Privacy Policy for My Runshaw App

Effective Date: 14th December 2024

Introduction

Welcome to the My Runshaw App, designed to provide timetable sharing and bus updates for Runshaw College students. In the My Runshaw team, your privacy is of paramount importance to us. This Privacy Policy outlines the types of information we collect, how we use it, and the steps we take to ensure your data is handled securely.

Data We Collect

• Email Address: Collected during account creation and used for communication purposes.
• Full Name: Used to personalize your experience within the app and to display to friends added by the User within the app.
• Password Hash: Securely stored to protect your account credentials.
• Device Information: Collected to provide a personalized experience and to improve the app's features and functionality.
• Student ID: Used as a unique identifier to distinguish users.
• Profile Picture: This is optional to add, and allows you to make your profile easier to identify within the app

We use the camera in order to scan the QR code on your student ID badge. This image is deleted once the code has been scanned, and it never leaves your device. It is not stored on a server.

How We Use Your Data

• Create and manage your account.
• Send notifications through OneSignal, a GDPR-compliant service.
• Enhance your experience by improving our app's features and functionality.
• Provide support and respond to your inquiries.

Legal Basis for Processing

• Your Consent: By creating an account or installing the app, you consent to the collection and use of your data as outlined in this policy.
• Legitimate Interests: We have a legitimate interest in processing your data to operate and maintain the app effectively.

Data Security

We take data security seriously and employ a range of measures to protect your personal information, including:

• Encryption: Your data is encrypted both at rest (using AES-256 encryption) and during transit (via TLS encryption).
• Access Control: Data access is strictly controlled and managed through access policies at the database level.
• Secure Transmission: All data is transmitted using HTTPS, ensuring end-to-end encryption.

Your Rights

You have the right to access, correct, or delete your data at any time. Please contact us at [email protected].

Data Retention

We retain your personal data for as long as your account remains active or as necessary to provide our services. If you choose to deactivate your account, we will delete your data in accordance with applicable legal requirements.

Changes to This Policy

We may revise this Privacy Policy from time to time. Any significant changes will be communicated to you through the app or via the email address associated with your account. Your continued use of the app following these changes indicates your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at [email protected].