs and technical diagnostics including:

• Stack traces
• Application state at the time of crash
• Device metadata (model, OS version, available memory)
• App version and build information
• Crashlytics installation UUID (to measure the number of users impacted by a crash)

Custom Crash Data We May Collect:

• User ID (if you are signed in at the time of crash)
• Screen name where the crash occurred
• Custom error messages set by developers for debugging

We do NOT collect any sensitive personal information in crash reports (no passwords, payment info, or private messages).

This helps us identify and fix bugs to improve app reliability.

Firebase Crashlytics retains crash data for 90 days before starting the process of removing it from live and backup systems.

6. Custom Performance Monitoring

Firebase Performance Monitoring may collect developer-defined custom traces including:

• Screen load times for specific app screens
• Database query performance metrics
• Network request latency for specific API endpoints
• Custom performance metrics and attributes

These custom traces help us identify and optimize slow parts of the app. They do NOT contain any user-identifiable information.

Firebase Performance Monitoring retains IP-associated events for 30 days, and installation-associated and de-identified performance data for 60 days before starting the process of removing it from live and backup systems.

7. Messaging and Notifications

Firebase Cloud Messaging (FCM) and Firebase In-App Messaging are used to:

• Deliver push notifications to your device
• Show in-app promotional messages and announcements
• Send important app updates and alerts

Data Collected:

• FCM token (a unique identifier for your device's app installation)
• Notification delivery status
• Notification interaction data (opened, dismissed, clicked)
• In-app message impressions and interactions

We do NOT read the content of your device notifications from other apps. We only send notifications related to Campus Dirasah.

You can disable notifications at any time through your device settings (Android Settings > Apps > Campus Dirasah > Notifications).

8. Advertising

We use Google AdMob to display advertisements in the app. AdMob may collect and use the following data:

• Android Advertising ID (AAID)
• Device information (model, OS version)
• IP address (for approximate location)
• Ad interaction data (impressions, clicks)
• App usage patterns relevant to ad targeting

Ad Personalization:

For users in the European Economic Area (EEA), United Kingdom (UK), and Switzerland:

• You will see a consent dialog when you first open the app
• You can choose between personalized ads (based on your interests) or non-personalized ads (generic ads)
• You can change your choice anytime in the app's Settings screen

For all other regions:

• Personalized ads are enabled by default to provide more relevant advertising
• You can opt out of personalized ads through your device settings (Android Settings > Google > Ads > Opt out of Ads Personalization)

Ad Partners and Data Sharing:

Google AdMob may share your advertising data with authorized advertising partners and ad networks for ad serving, measurement, and fraud prevention. These partners are bound by strict privacy and data protection agreements.

To learn more about how Google uses advertising data, visit: https://policies.google.com/technologies/ads

9. Google User Messaging Platform (UMP)

For users in the European Economic Area (EEA), United Kingdom (UK), and Switzerland, we use the Google User Messaging Platform (UMP) to:

• Display a consent dialog for data collection and ad personalization
• Collect and store your consent choices
• Ensure compliance with GDPR and ePrivacy Directive

Data Collected by UMP:

• Consent status (accepted/rejected)
• Consent timestamp
• Device information for consent management

Your consent choices are stored locally on your device and synchronized with Google's consent management system. You can change your consent preferences at any time through the app's Settings screen.

For more information, visit: https://support.google.com/admob/answer/10113004

Log Data

We want to inform you that whenever you use our Service, in a case of an error in the app we collect data and information (through third party products) on your phone called Log Data. This Log Data may include information such as your device Internet Protocol ("IP") address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, and other statistics.

Service Providers

We may employ third-party companies and individuals due to the following reasons:

• To facilitate our Service
• To provide the Service on our behalf
• To perform Service-related services
• To assist us in analyzing how our Service is used

We want to inform users of this Service that these third parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

Data Sharing

We do not sell or rent your personal data to third parties. We share data only with trusted service providers necessary to operate the app:

Third-party Service Providers We Share Data With:

1. Google Play Services

• Purpose: Core Android functionality, app services, device identifiers
• Data shared: Device information, Android Advertising ID, app usage data
• Privacy Policy: https://policies.google.com/privacy

2. Google Firebase Services

• Purpose: Authentication, database storage, analytics, performance monitoring, crash reporting, cloud messaging, notifications
• Data shared: Account information, device identifiers, analytics data, crash logs, performance metrics, FCM tokens
• Privacy Policy: https://firebase.google.com/support/privacy

3. Google AdMob

• Purpose: Advertising and monetization
• Data shared: Android Advertising ID, device information, IP address (for approximate location), ad interaction data
• Privacy Policy: https://support.google.com/admob/answer/6128543

4. Google User Messaging Platform (UMP)

• Purpose: Consent management for users in EEA/UK/Switzerland
• Data shared: Consent choices, device information
• Privacy Policy: https://support.google.com/admob/answer/10113004

These service providers may process data on servers located in various regions worldwide. They are contractually obligated to use data only to provide their services to us and are bound by strict privacy and security requirements.

International Data Transfers:

Your data may be transferred to and processed on servers located in:

• United States (Google Firebase, AdMob servers)
• European Union (Google data centers)
• Other countries where Google operates data centers

Google is certified under the EU-U.S. Data Privacy Framework and adheres to standard contractual clauses for international data transfers. Google implements appropriate safeguards to protect your data regardless of where it is processed.

