Privacy Policy

This policy explains what information the Digital Homeez Workflow app collects from mobile users and how it is used and protected.

1. Introduction

Digital Homeez Workflow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web-based workflow management system ("Service"). By using our Service, you agree to the collection and use of information in accordance with this policy.

Service Provider: Digital Homeez
Website: https://work.digitalhomeez.in
Mobile App: Digital Homeez Workflow (Android)
Privacy Point of Contact: For privacy inquiries or data requests, contact us at: dhdeveloper19@gmail.com or official@digitalhomeez.in

1.1 About Our Mobile Application

Digital Homeez Workflow is available as both a mobile application (Android) and a web-based application. This Privacy Policy applies to both platforms. The mobile application provides the same core functionality as the web application, with additional features optimized for mobile devices.

Mobile App Features:

• Native Mobile Experience: Optimized user interface for Android devices
• Push Notifications: Real-time notifications for task assignments, updates, and important alerts
• Offline Capability: View cached data when offline (data syncs when connection is restored)
• WebView Integration: The app uses a secure WebView to display the web application interface
• Device Integration: Seamless integration with Android notification system
• Background Sync: Automatic synchronization of data when the app is in the background

App Distribution: The mobile app is distributed through Google Play Store. When you download and install the app from Google Play Store, you are subject to Google Play Store's terms and conditions in addition to this Privacy Policy.

App Updates: We may release updates to the mobile app that include bug fixes, new features, or security improvements. These updates may require new permissions or change how we collect or use your data. We will notify you of significant changes through this Privacy Policy.

2. Information We Collect

We collect several types of information to provide and improve our Service:

2.1 Account Information

When you create an account, we collect:

• Email Address: Used for account identification and communication
• Username: Unique identifier for your account
• Full Name: Your complete name as provided
• Password: Stored as a secure hash (never stored in plain text)
• Role: Your assigned role (admin, department head, or team member)
• Department Assignment: The department you are associated with
• Account Status: Whether your account is active or inactive
• Account Creation Date: Timestamp of when your account was created

2.2 Mobile App Device Information

When you use our mobile application, we collect the following device-specific information:

• FCM Token (Firebase Cloud Messaging Token):
  • A unique token generated by Google Firebase for your device
  • Required to send push notifications to your device
  • Generated automatically when you first open the app
  • Linked to your user account after you log in
  • Stored securely in our database and associated with your account
• Device Name:
  • Name you assign to your device (e.g., "John's Android Phone", "Samsung Galaxy S21")
  • Helps you identify which devices are registered to your account
  • Optional - you can customize this or leave it as default
• Device Type:
  • Platform type: "android", "ios", or "web"
  • Used to optimize notification delivery for your device type
• Device Model and OS Version:
  • Android version (e.g., Android 13, Android 14)
  • Device manufacturer and model (collected automatically by the app)
  • Used for compatibility testing and troubleshooting
• App Version:
  • The version of the mobile app you are using
  • Helps us provide support and ensure compatibility
• Last Active Timestamp:
  • When you last used the app on this device
  • Used to manage device registrations and identify inactive devices
• Device Registration Date:
  • When the device was first registered with your account
  • Helps track device history and manage multiple devices
• Installation ID:
  • Unique identifier for the app installation
  • Used to distinguish between multiple installations on the same device

Note: We do NOT collect your device's IMEI, phone number, SIM card information, or any other hardware identifiers beyond what is necessary for push notifications.

2.3 Workflow and Task Data

As part of our workflow management service, we collect:

• Task Information: Task names, descriptions, priorities, statuses, deadlines, and remarks
• Task Assignments: Records of which users are assigned to which tasks
• Task Creation Data: Who created tasks and when
• Task Updates: Status changes, completion records, and modification history
• Subtasks: Sub-task information and completion status
• Department Assignments: Which departments are assigned to tasks
• Department Completion Status: Completion records for department-level tasks
• Approval Requests: Records of task reassignment and department assignment requests
• Client Information: Client names associated with tasks (if provided)

2.4 Usage and Technical Data

We automatically collect certain technical information:

