Privacy Policy
Last updated: May 2025 · Effective for MyCommunityX app and website
Pineroot Technologies Private Limited ("we", "our", "us") operates the MyCommunityXplatform ("Platform"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our mobile application and website. By using the Platform, you agree to the practices described in this policy.
1. Information We Collect
We collect the following categories of information when you use the MyCommunityX platform:
Account Information: Name, phone number, email address, and society/unit details provided during registration.
Role-Specific Data:
Residents: visitor approvals, delivery preferences, complaint submissions, amenity bookings, billing information.
Guards: visitor entry logs, delivery handling records, attendance check-ins, shift notes.
Admins: society configuration, staff management data, financial records, broadcast history.
Staff/Workers: task assignments, attendance records, and location data during on-duty hours only.
Device Information: Device type, operating system, app version, and push notification tokens for service delivery.
Usage Data: App interaction patterns to improve platform performance and user experience.
2. How We Use Your Information
Your information is used solely to operate and improve the MyCommunityX platform:
Authenticating users and managing role-based access
Enabling real-time operational workflows (visitor approvals, delivery notifications, task tracking)
Sending push notifications for gate events, billing, complaints, and emergencies
Generating reports for society admins and committee members
Improving platform reliability, security, and features
Complying with legal obligations
We do not sell, rent, or share your personal information with third parties for marketing purposes.
3. User Roles and Data Access
MyCommunityX enforces strict role-based access control:
Admins can access society-level operational data, financial records, and staff information within their registered society only.
Residents can access their own unit data, visitor logs, bills, complaints, and community content.
Guards can access current duty-relevant data including visitor lists, delivery records, and emergency alerts.
Staff/Workers can access their own assigned tasks, attendance records, and communication history.
No user can access data belonging to another society. All access is logged and auditable.
4. Location Tracking
Location data is collected only when:
A worker/staff member is actively on duty and location sharing is enabled for a specific task
A resident has initiated a task request that requires worker tracking
Location is shared only with the requesting resident and the society admin for the duration of the task
Location collection stops automatically when the task is completed or the worker goes off-duty
We do not track location in the background for any role outside of active, consented task workflows.
5. Notifications
Push notifications are used to deliver time-sensitive operational updates:
Visitor arrival and approval requests
Delivery and parcel notifications
Complaint status updates
Maintenance billing reminders
Emergency and SOS alerts
Society broadcasts and announcements
You may manage notification preferences within the app. Disabling notifications may affect real-time features.
6. Documents and Media Uploads
Society documents, notice boards, profile photos, and other uploaded files are:
Stored in secure Google Cloud Storage with access controls
Accessible only to authorized roles within the society
Not shared with external parties
Subject to retention policies set by society admins
Users are responsible for ensuring uploaded content is lawful and does not violate intellectual property rights.
7. Data Storage and Security
All data is stored and processed with the following protections:
Database: PostgreSQL with encrypted connections and regular backups
Real-time data: Firebase Realtime Database with Firebase Security Rules enforcing role-based access
Authentication: Firebase Authentication with OTP-based mobile login
Storage: Google Cloud Storage with signed URL access controls
Transport: All data transmitted over HTTPS/TLS
We implement industry-standard security practices and conduct regular security reviews.
8. Data Retention
We retain your data for as long as your account remains active or as required for legitimate operational purposes. Society-level data is retained for the duration of the society's subscription. Upon account deletion or subscription termination, data is archived for 90 days and then permanently deleted, unless retention is required by law.
9. Account Deletion
You may request deletion of your account and associated data by:
Submitting a deletion request through the app settings
Contacting us at support@pineroottechnologies.com
Upon verification, we will delete your personal data within 30 days. Some records may be retained in anonymized form for operational audits where legally required.
10. Children's Privacy
MyCommunityX is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notification or email. Continued use of the platform after changes constitutes acceptance of the updated policy.
12. Contact Us
For privacy-related inquiries, data requests, or concerns, please contact:
Pineroot Technologies Private Limited
Email: support@pineroottechnologies.com
We are committed to responding to privacy inquiries within 7 business days.