Privacy Policy

Introduction

Welcome to Pass On BITS ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our mobile application.

App Information

App Name: Pass On BITS

Package Name: com.passonbits.app

Developer: Pass On BITS Team

Contact Email: kundan845437321@gmail.com

Information We Collect

1. Personal Information

When you create an account, we collect:

Name: Your full name for profile identification
Email Address: For account creation, authentication, and communication
Password: Encrypted and stored securely (we never see your plain text password)
Profile Picture (Optional): If you choose to upload one

2. Location Information

Approximate Location (Optional): Used to show you items near your location
You control: Location sharing is optional and can be denied
We do NOT: Track your location in the background or when the app is closed

3. Photos and Media

Camera Access: Only when you take photos of items to share
Photo Library: Only when you select existing photos
User-Initiated Only: We only access photos when YOU choose to upload them

4. Device Information

Push Notification Token: To send you notifications about messages and item updates
Device Type: Android version for compatibility
Network Status: To check if you're online

5. User-Generated Content

Items You Post: Title, description, photos, condition, category
Messages: Conversations with other users about items
Reviews: Ratings and reviews you give to other users

How We Use Your Information

Primary Uses:

1. Account Management

Create and manage your account
Authenticate your login
Recover your password if forgotten

2. Core Functionality

Display items you've posted
Show items from other users
Filter items by location (if you enable it)
Facilitate messaging between users
Send push notifications for new messages

3. Communication

Send you password reset emails
Notify you of messages from other users
Alert you about item reservations or donations

4. Improving the Service

Fix bugs and improve performance
Understand how users interact with the app
Develop new features

We Do NOT:

❌ Sell your personal information
❌ Share your data with advertisers
❌ Track you across other apps or websites
❌ Use your photos for any purpose other than displaying items
❌ Send promotional or marketing emails
❌ Access your location in the background

Data Storage and Security

How We Protect Your Data:

1. Encryption in Transit

All data transmitted between your device and our servers uses HTTPS/TLS encryption
Secure WebSocket connections for real-time messaging

2. Encryption at Rest

Passwords are hashed using bcrypt (industry-standard)
Database hosted on MongoDB Atlas with encryption
API secured with JWT (JSON Web Tokens)

3. Secure Infrastructure

Backend hosted on secure AWS servers
Images stored on Cloudinary (trusted third-party service)
Regular security updates and monitoring

4. Access Control

Only authorized personnel can access server infrastructure
No one can see your password (it's hashed)
Admin access is logged and monitored

Where Your Data is Stored:

Database: MongoDB Atlas (Cloud-based, encrypted)
Images: Cloudinary (Secure CDN)
Backend: AWS Cloud Servers
Location: Servers located in secure data centers

Data Retention

How Long We Keep Your Data:

Account Data: Until you delete your account
Posted Items: Until you delete them or your account
Messages: Until you or the other user deletes them
Donated/Received Items: Kept in your history (you can view past donations)
Deleted Items: Permanently removed from our servers within 30 days

Account Deletion:

You can delete your account at any time from the app settings. When you delete your account:

Your profile is removed immediately
Your items are deleted
Your messages are removed
Your data is permanently deleted within 30 days

Your Rights

You Have the Right To:

1. Access Your Data

View your profile information in the app
See all items you've posted
Review your message history

2. Correct Your Data

Edit your name, email, or profile picture anytime
Update item information
Change your password

3. Delete Your Data

Delete individual items
Delete your account entirely
Request data deletion by contacting us

4. Control Location Sharing

Deny location access entirely
Grant location only when using the app
Change location permissions in device settings

5. Export Your Data

Contact us to request a copy of your data

Third-Party Services

We use these trusted third-party services:

1. Cloudinary

Purpose: Image hosting and delivery
Data Shared: Uploaded item photos
Privacy Policy: https://cloudinary.com/privacy

2. MongoDB Atlas

Purpose: Database hosting
Data Shared: All app data (encrypted)
Privacy Policy: https://www.mongodb.com/legal/privacy-policy

3. Firebase Cloud Messaging (FCM)

Purpose: Push notifications
Data Shared: Device push token
Privacy Policy: https://firebase.google.com/support/privacy

4. Gmail SMTP

Purpose: Sending password reset emails
Data Shared: Your email address only
Privacy Policy: https://policies.google.com/privacy

Permissions Explained

Why We Request Permissions:

Permission	Why We Need It	When We Use It
Camera	Take photos of items	Only when you tap "Take Photo"
Photo Library	Select existing photos	Only when you tap "Choose Photo"
Location (Optional)	Show nearby items	Only when you enable location filtering
Notifications	Alert you of messages	When someone messages you
Internet	Connect to our servers	Always (app requires internet)
Network Status	Check if you're online	Always (to show connection status)

Permissions We DON'T Request:

❌ Contacts
❌ Microphone
❌ Call logs
❌ SMS
❌ Calendar
❌ Background location

Children's Privacy

Pass On BITS is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us, and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time. When we do:

We'll update the "Last Updated" date
We'll notify you in the app if changes are significant
Continued use of the app means you accept the changes

Data Breaches

In the unlikely event of a data breach:

We'll notify affected users within 72 hours
We'll explain what data was compromised
We'll take immediate action to secure the system
We'll report to relevant authorities if required

International Users

Our servers are located in the United States. By using Pass On BITS, you consent to your data being transferred to and stored in the US.

Legal Basis for Processing (GDPR)

If you're in the EU/EEA, we process your data based on:

Consent: You gave us permission to use your data
Contract: We need your data to provide the service
Legitimate Interest: To improve and secure our service

California Privacy Rights (CCPA)

If you're a California resident, you have the right to:

Know what personal information we collect
Know if we sell or share your information (we don't)
Access your personal information
Delete your personal information
Opt-out of sale of your information (not applicable)

Summary

What we collect: Name, email, optional profile picture, optional location, item photos

Why we collect it: To provide the item-sharing service

How we protect it: Encryption, secure servers, no plain-text passwords

Your control: You can view, edit, or delete your data anytime

We DON'T: Sell data, track you, or use your information for advertising

Your Consent

By using Pass On BITS, you consent to the collection, use, and storage of your data as described in this privacy policy.