• IP Address: Your device's IP address when accessing the service (both mobile app and web)
• Browser/App Information:
  • Web: Browser type, version, and user agent
  • Mobile App: App version, Android version, device model, and WebView version
• Session Data:
  • Login sessions and authentication tokens
  • Session duration and activity timestamps
  • Mobile app: Session maintained through secure cookies in WebView
• Access Logs:
  • Records of pages/screens accessed and actions performed
  • API endpoints called by the mobile app
  • Task views, updates, and other user interactions
• Error Logs:
  • Technical error information for debugging and service improvement
  • Mobile app crashes and exceptions (logged server-side)
  • Network errors and API failures
• Performance Data:
  • App performance metrics (load times, response times)
  • Mobile app: App startup time, screen load times
  • Network request performance
• Mobile App-Specific Data:
  • Notification delivery status (success/failure)
  • App installation and update events
  • Background sync activity
  • WebView navigation events

2.5 Cookies and Session Data

We use session cookies to maintain your login state:

• Session Cookies:
  • Web: Temporary cookies that expire when you close your browser
  • Mobile App: Cookies stored in the WebView's cookie store, managed by the Android system
  • Used to maintain your authenticated session across app restarts
• Authentication Tokens:
  • Secure tokens to maintain your logged-in session
  • Mobile app: Tokens stored securely in the app's WebView cookie storage
  • Automatically cleared when you log out
• Remember Me Functionality:
  • Persistent cookies if you choose "Remember Me" during login
  • Mobile app: Allows you to stay logged in across app restarts
  • You can log out at any time to clear these cookies
• Security:
  • Session cookies are managed securely and cannot be accessed by third parties
  • All cookies use secure, HTTP-only flags where applicable
  • Cookies are encrypted in transit using HTTPS

2.6 Mobile App Data Storage

Our mobile application stores data locally on your device:

• Cache Data:
  • WebView cache for faster loading of frequently accessed pages
  • Task data cached for offline viewing
  • Automatically cleared when cache is full or app is updated
• Session Storage:
  • Temporary session data stored in WebView's local storage
  • Cleared when you log out or clear app data
• No Sensitive Data Storage:
  • We do NOT store passwords or authentication tokens in plain text on your device
  • All sensitive data is encrypted in transit and stored securely on our servers
  • Local storage only contains non-sensitive cached data

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

• To create and manage your user account
• To authenticate and authorize your access to the Service
• To assign and manage tasks within your organization
• To facilitate communication between team members, department heads, and administrators
• To track task progress, completion, and workflow status
• To manage department assignments and organizational structure

3.2 Push Notifications

• To send you notifications about task assignments
• To alert you when tasks are updated or reassigned
• To notify you when new departments are added to your tasks
• To inform you about task status changes
• To deliver important workflow-related alerts

3.3 Service Improvement

• To analyze usage patterns and improve our Service
• To identify and fix technical issues
• To enhance security and prevent fraud
• To develop new features and functionality
• To optimize app performance

3.4 Legal Compliance

• To comply with applicable laws and regulations
• To respond to legal requests and court orders
• To protect our rights and prevent illegal activities
• To enforce our Terms of Service

4. Data Sharing and Disclosure

We are committed to protecting your privacy. We do not sell your personal information. We may share your information only in the following circumstances:

4.1 Within Your Organization

• Administrators: Have access to all user accounts, tasks, and organizational data
• Department Heads: Can view and manage tasks and team members within their department
• Team Members: Can view tasks assigned to them and relevant task details
• Task Assignees: Can see information about tasks they are assigned to

4.2 Third-Party Service Providers

We use the following third-party services that may have access to certain data:

• Firebase Cloud Messaging (Google):
  • Purpose: To deliver push notifications to your devices
  • Data Shared: FCM tokens (push notification tokens), device identifiers
  • Data Type: User or device identifiers (specifically push tokens)
  • How Used: Google processes FCM tokens to deliver push notifications to your device
  • Privacy Policy: https://firebase.google.com/support/privacy
  • Important: This data sharing is disclosed in our Play Console Data Safety form
• Database Hosting Provider:
  • Purpose: To store and manage your data securely
  • Data Shared: All account, task, and workflow data
  • Security: Data is encrypted in transit and at rest
• Web Hosting Provider:
  • Purpose: To host our web application
  • Data Shared: Server logs, access logs, error logs

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Court orders, subpoenas, or legal processes
• Government requests or regulatory requirements
• To protect our rights, property, or safety
• To prevent fraud or security threats
• To enforce our Terms of Service

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted between your device and our servers is encrypted using HTTPS/TLS
• Password Security: Passwords are hashed using bcrypt and never stored in plain text
• Database Security: Database access is restricted and protected with authentication
• Session Security: Secure session management with encrypted tokens
• Access Controls: Role-based access control to limit data access based on user roles
• Regular Updates: We regularly update our security measures and patch vulnerabilities
• Logging: Security events and errors are logged for monitoring and incident response

Important: While we implement strong security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability.

6. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy:

• Account Data: Retained while your account is active and for a reasonable period after account deletion for legal and business purposes
• Task Data: Retained for the duration of your organization's use of the Service and for historical record-keeping
• Device Tokens (Mobile App):
  • Retained until you unregister the device, uninstall the app, or delete your account
  • If you uninstall the app without logging out, the FCM token remains in our database but becomes inactive
  • Inactive tokens are automatically removed after 90 days of no activity
  • You can manually unregister devices through the app or by contacting us
• Mobile App Local Data:
  • Cache Data: Stored on your device until you clear app cache or uninstall the app
  • Session Data: Stored in WebView cookie storage until you log out or clear app data
  • After Uninstall: All local data is automatically deleted when you uninstall the app
• Logs: Error logs and production logs are retained for up to 90 days for troubleshooting and security purposes
• Session Data: Deleted when you log out or when the session expires

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal compliance, dispute resolution, or enforcement of agreements.

6.1 Uninstalling the Mobile App

If you uninstall the Digital Homeez Workflow mobile app from your device:

• Local Data:
  • All app data stored locally on your device is immediately deleted
  • This includes cache, cookies, session data, and any temporary files
  • You cannot recover this data after uninstallation
• Server Data:
  • Your account data on our servers remains intact
  • Your FCM token remains registered but becomes inactive
  • You will stop receiving push notifications
  • You can still access your account through the web application
• FCM Token Cleanup:
  • Inactive FCM tokens are automatically removed after 90 days
  • You can manually remove your device registration by logging in through the web app and contacting support
• Reinstallation:
  • If you reinstall the app, you will need to log in again
  • A new FCM token will be generated and registered
  • Your account data and task information will be available immediately after login

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

• Request access to your personal data
• Request a copy of your data in a portable format
• View your account information through the app dashboard

7.2 Correction and Updates

• Update your account information (name, email) through your profile settings
• Request correction of inaccurate data
• Contact administrators to update your role or department assignment

7.3 Deletion

• Request deletion of your account and associated data
• Unregister devices to remove FCM tokens
• Note: Some data may be retained for legal or business purposes as outlined in Section 6

7.4 Notification Preferences

• Mobile App: Control push notification settings through your device Settings > Apps > Digital Homeez Workflow > Notifications
• Web: Notification preferences can be managed through your account settings
• Unregister devices to stop receiving notifications
• Contact us to manage notification preferences

7.5 Mobile App Data Management

• Clear App Cache:
  • Go to Settings > Apps > Digital Homeez Workflow > Storage > Clear Cache
  • This removes cached data but keeps your login session
  • Useful for troubleshooting or freeing up storage space
• Clear App Data:
  • Go to Settings > Apps > Digital Homeez Workflow > Storage > Clear Data
  • This removes all local app data including cache, cookies, and session data
  • You will need to log in again after clearing data
  • Your account data on our servers remains intact
• Unregister Device:
  • Contact us to unregister your device and remove your FCM token
  • This stops push notifications to that device
  • You can re-register the device by logging in again
• Uninstall App:
  • Uninstalling removes all local data from your device
  • Your account data on our servers remains intact
  • FCM token becomes inactive and is removed after 90 days

7.6 Account Deactivation

• Request account deactivation (account can be reactivated by administrators)
• Request permanent account deletion
• Mobile App: After account deletion, you should uninstall the app to remove local data

To exercise these rights, please contact us at: dhdeveloper19@gmail.com, official@digitalhomeez.in

8. Mobile App Permissions

Our Android mobile application ("Digital Homeez Workflow") requests certain permissions to function properly. We are transparent about why we need each permission and how we use it.

8.1 Required Permissions (Automatically Granted at Installation)

These permissions are essential for the app to function and are automatically granted when you install the app:

• INTERNET:
  • Purpose: Required to connect to our servers at https://work.digitalhomeez.in
  • Usage: To sync your data, load task information, authenticate your account, and send/receive data
  • Why Required: The app cannot function without internet connectivity
  • Data Accessed: Only data you explicitly access through the app (no background data collection)
• ACCESS_NETWORK_STATE:
  • Purpose: To check if your device has an active internet connection
  • Usage: To optimize data usage, show connection status, and prevent unnecessary network requests
  • Why Required: Helps provide better user experience by detecting connectivity issues
  • Data Accessed: Only checks connection status (does not access network details or other apps' data)

8.2 Optional Permissions (User Consent Required)

These permissions are requested at runtime and you can choose to grant or deny them:

