My College App Privacy Policy
Last Updated: November 19, 2025
My College ("we," "our," or "the App") is committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, store, share, and protect your data when you use the My College app. By using the App, you consent to the practices described in this Privacy Policy.
1. Information We Collect
1.1 Personal Information
We collect the following personal information during account registration and profile completion:
For All Users:
- Email address (for account creation and verification)
- Full name
- Branch code
- Profile image (optional)
- Bio (optional)
- Phone number (optional)
- Date of birth (optional)
- Role (student, lecturer, admin, or CR - Class Representative)
- Account creation date and timestamps (createdAt, updatedAt)
- Unique user ID (UID)
For Students Only:
- USN (University Seat Number)
- Academic year
- Semester
- Section
- Lab batch
- CGPA (optional)
For Lecturers Only:
- Note: Subjects are predefined in the timetable by the timetable creator and are assigned to lecturers automatically. Lecturers do not need to select subjects manually.
1.2 Authentication Data (including Google OAuth 2.0)
If you sign in using Google Sign-In / Google OAuth 2.0, we collect basic profile information provided by Google as permitted by the OAuth scope you accept. This may include:
- Google account email
- Full name
- Profile image URL
- Google account ID (OAuth subject identifier)
Authentication is handled securely via Firebase Authentication and/or Google OAuth 2.0 flows. We only request the minimum OAuth scopes necessary to provide authentication and to populate your profile.
1.3 Usage Information
We collect app usage data to improve functionality and user experience, including:
- Features accessed (e.g., timetable views, notes downloads)
- Time spent on the App
- Navigation patterns within the App
- Interaction with uploaded content (timetables, notes)
1.4 Device Information
We collect device-related information for analytics and security purposes:
- Device identifiers (e.g., Google Advertising ID)
- Operating system and version
- Device model
- IP address (temporary, for security purposes)
1.5 Advertising Data
- Device identifiers for serving ads via Google AdMob
- Ad impressions, clicks, and interaction metrics
- User preferences for ad personalization (if applicable)
1.6 Cached Data
Minimal local caching of profile and app data is stored on your device to improve performance and enable offline access to certain features. No cookies are used.
2. How We Use Your Information
We use your personal information for the following purposes:
2.1 Core App Functionality
- Create and manage user accounts
- Verify email addresses during registration
- Enable profile completion and updates
- Personalize timetables and notes based on your branch, academic year, semester, section, and lab batch
- Display relevant courses and study materials
2.2 Editor Permissions & Content Controls
- Assign and manage editor roles (Admin, Lecturer, CR) for uploading timetables and notes
- Control access to content upload features based on role hierarchy
- Deletion rights: Users who are granted access to upload notes (Lecturers, CRs, Admins) are also able to delete the content they uploaded. Deletion actions are logged to maintain an audit trail.
2.3 Content Delivery
- Host and display notes via Google Drive
- Provide access to timetables and study materials shared by editors
- Organize content by department, semester, and subject
2.4 Analytics and Improvement
- Analyze app usage trends to enhance features and user experience
- Monitor app performance and identify technical issues
- Understand which features are most useful to users
2.5 Advertising
- Serve personalized or non-personalized ads via Google AdMob
- Generate revenue to support app development and maintenance
2.6 Security and Compliance
- Prevent fraudulent activity, abuse, or misuse of the App
- Enforce our Terms and Conditions
- Comply with legal obligations and respond to lawful requests from authorities
3. Data Storage and Hosting
Your data is stored securely across the following platforms:
3.1 Firebase (Google)
- Stores all user account information, profile data, and authentication credentials
- Hosts app usage analytics via Firebase Analytics
- Provides secure authentication (including Firebase Authentication and Google OAuth 2.0 integration) and real-time database services
3.2 Supabase
- Stores profile images uploaded by users
3.3 Google Drive
- Hosts notes, timetables, and study materials uploaded by editors (CRs and Lecturers)
- Users download content directly from Google Drive
3.4 Local Device Storage
- Minimal caching of profile data and app content for faster access and offline functionality
- Users can clear cached data through device settings
4. Data Sharing and Third-Party Services
We do not sell or rent your personal information to third parties. However, we share data with the following trusted third-party services:
4.1 Google AdMob (Advertising)
- Purpose: Display ads within the App
- Data Shared: Device identifiers (e.g., Google Advertising ID), ad interaction data (impressions, clicks)
- User Control: Users can manage ad personalization settings through their device settings or Google account preferences
4.2 Firebase Analytics (Google)
- Purpose: Collect anonymized usage statistics to improve the App
- Data Shared: App usage patterns, feature interactions (anonymized and aggregated)
4.3 No Other Third-Party Sharing
We do not share your data with any other third parties except as required by law or with your explicit consent.
