Student Application

All In One = Your Study Partner

Privacy Policy

All In One Student App · com.allinone.student

Effective: May 23, 2026 · Last updated: May 23, 2026 · Version 1.0

1. Introduction

This Privacy Policy describes how Dr. Saeed Abdallah, operating Pharmacy Boards Hub (“we,” “us,” or “our”), collects, uses, stores, and protects personal information when you use the All In One student mobile application (the “App”) on iOS and Android, part of the Pharmacy Boards Hub educational platform. The App provides curriculum-based pharmacy board exam preparation—including digital books, chapter PDFs, embedded lesson videos, chapter quizzes, model exams, test history, bookmarks, and curated student success stories—for enrolled students.

By creating an account or using the App, you agree to this Privacy Policy. If you do not agree, please do not use the App. This policy is designed to meet Apple App Store Review Guidelines (including Guideline 5.1 — Privacy) and to describe our practices clearly for students, parents, schools, and regulators in the UAE and internationally.

2. Who We Are

The App is operated by Dr. Saeed Abdallah under Pharmacy Boards Hub, located in Abu Dhabi, United Arab Emirates. For privacy-related requests, contact us using the details in Contact Us below.

App identity: Display name “All In One” · Bundle ID com.allinone.student · Platform: iOS and Android · Tagline: All In One = Your Study Partner.

3. Information We Collect

We collect information you provide, information generated through your use of the App, and limited device information as described below.

3.1 Account and profile information

  • Email address — used to create and sign in to your Firebase Authentication account.
  • Display name (full name) — collected at registration and stored in our Firestore database.
  • Password — stored only by Firebase Authentication using industry-standard hashing; we do not store your plaintext password.
  • Account role — fixed as student for this App.
  • Account status — e.g. pending, approved, rejected, or blocked, including approval by an authorized teacher or administrator.
  • Curriculum selection — e.g. American or Canadian curriculum path, stored in Firestore after signup (this selection is intended to be permanent for your account).
  • Account timestamps — creation and update times stored in Firestore.

3.2 Device and app information

  • Device identifier (students only) — on supported platforms we collect a device-specific identifier (for example, iOS identifierForVendor or an Android device identifier) and associate it with your account in Firestore to enforce a one-device-per-student-account policy. If you sign in on a different device than the one registered, sign-in may be denied until you contact support.
  • Screenshot event count (iOS) — when screenshot detection is active, we increment a screenshotCount field in your user profile. This count is used to enforce our content-protection policy (see Screenshot Protection).
  • Local app preferences — limited data such as your selected curriculum may be cached on-device using SharedPreferences to improve performance.

3.3 Learning activity and usage data

  • Quiz and test results — when you complete a chapter quiz or model exam, we store results in Firestore (test_results), including your user ID, book/chapter/exam identifiers, quiz title, question IDs, your selected answers, score, total questions, and completion time.
  • PDF bookmarks — page bookmarks you save while reading a chapter PDF are stored in Firestore under your user document (users/{userId}/pdf_bookmarks), including book ID, page number, and timestamp.
  • Temporary PDF files — chapter PDFs are downloaded from Firebase Storage to your device for in-app reading. These temporary files are removed from device storage when you leave the PDF reader, though the operating system may retain cached data according to its own rules.

3.4 Content you view (not user-generated)

  • Educational materials — books, chapters, questions, PDF URLs, and Vimeo video URLs are loaded from Firebase (Firestore and Storage). We log routine access through Firebase and our backend as part of normal service operation.
  • Student success stories (“reviews”) — you may view images and captions uploaded by authorized teachers. Students do not upload review content in the student App.

3.5 Support and external links

  • WhatsApp contact — if you tap “Contact Support” or “Contact Doctor,” you may be redirected to WhatsApp (via wa.me HTTPS links) with a pre-filled message. WhatsApp is operated by a third party; any information you send there is governed by WhatsApp’s policies, not this policy alone.
  • Social links — optional social media URLs configured by administrators may open in your device browser or external apps.

