Who This Policy Covers
This Privacy Policy applies to persons who download and use the Saf7a mobile application (“App”) from Google Play and who interact with associated online functionality provided for the App. Depending on registration type, Saf7a serves students, instructors (“teachers”), course-center operators and administrators, assistants and related roles coordinating educational groups, sessions and attendance workflows.
The App communicates with backend services reachable at https://api.saf7a.net/ and opens authenticated reporting content in a Web environment at https://reports.saf7a.net/ where that feature is exposed to signed-in roles that have access inside the App.
Overview
Saf7a is built to organise multi-tenant education operations—profiles, enrolments, instructional groups, sessions, attendance—including QR-assisted verification where educators enable it—and related centre or subscription administration. Personal data processed through the App is handled to deliver these services, authenticate users, notify you where you opt in, keep records required for educational coordination, respond to lawful requests and secure the Services.
Information We Collect
Identifiers and credentials
- Mobile telephone number submitted at registration or sign-in flows and used as a primary credential together with OTP (one-time passcode) verification.
- E-mail address if you voluntarily provide one during compatible registration flows; it may be omitted where the flow allows optional e-mail capture.
- Authentication artifacts issued by Saf7a APIs (stored on your device inside platform-protected mechanisms such as Flutter Secure Storage) that keep sessions active.
- WhatsApp-assisted verification artefacts when such an option exists in-product: codes or tokens exchanged strictly to validate control of your phone number according to backend logic.
Educational profiles and organisational data
- Names, guardian or parent-related contact inputs where student profiles collect them as part of onboarding or profile maintenance.
- Educational-structure selections surfaced by the App (governmental lookups, centres, instructional levels/tracks cohorts compatible with Egyptian education structures, divisions, subjects, university hierarchies).
- Records created when you organise or participate in instructional groups or sessions—including scheduling metadata, enrolment statuses, QR codes surfaced for organisational purposes inside the ecosystem, and attendance-related marks instructors or centres configure.
User-generated multimedia
- Profile photographs you choose via the gallery or camera pipeline; cropping is performed locally with the cropping library before uploading to Saf7a-hosted media locations under backend-controlled paths such as profile image folders linked from api.saf7a.net.
- Images or exports generated purely on-device inside supported screens (such as previews or share sheets using widgets that render images locally) unless you deliberately upload those assets through an explicit submission action.
Invitations and deep links
- Universal links and custom URL schemes—including https://api.saf7a.net/invite-style HTTPS invitation routes and custom scheme URIs prefixed with saf7aMobileApp—to route you into flows that consume invitation payloads returned by invitation APIs documented in-app.
Messaging identifiers
- Firebase Cloud Messaging registration tokens paired with Flutter local notification channels so transactional or organisational messages can arrive on-device when notifications are authorised on Android 13+.
Device-level processing that does not leave your phone
- Biometric checks via Android USE_BIOMETRIC, used only locally to authenticate you before unlocking password-protected in-app workflows (information never leaves Secure Enclave equivalents without your biometric prompt succeeding).
- Local database storage using Isar for offline-first copies of sanctioned data subsets and cached artefacts that sync when networking returns.
- Additional preferences persisted by SharedPreferences-style storage for usability state (themes, onboarding flags).
Technical diagnostics derived from connectivity
- Non-persistent network reachability classifications from the Connectivity Plus plugin informing UI behaviour; SDK does not inherently upload raw browsing history.
How We Use Information
- Provide authenticated access to dashboards for each configured role centre, instructor, guardian-linked student workflows and assistants.
- Provision educational groups and sessions with accurate rosters tied to organisational policies.
- Operate QR-assisted attendance where enabled, meaning camera frames analysed on-device identify codes without Saf7a receiving raw video unless additional upload features expressly ask for it outside default scanner flows described here.
- Deliver push notifications respecting Android notification permission.
- Fulfil transactional communications like OTP deliveries through integrated SMS/WhatsApp gateways managed server-side outside the handset.
- Facilitate dialling workflows when you expressly tap call actions that rely on declared telephony intents.
- Keep compliance records—including subscription state when surfaced by API responses—aligned with organisational obligations.
- Detect abuse, secure APIs and enforce rate limits correlating telemetry already collected by infrastructure logging on Saf7a's servers separate from analytics SDKs bundled in source dependencies shown below.
Google Mobile Services modules required for ML-backed scanning or optional downloads may expose limited device telemetry to Google under its policies; Firebase messaging subjects token metadata to Google's infrastructure as outlined in Google's Firebase documents linked below.
Sharing, Hosts and Service Providers
Saf7a shares personal data strictly when necessary:
- Infrastructure and operators: hosting vendors, relational databases and object storage underpinning APIs at api.saf7a.net and authenticated Web reporting at reports.saf7a.net.
- Messaging gateways: OTP or WhatsApp transactional providers configured on the backend to deliver verification artefacts.
- Integrated Google offerings: Firebase Cloud Messaging and Mobile Vision / CameraX-associated binary components pulled in through ML Kit-compatible scanner packages run under Google's applicable terms.
- Legal and safety requests: regulators or courts inside jurisdictions where lawful requests meet procedural thresholds.
- Corporate reorganisation events subject to safeguards and notice where required.