5. User Control and Privacy Rights
5.1 Profile Editing
Users can edit all profile information directly within the App, including:
- Profile image, full name, USN, email, branch code, section, academic year, semester, lab batch, bio, phone number, CGPA, and date of birth
5.2 Ad Personalization
- Users can manage ad personalization preferences through their Google account or device settings
5.3 Data Access and Deletion
- Access: Users may request a copy of their personal data stored in the App
- Deletion: Users may request permanent deletion of their account and associated data at any time
- Retention: Upon account deletion, all personal data, including profile information, uploaded content, and usage data, will be permanently removed from our systems and cannot be recovered.
- Deleted accounts cannot be recovered
6. Security Measures
We implement industry-standard security measures to protect your data:
6.1 Encryption
π HTTPS/TLS
π Password Hashing
β
Secure Storage
- All data transmitted between your device and our servers is encrypted using HTTPS/TLS
- Passwords and authentication credentials are securely hashed and encrypted
6.2 Access Controls
- Only authorized personnel have access to user data
- Editor permissions are controlled through a strict role hierarchy
- Actions related to uploads and deletions are logged for audit and moderation purposes
6.3 Secure Storage
- Data is stored on secure servers provided by Firebase and Supabase
- Regular security audits and updates are performed
6.4 Limitations
While we take all reasonable precautions, no method of electronic storage or transmission is 100% secure. Users use the App at their own risk.
7. Children's Privacy
The App is intended for use by students, lecturers, and administrators who are 18 years or older. Users under 18 are not permitted to create an account. We do not knowingly collect personal information from children.
8. Data Location and Compliance
8.1 Data Storage
All user data is stored on secure servers located in India through Firebase, Supabase, and Google services.
8.2 Compliance with Indian Laws
We comply with applicable Indian data protection and privacy regulations. Usersβ rights regarding access, correction, and deletion of personal data are described in Section 5.
9. Data Retention
9.1 Active Accounts
We retain your personal data only while your account is active and to provide App services.
9.2 Deleted Accounts
Upon account deletion, all personal data, including profile information, uploaded content, and usage data, will be permanently removed from our systems and cannot be recovered.
9.3 Aggregated Data
We may retain aggregated, non-identifiable data for analytics and research purposes, but this data cannot be linked back to any individual user.
10. Third-Party Links and Content
10.1 External Links
The App may contain links to third-party websites, courses, or resources. We are not responsible for the privacy practices or content of these external sites. Users should review the privacy policies of any third-party sites they visit.
10.2 User-Uploaded Content
Notes, timetables, and other materials uploaded by editors (CRs and Lecturers) may originate from third-party sources. The App is not responsible for the accuracy, legality, or copyright status of such content. All shared materials are intended solely for educational purposes. Editors who upload content are responsible for ensuring they have the right to share that content.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or app features. The "Last Updated" date at the top of this policy indicates the most recent revision. We encourage you to review this policy periodically. Continued use of the App after updates constitutes acceptance of the revised Privacy Policy.
12. Your Consent
By using My College, you consent to:
- The collection, use, and storage of your personal information as described in this Privacy Policy
- The transfer of your data to third-party services (Firebase, Supabase, Google AdMob) as outlined above
- The personalization of timetables, notes, and ads based on your profile information