3.6 What we do not collect

  • We do not integrate third-party advertising SDKs in the student App.
  • We do not use Firebase Analytics or Firebase Crashlytics in the current student App codebase.
  • We do not collect precise GPS location, contacts, photos, microphone, or calendar data through the student App.
  • We do not offer in-app purchases or payment processing in the student App.

Note: Firebase and Google Cloud infrastructure may still process technical logs (IP address, device type, timestamps) as part of hosting and security. See Firebase Services.

4. How We Use Information

We use personal information to:

  • Create, authenticate, and manage your student account.
  • Enforce teacher/admin approval before full access to licensed educational content.
  • Deliver curriculum-specific books, chapters, PDFs, Vimeo videos, and quizzes.
  • Save and display your quiz history and PDF bookmarks.
  • Enforce device binding and screenshot-related account policies.
  • Provide customer support via WhatsApp or email when you contact us.
  • Maintain security, prevent abuse, and comply with legal obligations.
  • Improve reliability of the App and our Firebase backend.

We do not sell your personal information. We do not use student data for third-party advertising.

5. Firebase & Google Cloud Services

The App uses Google Firebase services. Data is processed on Google’s infrastructure and may be stored in regions configured for our Firebase project. Firebase acts as a data processor/service provider on our behalf.

Service Purpose Data involved
Firebase Authentication Email/password sign-up, sign-in, sign-out, account deletion, password re-authentication Email, authentication tokens, user UID
Cloud Firestore User profiles, curriculum, approval status, books/chapters metadata, quizzes, test results, bookmarks, app settings, review catalog Profile fields, learning activity, content metadata
Firebase Storage Host PDFs, images, and other educational assets served to the App Download URLs; files accessed when you open materials
Firebase Core Initialize and connect Firebase SDKs Technical configuration; may involve device/app instance identifiers per Google’s documentation

Google’s privacy policy: https://policies.google.com/privacy. Firebase terms: https://firebase.google.com/terms.

6. Vimeo & Other Third-Party Services

6.1 Vimeo (chapter videos)

Chapter videos are played in an in-app WebView using Vimeo’s embedded player (player.vimeo.com). Only Vimeo embed and CDN hostnames approved in our app code are allowed for playback. External navigation from the player is restricted where technically possible. When you watch a video, Vimeo may collect identifiers, device information, and viewing data under Vimeo’s Privacy Policy. We do not control Vimeo’s independent data practices.

6.2 WhatsApp (Meta)

Support and “Contact Doctor” features open WhatsApp via secure web links. Phone numbers used for support may be loaded from Firestore app settings. Messages you send in WhatsApp are processed by Meta/WhatsApp.

6.3 Apple / Google platform services

The App runs on iOS and Android. Your device manufacturer and operating system may process data according to their own privacy policies (e.g. Apple Privacy, Google Play services).

7. Educational Content & Licensing

Educational PDFs, videos, questions, and related materials are licensed for use through Pharmacy Boards Hub and are intended for personal study by approved students. You must not redistribute, publicly share, or commercially exploit content obtained through the App. Technical measures—including screenshot monitoring on iOS and account restrictions—exist to protect intellectual property and contractual obligations with content providers. See also our Copyright & IP Policy.

8. User Accounts

8.1 Registration and approval

Students register with email and password. New accounts are created with a pending status until an authorized teacher approves access. Until approved, access to the full book catalog may be limited. Teachers may also reject accounts. We may block accounts that violate policies (including repeated screenshot violations).

8.2 Sign-in and session

Sessions are managed through Firebase Authentication. You can sign out at any time from Settings. Password reset may be available by contacting support at all.in.one.pharmacy.boards.hub@gmail.com.

8.3 Device binding

Student accounts are associated with the first device used to sign in after registration. Attempting to use the same account on another device without authorization may be blocked. Contact support if you legitimately change devices.