Saf7a does not sell your personal information in the ordinary sense contemplated by regional “sale” definitions—monetisation is not effected by vending contact lists collected through the educational platform.
Mobile Technologies and Integrated Services
Dependencies declared in Saf7a's Flutter codebase inform the disclosures below (versions evolve with builds; inspect your installed build's dependency lockfile when auditing).
| Capability / Dependency family | Role in Saf7a |
|---|---|
| Firebase Core & Firebase Cloud Messaging (firebase_core, firebase_messaging) | Maintains push notification plumbing; transmits device tokens Google routes on Saf7a's configured projects. |
| Flutter Local Notifications | Presents actionable notifications surfaced from FCM or local alarms once permission is granted. |
| mobile_scanner (CameraX & bundled Google ML barcode stack) | Runs camera previews and decodes QR or barcode imagery on-device—pixel buffers analysed locally before mapping to attendance or verification logic. |
| image_picker & UCrop-derived cropper (image_cropper) | Selects portrait images via system pickers/camera delegates and trims them locally before upload. |
| local_auth biometric plugin | Prompts biometric authentication for sensitive in-app password flows (local trust only). |
| dio HTTP client layer | Communicates HTTPS JSON requests to REST endpoints under api.saf7a.net namespaces. |
| cached_network_image & Flutter SVG loaders | Caches remote images (for example CDN-served educator media) responsibly with standard HTTP semantics. |
| Google Fonts retrieval | Loads licensed webfont assets from Google's font distribution network matching UI typography bundles. |
| Isar embedded database communities edition | Stores sanctioned offline entities on-device with encryption-compatible libraries. |
| flutter_secure_storage & shared_preferences | Protects secrets (tokens, user e-mail echoes) separately from mundane preferences. |
| app_links & share_plus plugins | Consumes HTTPS invitation URLs and emits OS-standard share intents when triggered. |
| webview_flutter | Renders HTML received from APIs (Terms, onboarding content) plus authenticated reporting browser surfaces. |
Additional Google disclosures: Firebase — https://firebase.google.com/support/privacy/ · ML Kit — https://developers.google.com/ml-kit/terms
Device Permissions Used by the App
- Internet — essential API traffic over TLS.
- Camera — scanning QR-linked attendance artefacts and analogous flows; cropping pipeline may originate separate camera captures through system intents.
- Telephony / Dialer — launching phone calls initiated by tapping supported contact actions (CALL_PHONE plus package visibility intents for dialing).
- Post notifications (Android 13+) — delivering push payloads after explicit permission.
- Biometrics — hardware-backed unlocking of sensitive UI.
Retention
Saf7a retains account and educational operational data for as long as your organisational relationship persists, longer where required bookkeeping or regulatory duties demand, and afterward for secure archival durations permitted by Egyptian data-protection expectations and pragmatic backup rotation.
On-device caches may persist until logout, manual clearing or reinstall; tokens should be invalidated server-side whenever sessions end.
Security
- Industry-standard HTTPS transport encrypts payloads between App and apis.
- Tokens stored with OS-keystore-compatible abstractions discourage casual extraction.
- Role-based protections on backend minimise cross-tenant bleed (each centre or instructor scope isolated per server rules).
Absolute security cannot be promised; safeguard your device PINs and biometric enrollments concurrently.
Your Rights and Choices
- Access/update profile fields surfaced in student, teacher or centre dashboards when policies grant edit rights.
- Revoke notifications through Android Settings if you discontinue push privileges.
- Request account closure or fuller erasure workflows through organisational administrators when your relationship is mediated by schools or institutes; autonomous consumer accounts additionally follow instructions issued under Contact Information.
- Residents of jurisdictions furnishing statutory privacy rights—such as the EU GDPR or Egyptian Personal Data Protection Law No. 151 of 2020—may escalate requests where applicable safeguards exist.
Children, Students and Institutional Use
Saf7a frequently supports minors registered under instructional organisations. Centres, schools or guardians supply verifiable particulars consistent with onboarding agreements. Institutional administrators—not Saf7a engineers acting spontaneously—normally approve invitations and supervise account activation.
International Processing
Primary processing occurs for educational operations tied to deployments hosted for Saf7a tenants. Because Firebase and Google Fonts route through global infrastructure operated by Google LLC and affiliates, limited cross-border transfers may transpire pursuant to Google's data processing clauses.
Changes to This Policy
Updates post with a refreshed effective date retained at the top header; continued use thirty days following material edits constitutes acknowledgement unless jurisdictional statutes require affirmative consent workflows.
Contact Information
For privacy or data-protection correspondence, route requests through:
- The developer contact credentials published on Saf7a's Google Play store listing (“Contact details”), which satisfies merchant-of-record attribution for disclosures required by storefront policies;
- In-product support entry points surfaced to authenticated institutional contacts when deployed in your tenant.
Please include identifying context (tenant name, approximate phone/username, role) sufficient for operators to reconcile records without undue delay.
Operational infrastructure references: REST API gateway https://api.saf7a.net/; authenticated reporting endpoints https://reports.saf7a.net/; invitation links resolve under api.saf7a.net-issued HTTPS prefixes as configured inside the Apps Links manifest.