Hi,
If as you are giving read write permission to all,its difficult to achieve what you are trying,but if directories in your example directory are /app are written by a single user like root,then by using sticky bit you can prevent users by deleting the contents.
For example if you set sticky bit on /app using
Now the user who creates files or directories in it will only be able to delete.