Privacy Policy

Effective Date: February 24, 2026 · Last Updated: March 29, 2026

Pharmingo ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Pharmingo mobile application (the "App") and related services. Please read this policy carefully. By using the App, you consent to the practices described herein.

1. Information We Collect

1.1 Information You Provide Directly

• Account Information: When you register, we collect your full name, email address, username, and profile picture. If you sign up via Google, Apple, Facebook, or phone number, we receive the associated authentication credentials.
• Profile Data: Any optional information you add to your profile, including display name, biography, medical school affiliation, and pharmacy year of study.
• User-Generated Content: Messages, feedback, quiz answers, challenge responses, and any content you submit through the App.
• Support Requests: Information you provide when contacting us for help, including your name, email, and the content of your inquiry.

1.2 Information Collected Automatically

• Usage Data: We collect data about how you interact with the App, including lessons completed, quiz scores, streak data, XP earned, gems balance, achievement progress, lesson completion times, and feature usage patterns.
• Device Information: Device model, operating system version, unique device identifiers (IDFV), app version, language settings, and timezone.
• Log Data: IP address, access times, crash logs, error reports, and diagnostic data.
• Performance Data: App performance metrics, load times, and interaction latency to improve the user experience.

1.3 Information from Third Parties

• Authentication Providers: When you sign in with Google, Apple, or Facebook, we receive your name, email, and profile photo as authorized by you.
• Analytics Providers: Aggregated and de-identified analytics data from Firebase Analytics and Google Analytics.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide & Maintain the App: Deliver the core learning experience, track your progress, manage your account, and process in-app transactions.
• Personalization: Customize lesson recommendations, difficulty levels, daily quests, and learning paths based on your performance and preferences.
• Gamification & Social Features: Operate leaderboards, streak tracking, achievement systems, weekly goals, leagues, friend challenges, and follower/following functionality.
• Communication: Send push notifications (streaks, reminders, challenge updates, friend activity), in-app notifications, and service-related emails.
• Improvement & Analytics: Analyze usage patterns to improve content quality, app performance, and user experience.
• Safety & Security: Detect and prevent fraud, abuse, and unauthorized access; enforce our Terms of Service.
• Legal Compliance: Comply with applicable laws, regulations, and legal processes.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

• With Other Users: Your public profile information (display name, username, profile picture, level, XP, streak, achievements, and league rank) is visible to other users who follow you or view leaderboards.
• Service Providers: We share data with trusted third-party service providers who assist in operating the App (e.g., Firebase for backend infrastructure, Google AdMob for advertising). These providers are contractually obligated to protect your data and may only use it to provide services on our behalf.
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
• With Your Consent: We may share your information for any other purpose with your explicit consent.

4. Third-Party Services

The App integrates with the following third-party services, each with their own privacy policies:

• Firebase (Google): Authentication, Cloud Firestore database, Cloud Functions, Cloud Messaging (push notifications), Crashlytics (crash reporting), and Analytics. Firebase Privacy Policy
• Google AdMob: Serving advertisements within the App. Google Privacy Policy
• Apple Sign-In: Authentication service. Apple Privacy Policy
• Google Sign-In: Authentication service. Google Privacy Policy
• Facebook Login (Meta): Authentication service. Meta Privacy Policy
• RevenueCat: In-app purchase and subscription management. RevenueCat Privacy Policy

5. Facebook Login & Meta Platform Data

Pharmingo offers Facebook Login as an authentication option, powered by Meta Platforms, Inc. This section explains how we handle data received from Meta ("Platform Data") in compliance with Meta's Platform Terms.

5.1 Data We Receive from Meta

When you choose to sign in with Facebook, we receive the following Platform Data with your explicit authorization:

• Meta User ID: A unique identifier assigned to your Facebook account.
• Email address: The primary email address associated with your Facebook account.
• Public profile: Your name and profile picture as set on Facebook.

5.2 How We Use Meta Platform Data

We use Meta Platform Data exclusively to:

• Create and authenticate your Pharmingo account.
• Identify you across sessions to provide a consistent experience.
• Pre-fill your profile information (name, profile picture) for your convenience.

5.3 Storage of Meta Platform Data

All Meta Platform Data is stored exclusively in Google Firebase, which enforces AES-256 encryption at rest by default. We do not store Meta Platform Data in any other location, including personal or organizational devices, USB drives, or third-party cloud storage services (e.g., Dropbox, Google Drive).

5.4 Sharing of Meta Platform Data

We do not sell, license, or transfer Meta Platform Data to third parties. We share it only with Google Firebase (our backend service provider) under a Data Processing Agreement that restricts Firebase from using your data for any purpose other than providing services to us.

5.5 Deletion of Meta Platform Data

You may request deletion of your Meta Platform Data at any time by deleting your account through the App (Settings → Account → Delete Account) or by contacting us at privacy@pharmingo.app. Upon deletion, all associated Platform Data will be permanently removed from our systems within 30 days.

