Privacy Policy

1. Overview

NITJ Mess ERP is a mobile application used for hostel mess operations and administration at Dr B R Ambedkar National Institute of Technology Jalandhar, commonly known as NITJ. The app is intended for authorized students, mess staff, committee members, clerks, managers, and other approved institutional users.

This Privacy Policy applies to the NITJ Mess ERP Android app and any related backend services used by the app. By using the app, users acknowledge that their information may be processed as described in this policy for institutional mess management purposes.

2. Data We Collect

The app collects only the information needed to operate mess-related services and role-based administrative workflows. Depending on the user's role and activity, this may include:

• Identity and profile information, such as name, roll number or user ID, hostel, role, department or class details, and account status.
• Authentication and access information needed to verify authorized users and provide role-based screens and permissions.
• Mess activity records, such as meal attendance, QR scan records, meal sessions, extra item requests, leave requests, opt-out records, monthly billing records, and notifications.
• Administrative records, such as stock entries, vendor records, stock bills, vouchers, tender information, announcements, reports, approvals, review remarks, and grievance handling records.
• User-submitted content, such as grievance descriptions, leave reasons, comments, uploaded images, documents, bill photos, tender files, and supporting attachments.
• Device and app information needed for app functionality, diagnostics, security, and service reliability.

The app may request access to camera or file/image selection features when a user chooses to scan a QR code or upload a relevant document or image. These permissions are used only for the selected app feature.

3. How We Use Data

Information is used to:

• Authenticate users and maintain role-based access.
• Manage mess attendance, meal sessions, leave, and billing.
• Process grievances, announcements, stock, vendors, and tenders.
• Generate operational records, reports, vouchers, and summaries.
• Maintain app security, troubleshoot issues, and prevent misuse.
• Communicate important mess-related updates to authorized users.

NITJ Mess ERP does not use user data for advertising, behavioral profiling, or sale to third parties.

4. Data Sharing

Data may be visible to authorized institutional users based on their assigned role. For example, a student may see their own requests and records, while authorized mess staff or committee users may see records needed to manage mess operations.

The app uses Firebase services, including Firebase Core, Cloud Firestore, and Firebase Storage, to store and process app data. These services are provided by Google and are used as backend infrastructure for authentication-related configuration, database storage, file storage, and app functionality.

Data is not sold. Data is not shared with advertisers. Data may be disclosed only when required for institutional administration, service operation, security, legal compliance, or protection of users and the institution.

5. Security

Reasonable technical and organizational measures are used to protect app data. Firebase services use encrypted connections for data in transit. Access to records is intended to be limited by app roles, Firebase security rules, and administrative controls.

No method of electronic storage or transmission is completely secure. Users should keep their login credentials confidential and report suspected unauthorized access promptly.

6. Data Retention

Records are retained for as long as needed for mess administration, audit, billing, dispute resolution, grievance handling, reporting, security, and institutional recordkeeping. Some records may be retained for academic, financial, or administrative periods required by the institution.

When data is no longer required, it may be deleted, archived, or anonymized according to operational and institutional requirements.

7. Account and Data Deletion

Authorized users may request deletion of their app account or personal data by contacting the support email listed below. A deletion request should include the user's registered name, roll number or user ID, hostel, and the type of data or account action requested.

Some information may need to be retained if it is required for billing, attendance, audit, grievance records, security, legal compliance, or institutional administration. When full deletion is not possible, the request will be reviewed and handled according to applicable institutional requirements.

Data deletion request page: Delete account and data

8. Children and Student Users

NITJ Mess ERP is intended for authorized NITJ mess users and is not directed to children for general public use. Student access is limited to institutional mess workflows. If a user believes that data has been submitted without appropriate authorization, they should contact the support email below.

9. Changes to This Policy

This Privacy Policy may be updated when app features, data practices, Firebase configuration, institutional processes, or legal requirements change. The updated policy will be posted on this page with a revised effective date.

10. Contact

For privacy questions, app access concerns, or data deletion requests, contact:

NITJ Mess ERP Team
Dr B R Ambedkar National Institute of Technology Jalandhar
Email: erpmess@nitj.ac.in