• POST_NOTIFICATIONS (Android 13+ / API Level 33+):
  • Purpose: To send you push notifications about task assignments, updates, and important alerts
  • When Requested:
    • Android 13 and above: Requested when you first open the app after installation
    • You will see a system dialog asking for permission
    • You can choose "Allow" or "Don't allow"
  • What Happens if Denied:
    • The app will function normally, but you will NOT receive push notifications
    • You can still access all features of the app
    • You can manually check for updates by opening the app
  • How to Change:
    • Go to your device Settings > Apps > Digital Homeez Workflow > Notifications
    • Toggle notifications on or off at any time
    • You can also manage notification categories and sounds from device settings
  • Notification Types:
    • Task assignment notifications
    • Task update notifications
    • Task reassignment notifications
    • New department assignment notifications
  • Notification Channel:
    • All notifications are sent through the "Task Notifications" channel
    • You can customize sound, vibration, and importance in Android settings
    • Notifications are configured with high priority to ensure timely delivery

8.3 Permissions We Do NOT Request

For your privacy and security, our app does NOT request the following permissions:

• Location: We do NOT access your device's location (GPS, network location, etc.)
• Camera: We do NOT access your device's camera
• Microphone: We do NOT access your device's microphone
• Contacts: We do NOT access your device's contact list
• Phone/SMS: We do NOT access your phone number or SMS messages
• Storage: We do NOT access your device's external storage (photos, files, etc.)
• Calendar: We do NOT access your device's calendar
• Call Logs: We do NOT access your call history
• Device ID/IMEI: We do NOT access your device's unique identifiers

8.4 Permission Management

You have full control over app permissions:

• View Permissions: Go to Settings > Apps > Digital Homeez Workflow > Permissions
• Revoke Permissions: You can revoke any permission at any time (except required ones)
• Impact of Revocation: Some features may not work if you revoke required permissions
• Re-grant Permissions: You can re-grant permissions later if you change your mind

Note for Android 12 and Below: For Android versions below 13 (API Level 32 and below), notification permissions are granted automatically at installation. You can still manage notification settings through your device Settings > Apps > Digital Homeez Workflow > Notifications.

8.5 Mobile App Installation and Updates

When you install or update our mobile app:

• Installation Source: The app is distributed through Google Play Store
• Installation Data: Google Play Store may collect installation data (subject to Google's Privacy Policy)
• Automatic Updates:
  • If you enable automatic updates in Google Play Store, the app will update automatically
  • Updates may include new features, bug fixes, or security improvements
  • We recommend keeping the app updated for the best experience and security
• Update Notifications:
  • You will be notified of available updates through Google Play Store
  • You can choose to update immediately or later
• Data After Updates:
  • Your account data and settings are preserved after updates
  • You may need to log in again if authentication tokens expire
  • Cache may be cleared during major updates for compatibility

9. Children's Privacy

Our Service is not intended for children under the age of 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our Service, you consent to the transfer of your information to these countries.

We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, regardless of where it is processed or stored.

11. Third-Party Links and Services

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party websites or services you visit.

Third-Party Services We Use:

• Firebase Cloud Messaging: Google's push notification service
  • Privacy Policy: https://firebase.google.com/support/privacy
  • Data Processing: Google processes FCM tokens (push tokens) and device identifiers to deliver notifications
  • Data Type: User or device identifiers (push notification tokens)
  • This data sharing is disclosed in our Play Console Data Safety form

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information held by us
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at dhdeveloper19@gmail.com, official@digitalhomeez.in.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Our legal basis for processing your data includes:

• Contractual Necessity: To provide the workflow management service you requested
• Legitimate Interests: To improve our Service, ensure security, and prevent fraud
• Consent: For push notifications (you can withdraw consent at any time)
• Legal Obligation: To comply with applicable laws and regulations

To exercise these rights, please contact us at dhdeveloper19@gmail.com, official@digitalhomeez.in.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (if you have provided an email address)
• Displaying a notice in the app for significant changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

15. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

• Investigate the breach immediately and take steps to contain it
• Notify affected users within 72 hours of becoming aware of the breach (where required by law)
• Notify relevant data protection authorities as required by applicable law
• Provide information about the nature of the breach and steps taken to address it
• Recommend actions you can take to protect yourself

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

17. Consent

By using Digital Homeez Workflow, you consent to our Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our Service.

If you have any questions about this Privacy Policy, please contact us at dhdeveloper19@gmail.com, official@digitalhomeez.in.