9. Data Retention

  • Active accounts — we retain profile, learning, and bookmark data while your account remains active and as needed to provide the service.
  • Pending/rejected accounts — data may be retained to administer approvals and prevent abuse.
  • Blocked accounts — we may retain records of blocks, screenshot counts, and related metadata for security and audit purposes.
  • Deleted accounts — see Account Deletion.
  • Backups — residual copies in encrypted backups may persist for a limited period per Firebase/Google retention schedules.

10. Account Deletion

In-app deletion (Settings → Delete Account) You may permanently delete your account from within the App. You will be asked to confirm and re-enter your password to verify your identity.

When deletion succeeds, we:

  1. Re-authenticate you with Firebase Authentication using your password.
  2. Delete your user profile document from Cloud Firestore (users/{yourUserId}).
  3. Delete your Firebase Authentication account.
  4. Sign you out and return you to the login screen.

Associated data: Quiz results stored in the test_results collection and PDF bookmarks stored under your user document may not be automatically deleted by the current client deletion flow. We will delete or anonymize such associated records upon request at all.in.one.pharmacy.boards.hub@gmail.com, or as we implement automated cascade deletion on our backend. Local temporary PDF files on your device are removed when you close the reader or uninstall the App.

If re-authentication fails (for example, wrong password), your account is not deleted and you remain signed in. Deletion cannot be completed without valid credentials.

11. Screenshot Protection

To protect copyrighted educational materials, the App implements screenshot-related controls:

  • iOS: The App detects when the system screenshot capture event occurs. You may receive in-app warnings. A running count is stored in your Firestore profile. After three (3) detected screenshot events, your account may be marked blocked with reason related to screenshot policy, and you may lose access on subsequent sign-in attempts.
  • Android: Additional screen-capture blocking may be enabled or disabled in different App versions. Do not rely on the operating system alone to prevent all capture methods.

Apple and other platforms do not allow apps to fully prevent screenshots in all cases on iOS; detection and account enforcement are used instead where technically feasible.

12. Security

We implement administrative, technical, and organizational measures appropriate to the nature of the data, including:

  • Firebase Authentication for credential management.
  • HTTPS/TLS for data in transit between the App and Google/Firebase services.
  • Firestore and Storage security rules (server-side) intended to restrict read/write access by role.
  • Password re-authentication before account deletion.
  • Device binding and account status enforcement for students.

No method of transmission or storage is 100% secure. Please use a strong, unique password and keep your device secure. Report suspected unauthorized access immediately to all.in.one.pharmacy.boards.hub@gmail.com.

13. Children's Privacy

The App is designed for educational use by students, often in secondary or pharmacy board exam preparation contexts. We do not knowingly collect personal information from children under 13 (or the minimum age required in your country) without appropriate parental or school consent. If you are a parent or guardian and believe your child provided personal information without consent, contact us and we will take steps to delete it.

Schools and parents should supervise student registration, approve device use, and ensure curriculum materials are appropriate for the student’s age and local regulations (including UAE educational and data-protection requirements where applicable).

14. Your Rights & Choices

Depending on your location, you may have rights to:

  • Access personal information we hold about you.
  • Request correction of inaccurate profile data (contact support; some fields such as curriculum may be locked after initial selection).
  • Request deletion of your account and associated data.
  • Object to or restrict certain processing where applicable law provides.
  • Withdraw consent where processing is consent-based (may limit App functionality).
  • Lodge a complaint with a supervisory authority.

To exercise these rights, email all.in.one.pharmacy.boards.hub@gmail.com or use in-app account deletion. We may verify your identity before fulfilling requests.

15. International Data Transfers

If you access the App from the United Arab Emirates or other countries, your information may be transferred to and processed in countries where Firebase/Google operates data centers. We rely on appropriate safeguards provided by our service agreements and Google’s compliance programs where applicable.

16. Policy Changes

We may update this Privacy Policy from time to time. The “Last updated” date at the top will change when we do. Material changes may be communicated through the App, email, or our website. Continued use after the effective date constitutes acceptance of the updated policy.

17. Contact Us

For privacy questions, data requests, or account assistance:

Teacher App Privacy Policy · Terms of Service