Mess BuddyQuick summary: We collect only what's needed to run Mess Buddy. We never sell your data. Your mess activity is visible only to your mess members. You can request full deletion at any time.
BuddyCoders ("we", "our", "us") operates the Mess Buddy mobile application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. By using Mess Buddy you agree to the practices described here.
1. Information We Collect
Account information — name, email address, mobile phone number, and profile preferences you provide when you register.
Authentication data — if you sign in with Google, we receive your name, email, and Google account ID. We never receive your Google password.
Mess & financial data — meal counts, bazar entries, bill amounts, payment submissions, and your balance within your mess.
Device data — device push notification token (FCM/APNs) for delivering push notifications, plus basic device information (model, operating-system version, language).
Advertising data — when in-app ads are shown, our advertising partner Google AdMob collects your device's advertising identifier (Advertising ID), IP address, approximate (coarse) location, and ad-interaction events in order to serve and measure ads. See Advertising & In-App Purchases below.
Purchase data — if you buy an optional subscription or in-app product, Google Play Billing processes the payment and shares your purchase status with us (e.g. active / cancelled). We never receive your full card or banking details.
Usage data — app interactions and error logs, collected for improving the service.
2. How We Use Your Information
- Create and manage your Mess Buddy account
- Provide meal tracking, bazar management, and bill-splitting features
- Send transactional emails (welcome, reminders, payment confirmations)
- Deliver push notifications about mess activity
- Respond to support requests
- Improve and debug the application
- Comply with legal obligations
We do not sell, rent, or trade your personal data to any third party.
3. Third-Party Services
We use the following third-party services, each governed by their own privacy policies:
- Google Sign-In — optional social authentication. Google Privacy Policy
- Google AdMob (Google LLC) — serves and measures in-app advertisements. How AdMob uses data · Google Ads Policy
- Google Play Billing (Google LLC) — processes optional in-app purchases and subscriptions. Google Privacy Policy
- Firebase (Google LLC) — push notifications via FCM, identity verification, and analytics/crash reporting. Firebase Privacy
- Resend — transactional email delivery. Resend Privacy Policy
- PostgreSQL / Database — your data is stored in a secured, encrypted database.
4. Data Retention
Your data is retained for as long as your account is active. If you delete your account, personal data is removed within 30 days. Aggregated, anonymised analytics may be retained longer.
Financial records (bills, payments) may be retained for up to 3 years to comply with applicable laws.
5. Data Security
- TLS encryption for all data in transit (HTTPS)
- bcrypt password hashing — we never store plain-text passwords
- Short-lived JWT tokens — access tokens expire after 15 minutes
- Principle of least privilege — internal services access only what they need
No method of electronic storage is 100% secure. If you suspect unauthorised access to your account, contact us immediately.
6. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Request deletion of your account and data
- Withdraw consent for optional data processing
- Export your data (data portability)
To exercise any of these rights, email us at [email protected].
7. Children's Privacy
Mess Buddy is not directed to individuals under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us personal information, please contact us immediately so we can remove it.
8. International Transfers
Your data is primarily stored on servers accessible from Bangladesh. Some third-party providers (Google, Resend) process data internationally. We ensure appropriate safeguards are in place for such transfers.
9. Advertising & In-App Purchases
Advertising. Mess Buddy is supported by advertising provided through Google AdMob. We may show banner ads and optional rewarded ads (which you choose to watch in exchange for unlocking certain actions). To serve and measure these ads, AdMob may collect your device's Advertising ID, IP address, approximate location, and ad-interaction data.
- You can reset your Advertising ID or opt out of ad personalisation at any time in your device settings (Android: Settings → Google → Ads).
- Where required, we ask for your consent before serving personalised ads.
- We do not share the financial records you enter in your mess with advertisers.
For details on how Google uses this data, see How AdMob uses data.
In-App Purchases & Subscriptions. Mess Buddy may offer optional one-time purchases and auto-renewing subscriptions (for example, an ad-free or premium tier). These are processed entirely by Google Play Billing. Google handles your payment information; we receive only your purchase and subscription status (such as active, expired, or cancelled) so we can unlock the corresponding features.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. The "Last updated" date at the top reflects the most recent revision.
11. Contact Us
Have a question about this policy or how we handle your data? We're happy to help. Email us at [email protected].
BuddyCoders · Bangladesh · Mess Buddy