Privacy Policy

    This privacy policy applies to the CommUnity app (the Application) created by 3.14 Academy (the Service Provider) and is provided "AS IS".
    Effective date: 2025-10-22
    Last Updated: 2025

    Introduction

    The Application collects certain information from users when the Application is downloaded and used. This Privacy Policy explains what information is collected, why it is collected, how it is used, with whom it may be shared, and the controls you have over that information.

    Information Collection & Use

    The Application collects information necessary to provide features and to improve the product. This may include:

    • Your device's Internet Protocol address (IP address).
    • Analytics about pages/screens visited in the Application, event times and durations.
    • Total time spent using the Application.
    • The operating system version and device model.
    • Personal data you explicitly provide (e.g., contact details if you choose to share them via the Application).

    Location / Geolocation Services

    Where enabled, the Application may collect precise or approximate device location to provide location-based features (for example: local recommendations or location-enabled services). Location data is only collected with your consent and may be used for feature functionality, analytics (aggregated), and to improve service quality.

    If the app requests background location access, we will only use it when required for a core feature. Background location access is restricted by Google Play and must be justified in the Play Console when requested. Please review your Play Console location declarations if you request background location.

    Third-Party Services

    The Application uses third-party services for functionality and hosting. These services have their own privacy practices. We encourage you to review their privacy policies in addition to this document.

    • Google Play Services (may include analytics and location)
    • Gmail / SMTP (for outbound emails)
    • Cloudinary (media hosting/processing)
    • Freepik API (assets)

    App Dependencies & SDKs

    For transparency (and to help you complete Play Console Data safety disclosures), below is the list of major Flutter packages used in the Application and a short note about what each package *may* access or require. If a package accesses personal data or system identifiers, it must be declared in your Data safety form.

    • cupertino_icons — UI icons only (no data collection).
    • nb_utils — UI helpers (usually no telemetry, but depends on usage).
    • build_runner / mobx_codegen — build-time dev tools (no runtime data collection).
    • flutter_svg / flutter_phosphor_icons / flutter_launcher_icons — assets/icons (no data collection).
    • intl — localization utilities (no data collection).
    • story / dropdown_search / fl_chart / shimmer — UI components (no telemetry by default).
    • dio — HTTP client (makes network requests — any data you send via dio should be disclosed where required).
    • flutter_easyloading — UI loading overlay (no data collection).
    • shared_preferences — local storage of settings and small data (on-device only).
    • device_info_plus — collects device identifiers and device metadata (used for diagnostics/analytics). Declare as device identifiers in Data safety if used at runtime.
    • mobx / flutter_mobx — state management (no data collection).
    • pinput — UI OTP input (no data collection by itself).
    • flutter_native_splash — build-time splash (no runtime data collection).
    • image_picker — accesses camera and gallery (declare CAMERA and READ/WRITE storage/photos permissions and usage).
    • transparent_image / cached_network_image — image loading/cache (makes network requests to fetch images).
    • flutter_dotenv — environment variables (dev/runtime config; be sure not to ship secret keys in client builds).
    • url_launcher — opens URLs in external apps (no automatic data collection but may pass user-provided URLs).
    • flutter_native_contact_picker — access to contacts; must declare contact access and purpose if used.
    • shimmer — UI (no data collection).
    • signalr_netcore — realtime connections over the network (may send/receive user data through your own backend).

    Permissions Used

    The app may request the following runtime permissions depending on features you enable. Each declared permission should have a clear user-facing purpose:

    • Location (ACCESS_FINE_LOCATION / ACCESS_COARSE_LOCATION)
    • Camera (CAMERA)
    • Photo / Media / Files (READ_EXTERNAL_STORAGE / WRITE_EXTERNAL_STORAGE / READ_MEDIA_IMAGES)
    • Contacts (READ_CONTACTS) — only if contact features are provided
    • Network access (INTERNET) — for API calls and image fetching

    Third-Party Access & Disclosure

    We may share aggregated and anonymized information with third-party analytics and hosting providers to improve the Application. We will not sell personal data. Where we rely on third-party services that collect or process user data, we require them to act only under our instructions and to comply with applicable privacy laws.

    Opt-Out Rights

    You can stop collection by uninstalling the Application; for server-side data deletion requests please contact us (see Contact Us).

    Data Retention Policy

    We retain user-provided data only as long as necessary to operate and improve the Application and to satisfy legal obligations. To request deletion of your data, contact us at the email below.

    Children

    We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the data. Parents or guardians should contact us to request removal.

    Security

    We use reasonable administrative, technical, and physical safeguards to protect personal data. However, no method of transmission or storage is 100% secure—absolute security cannot be guaranteed.

    Google Play Compliance & Data Safety

    We complete the Google Play Data safety form and strive to ensure that the app’s behavior matches what is declared in Play Console. Common reasons for vague “Not adhering to Google Play Developer Program policies” rejections include: an inaccurate Data safety form, undeclared use of location/contact/camera, or requesting background location without justification.

    If you received that rejection from Google Play, double-check that:

    • The Play Console Data safety form accurately reflects what the app and included SDKs actually collect and share.
    • Any requested permissions (especially background location and contacts) are declared, justified, and user-facing consent flows are present.
    • The privacy policy URL in Play Console is reachable, contains these disclosures, and matches the declared Data safety choices.

    Changes

    This Privacy Policy may be updated from time to time. We will notify users by updating this page. Please review this document periodically; continued use after updates constitutes acceptance.

    Your Consent

    By using the Application you consent to the processing described in this policy. You may request access, correction, or deletion of your data by contacting us.

    Contact Us

    If you have questions regarding privacy while using the Application or wish to request data deletion, contact the Service Provider at: info@314academy.org.

    We follow U.S. privacy standards and comply with GDPR. European users may contact the Service Provider to exercise GDPR rights, including data portability and the right to be forgotten. For some communications the Service Provider may use the address celeste@314academy.org.