Privacy Policy

1. Who we are

This Privacy Policy describes how Ecet App (“the App”), published by Innowaft, collects, uses, stores, and shares information when you use the mobile application for Andhra Pradesh (AP) and Telangana (TS) ECET preparation (practice quizzes, exam-related content, and related features).

The App is provided for educational and exam-preparation purposes. By using the App, you agree to this Policy.

2. Information we collect

2.1 Account and profile (sign-in)

• Mobile number is used to sign you in with a one-time password (OTP) sent via SMS.
• We create and maintain an account using Google Firebase Authentication and store your profile and related data in Google Cloud Firestore (and, where applicable, linked services under your Firebase project).
• Profile fields you may provide or that we store for the service include, among others: display name / username, phone number, state or region (AP or TS), branch, gender, roll number (if you enter it), profile photo (if you upload one), and flags such as profile completion, premium status, and related subscription metadata where applicable.
• Some sensitive profile fields may be stored using encryption at rest on the server when an encryption key is configured for the deployment.

2.2 Session and security tokens

• After sign-in, the App receives access and refresh tokens from our API. On native devices, tokens are stored using the OS secure storage (e.g. Keychain / Keystore). On web, comparable browser storage may be used.
• A cached copy of basic profile JSON and phone may be stored in local app storage for convenience (e.g. AsyncStorage).

2.3 Quiz activity and progress

• When you take a quiz, we record your quiz attempts, including identifiers for the quiz and your user account, answers, scores, timing, and attempt status. This is processed through our backend API and stored in the server database (for example SQLite in a typical deployment, or the database configured for the API).
• Quiz definitions and related content may be served from Firestore or other configured backends depending on deployment.

2.4 Exam help, official content, and links

• The App shows exam timelines, official updates, useful resources, and external board links (for example fee payment, hall ticket, results) based on your selected state (AP or TS) and content configured for the service.
• When you open a board or third-party link, it may open in an in-app browser or the system browser. Those sites have their own privacy policies; we do not control them.

2.5 Purchases (premium)

• If you purchase or manage a subscription, Google Play Billing (on Android) or Apple’s equivalent (on iOS) processes payments. We receive limited purchase and subscription status information needed to unlock premium content and maintain your account.

2.6 Notifications

• If you enable notifications, a push notification token may be stored so we can send you exam-related or product messages according to your settings and applicable law.

2.7 Diagnostics, analytics, and device data

• On supported native builds, we may use Firebase Analytics and Firebase Crashlytics to understand stability and usage and to diagnose crashes.
• On Android, the app may declare permission related to the advertising ID where required for analytics or store compliance; collection depends on device settings and platform rules.
• On iOS, where applicable, Apple may prompt for permission related to tracking for measurement; your choice on that prompt applies.
• Our servers automatically receive technical data from your device and network when you call the API (for example IP address, user agent, timestamps, and request metadata) for security, rate limiting, and operations.

2.8 In-app feedback

• If you use Contact us or Suggestion box, we store your message together with basic account context (such as user identifier, name, phone, and state where available) in Firestore so we can respond and improve the service.

2.9 Optional Firebase client features

• Some builds may use the Firebase client SDK on device for limited features (for example reading specific configuration from Firestore where implemented). Firebase’s terms and privacy notice apply to that processing.

2.10 Photos (profile picture)

• If you choose a profile photo, the App may request access to your photo library as explained in the system permission dialog. Images you select are uploaded for use as your profile image where the feature is enabled.

3. How we use information

We use the information above to:

• Provide and operate the App (authentication, profiles, quizzes, results, exam-related content).
• Maintain security, prevent abuse, debug issues, and improve reliability.
• Communicate with you (including push notifications if enabled).
• Process purchases and entitlements for premium features.
• Comply with law and enforce our terms.

4. Legal bases (summary)

Depending on your region, we rely on appropriate bases such as: performance of a contract (providing the service you request), legitimate interests (security, analytics, product improvement), and consent (where required, for example marketing tracking or optional permissions). Where consent is required and you refuse, we limit processing accordingly.

5. Sharing with service providers

We share data with vendors that help us run the App, including where applicable:

• Google Firebase / Google Cloud (authentication, database, storage, analytics, crash reporting).
• MSG91 (or similar SMS providers) for OTP delivery.
• Google Play and Apple for app distribution and in-app purchases.
• Hosting providers for our API (for example cloud hosting used to run the backend).

These providers process data under their agreements and privacy policies. We do not sell your personal information in the conventional sense of “selling” data for money.

6. International transfers

Our service providers may process data in India and other countries where they operate data centers. When data moves across borders, we rely on appropriate safeguards as required by applicable law.

7. Retention

We retain information for as long as needed to provide the App, comply with law, resolve disputes, and enforce agreements. Quiz attempts and account records may be retained for operational and integrity purposes unless we delete them earlier where permitted.

8. Security

We use industry-standard measures such as encrypted transport (HTTPS), secure token handling on devices, access controls on servers, and optional encryption for certain sensitive fields. No method of transmission or storage is 100% secure.

9. Your choices and rights

• You can review and update certain profile fields in the App where supported.
• You can disable notifications in device settings or in-app controls where available.
• You may have rights under local law to access, correct, delete, export, or restrict processing of your personal data, and to withdraw consent where processing is consent-based.

To exercise privacy rights or ask questions, contact us through the Contact us option in the App (or the contact method we publish for support).

10. Children

The App is intended for students preparing for ECET. If you are a parent or guardian and believe a child provided personal information without appropriate consent, contact us and we will take reasonable steps to address the request in line with applicable law.

11. Changes to this Policy

We may update this Privacy Policy from time to time. We will post the updated version and, where appropriate, notify you through the App or other reasonable means. Continued use after changes means you accept the updated Policy, except where restricted by law.

12. Disclaimer

This document is provided to describe the App’s data practices in good faith based on the product’s design. It is not legal advice. Please consult qualified counsel for compliance with your obligations.

Last updated: May 02, 2026