Privacy Policy
Last updated: 17 May 2026
This page explains what data Faraan Alumni Network collects, how it's used, and the choices you have. The platform is operated by Faraan Alumni Educational and Charitable Trust ("the Trust") — an independent body run by former students of Faraan College, Faraan High School, and Lilly Rose Primary & Higher Primary School. The Trust is not affiliated with, controlled by, or operated on behalf of the management of these institutions. We use Google Firebase for authentication, database, storage, and notifications.
1. What we collect
| Data | Source | Why |
|---|---|---|
| Phone number | OTP sign-in | Identify your account, enable login |
| Email + name + photo | Google sign-in (if used) | Same as above |
| Profile fields (batch, institution, city, job, bio, gender, social links) | You enter them | Help batchmates find you |
| Verification proof (image) | You upload | Verify you're a Faraan alumnus |
| Memories, shoutouts, comments | You post them | Share with community |
| Contribution records | Created when you support an initiative | Transparency on impact dashboard |
| FCM token, device type | If you enable notifications | Send push notifications |
| Analytics events | Anonymous, on every screen view | Improve the app |
2. Visibility rules
- Public to all verified alumni: name, photo, institution, batch, city, country, job, company, bio, social links, contribution count (not amounts).
- Hidden by default: phone number, email, exact amount of each contribution. You can flip the "Show on profile" toggles to make phone/email visible.
- Visible only to admin reviewers: verification proofs, your verification request details, reports you submit.
- Never shown to anyone: your Firebase auth tokens, FCM tokens.
3. Who can see what
- Other alumni see your public profile fields.
- Admins can see everything in your record except your auth credentials.
- The Trust handles financial contributions and can see your name and amount when you contribute.
- Service providers (Google Firebase, Gmail SMTP for transactional email) process data on our behalf under their own privacy policies.
4. Notifications
If you enable push notifications, we register an FCM token tied to your device. You can disable any time from your device's notification settings or by toggling it off in the in-app Settings sheet.
5. Cookies & local storage
We use browser local storage for: caching your profile (faster cold starts), remembering your country code, theme, language, and dismissed banners. No tracking cookies are set.
6. Your rights
- Edit: change any profile field anytime via Edit Profile.
- Hide: toggle phone/email visibility off in Edit Profile.
- Delete a post: tap the ⋯ menu on your post (admins can also remove on request).
- Delete account: contact the Trust on +91 96634 14714. We'll soft-delete within 7 days and hard-delete (purging Firestore + Auth + Storage) within 30 days unless legally required to keep records.
- Export your data: ask the Trust and we'll send you a JSON dump of your records.
7. Security
- All traffic is HTTPS. Firestore + Storage rules restrict access per Firebase security rules.
- Super-admin custom claims are server-enforced; phone allowlist lives in Firestore, not source code.
- App Check (reCAPTCHA v3) gates abuse against the backend.
- Service-account keys are stored in Google Secret Manager, never in source code.
8. Children
The platform is intended for alumni 13+. If you're under 18, please use it with awareness of a parent or guardian.
9. Changes
We'll announce material changes via in-app notification. The "Last updated" date at the top of this page reflects the most recent change.
10. Contact
Privacy questions or data-access requests: contact the Trust on +91 96634 14714 (presently Dr Shakeel).
← Back to app