For more information about Google's data centers and privacy protections, visit: https://safety.google/intl/en_us/principles/

Data Retention

Account Data:

• Account profile data stored in Firebase Firestore remains active while your account exists
• You can delete your account at any time using the in-app "Delete Account" button
• Authentication information is retained until deletion, after which data is removed from live and backup systems within 180 days

Local Data:

• Data stored in SharedPreferences remains on your device until you clear app data or uninstall the app

Analytics and Performance Data:

• Firebase Crashlytics retains crash data for 90 days
• Firebase Performance Monitoring retains IP-associated events for 30 days and performance data for 60 days
• Firebase Analytics retains data according to Google's policies (typically 14-60 months)

Advertising Data:

• Retained by Google AdMob according to their policies

Messaging Data (FCM Tokens):

• FCM tokens remain active while the app is installed and you're signed in
• Tokens are automatically invalidated when you sign out or uninstall the app
• Deleted tokens are removed from Firebase systems within 180 days

Firebase Installation IDs:

• Retained until you delete them via API call or uninstall the app
• After deletion, data is removed from live and backup systems within 180 days

Counter/Queue Tokens:

• Automatically deleted within 10 hours from generation

Data Deletion Right

You have the right to access, rectify, object to, or erase the data maintained by us.

In-App Account Deletion:

You can delete your account directly from the app:

1. Go to the Settings screen in the app
2. Tap the "Delete Account" button
3. Confirm your choice in the dialog
4. Your Firestore profile data (name, email, photo URL, UID, roles, timestamps) will be permanently deleted immediately
5. The app will then request deletion of your Firebase Authentication account
6. For security reasons, Firebase may require you to sign in again before final deletion
7. Once re-authenticated, your account will be completely removed
8. All associated data will be removed from live and backup systems within 180 days

Email Request (Optional):

You may also request deletion by emailing shejan420bd@gmail.com. We will complete eligible deletion requests within 90 days, though most user data is removed instantly via the in-app delete button.

If you believe our processing of your personal data infringes data protection laws, you have a legal right to initiate a complaint with a supervisory authority. Don't hesitate to contact us if you find any issue.

Security

We take the security of your personal information seriously and implement multiple layers of protection:

Technical Safeguards:

• TLS/SSL encryption (HTTPS) for all data transmitted over the internet using Transport Layer Security protocol
• Firebase Security Rules to restrict database access to authorized users only
• Secure token-based authentication via Google Sign-In
• Role-based access controls for admin features
• Regular security audits of our Firebase configuration
• Logical isolation of customer data

Data Protection Measures:

• Password-protected authentication (handled by Google)
• Automatic logout after extended inactivity
• Encrypted data storage in Firebase cloud databases (including Cloud Firestore, Firebase Authentication, Firebase Performance Monitoring, Cloud Messaging, Realtime Database, and Crashlytics)
• Regular backups to prevent data loss

Physical and Administrative Controls:

• Firebase data centers are ISO 27001, SOC 1, SOC 2, and SOC 3 certified
• Google employs 24/7 security monitoring
• Restricted access to production systems (only select employees with business purpose)
• Employee access is logged and requires Google Sign-In with 2-factor authentication
• Regular security updates and patches

All user data collected by Firebase SDKs is encrypted in transit using the Transport Layer Security (TLS) protocol.

Despite these measures, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information using industry-standard practices, we cannot guarantee absolute security.

If you discover any security vulnerability, please report it immediately to: shejan420bd@gmail.com

Links to Other Sites

This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children's Privacy

Campus Dirasah is intended for users aged 18 and above. We do not knowingly collect personally identifiable information from anyone under the age of 18.

In the case we discover that a person under 18 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that someone under 18 has provided us with personal information, please contact us so that we will be able to take necessary actions.

Your Choices and Rights

Your Rights Under Data Protection Laws:

Data Access:

• You can review your account information (name, email, profile photo) through your Google Account settings and within the app where available
• You can request a copy of all personal data we hold about you by emailing shejan420bd@gmail.com

Data Correction:

• You can update your basic account information through your Google Account settings
• You can update your profile details within the app where editing features are available

Data Portability:

• You have the right to receive your personal data in a structured, commonly used, and machine-readable format
• You can request data export by contacting us at shejan420bd@gmail.com
• We will provide your data within 30 days of your request

Ad Personalization (EEA/UK/Switzerland Users):

• If you are in the European Economic Area, UK, or Switzerland, a consent dialog will appear allowing you to choose between personalized or non-personalized ads
• You can change your choice anytime in the app's Settings screen

Ad Personalization (All Other Regions):

• You can limit ad tracking at the device level through your Android settings (Settings > Google > Ads > Opt out of Ads Personalization)

Opt-Out of Analytics:

• You can limit ad tracking and analytics at the device level through your Android settings. However, core analytics essential for service integrity may still operate

Account Deletion:

• You can delete your account at any time using the in-app "Delete Account" button in Settings

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.

This policy is effective as of October 25, 2025.

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us:

Developer: Jubayer Ahmad

Email: shejan420bd@gmail.com

End of Privacy Policy