6. Advertising & Analytics

6.1 Advertising

The free version of Pharmingo displays advertisements served by Google AdMob. AdMob may use device identifiers and usage data to deliver personalized or contextual ads. You can opt out of personalized advertising through your device settings:

• iOS: Settings → Privacy & Security → Tracking → Disable "Allow Apps to Request to Track"

Premium subscribers ("Pharmingo Super") enjoy an ad-free experience.

6.2 Analytics

We use Firebase Analytics and Crashlytics to collect anonymized usage statistics and crash reports. This helps us understand how the App is used and identify issues. You can limit analytics collection by adjusting your device's privacy settings.

7. Data Retention

We retain your personal information for as long as your account remains active or as needed to provide you with our services. Specifically:

• Account Data: Retained until you request account deletion.
• Progress & Learning Data: Retained for the lifetime of your account to ensure continuity of your learning experience.
• Log & Analytics Data: Retained for up to 24 months, then automatically deleted or anonymized.
• Crash Reports: Retained for up to 12 months.
• Meta Platform Data: Retained only for the duration of your account. Deleted immediately upon account deletion.

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by law.

8. Data Security & Encryption

We implement industry-standard security measures to protect your information:

• Encryption at Rest: All data stored in our backend (Google Firebase) is encrypted at rest using AES-256 encryption, enforced automatically by Firebase across all services including Firebase Authentication, Cloud Firestore, and Firebase Storage.
• Encryption in Transit: All data transmitted between the App and our servers is encrypted using TLS/SSL.
• Secure Credential Storage: Sensitive credentials are stored securely using iOS Keychain.
• Access Control: Firebase Security Rules restrict database access to authorized users only. We follow the principle of least privilege for data access.
• Token Management: Authentication tokens are securely managed and rotated.
• Regular Reviews: We conduct regular security reviews of our systems and practices.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Internal Data Protection Policy

Pharmingo maintains strict internal policies to protect all user data, including Meta Platform Data:

All team members with access to platform systems have been informed of and have acknowledged this obligation. All Platform Data must be stored exclusively within our approved backend infrastructure (Google Firebase) at all times.

Prohibited actions include:

• Downloading or exporting user data to personal computers or laptops.
• Storing API keys or App Secrets in plain-text files, notes, or messaging applications.
• Sharing Platform Data via email, messaging services, or unauthorized cloud storage.
• Storing Platform Data on any device or service outside of Google Firebase.

10. Children's Privacy

Pharmingo is designed for pharmacy students, healthcare professionals, and individuals aged 17 and older. We do not knowingly collect personal information from children under the age of 13 (or the applicable age of consent in your jurisdiction).

If we become aware that we have collected personal information from a child below the applicable age, we will take immediate steps to delete that information. If you believe a child has provided us with personal data, please contact us at privacy@pharmingo.app.

11. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data and account.
• Portability: Request a machine-readable copy of your data.
• Objection: Object to certain processing of your data, including direct marketing.
• Restriction: Request restriction of processing in certain circumstances.
• Withdraw Consent: Where processing is based on consent, withdraw consent at any time.

To exercise any of these rights, please contact us at privacy@pharmingo.app. We will respond to your request within 30 days.

11.1 Account Deletion

You may request account deletion at any time through the App (Settings → Account → Delete Account) or by emailing us. Upon deletion, your personal data, progress, and social connections — including all Meta Platform Data — will be permanently removed within 30 days.

11.2 Managing Notifications

You can manage push notification preferences within the App's settings or through your device's notification settings.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers (such as Google/Firebase) maintain their servers. These countries may have data protection laws that differ from those of your jurisdiction.

Where required by law, we ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses or reliance on the service provider's data protection certifications.

13. Push Notifications

With your permission, we send push notifications for:

• Streak reminders to help maintain your learning habit.
• Daily quest and weekly goal updates.
• Friend activity notifications (follows, challenge invitations, challenge results).
• Achievement unlocks and reward notifications.
• Important service announcements.

You can opt out of push notifications at any time in your device settings or within the App.

14. In-App Purchases & Subscriptions

Pharmingo offers in-app purchases and subscription plans ("Pharmingo Super") through Apple's App Store. All financial transactions are processed by Apple. We do not collect, store, or have access to your payment card details or Apple Pay information.

We receive only transaction confirmation data (product purchased, transaction ID, purchase date) necessary to activate your premium features.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by:

• Posting the updated policy within the App.
• Updating the "Last Updated" date at the top of this page.
• Sending a push notification or in-app notice for significant changes.

Your continued use of the App after any changes constitutes acceptance of the updated Privacy Policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Pharmingo
Email: privacy@pharmingo.app
Website: https://pharmingo.app

We aim to respond to all inquiries within 30 business days.

© 2025–2026 Pharmingo. All rights reserved.