Privacy Policy

Your Privacy Matters

Last updated: March 2026

This Privacy Policy explains how we process data when you use our Quran mobile app and this website. We keep data collection limited and focus on transparency for each feature.

Mobile Application

Data Stored On Your Device

The app stores core usage data locally in on-device app storage. This includes:

  • Bookmarks (page number and bookmark creation time)
  • Favorite hadith entries (collection and hadith ID)
  • Reader preferences (theme, dynamic color, text scale, info text settings, two-page mode, color tone, app language)
  • Reading statistics (dates and pages read, retained in-app for up to about 400 days)
  • App launch state used for user experience prompts (for example review prompts)

Quran and hadith content in the current Android app build is bundled as local app assets and loaded on-device.

Optional Cloud Sync (Google Sign-In + Firebase)

If you enable Cloud Sync, the app signs you in with Google and syncs selected data to Firebase Firestore using your Firebase user ID. Synced data categories are:

  • Bookmarks payload
  • Favorite hadith payload
  • Reader preferences payload
  • Reading statistics payload
  • Sync metadata (schema version and update timestamp)

While signed in, account profile fields may be visible in-app from Firebase Auth (such as display name, email address, and profile photo URL) to show sync status.

Firebase Services Used In Mobile App

  • Firebase Authentication: Google sign-in for optional cloud sync
  • Cloud Firestore: storage and sync of cloud backup data described above
  • Firebase Analytics: app screen view events (for example sanitized route/screen name and screen class)
  • Firebase Crashlytics: crash and error diagnostics, including technical metadata and app-defined keys such as current route and sync error stage
  • Firebase Performance Monitoring: performance traces (for example screen render trace names and screen attributes)
  • Firebase App Check (Play Integrity): helps protect Firebase resources from abuse

Firebase service providers may process device/app identifiers, diagnostic data, and IP/network metadata as part of normal service operation.

Firebase features are only active in app builds configured with a valid Firebase project setup.

Donations, Payments, and Store Integrations

  • Google Play Billing: used for optional donations. Payment processing is handled by Google Play; we do not receive your full payment card details.
  • Google Play In-App Review: used to request an in-app rating flow through Google Play.

Permissions

The Android app requests the INTERNET permission. It does not request location, contacts, camera, or microphone permissions.

Mobile Data Retention and Control

Local app data remains on your device until you remove it, clear app storage, or uninstall the app. If you used cloud sync, cloud data may remain in Firebase until deleted. Signing out stops future sync but does not automatically guarantee immediate remote deletion of previously synced records.

Depending on your Android settings, system-level device backup/restore may also back up app data to your Google account.

Website (This Site)

Analytics

This website uses Vercel Analytics to understand aggregate traffic and improve pages and content.

Website analytics may include:

  • Page views and visit counts
  • Browser, operating system, and device type
  • Approximate location (such as country)
  • Referrer/source information

What we do not use analytics for:

  • Selling personal data
  • Building ad-targeting profiles
  • Cross-site behavioral advertising

Browser Storage

This website stores limited preference data in your browser, including theme selection and cookie consent choice.

Hosting and External Resources

The site is hosted on Vercel and may use third-party resources such as Google Fonts/CDNs. Those providers may process technical request data required to deliver content securely and efficiently.

Data Security

We use industry-standard transport encryption (HTTPS/TLS) for data in transit. For Firebase-backed features, we rely on Firebase security controls and App Check/Play Integrity to reduce abuse. No system is perfect, but we apply reasonable technical and organizational safeguards.

Children's Privacy

Our services are designed for general audiences, including younger users. We do not intentionally collect sensitive personal profile data directly through our own forms. If you believe data related to a child was processed inappropriately, contact us and we will review and act where required.

Third-Party Processors

We do not sell personal data. Depending on the features you use, data is processed by third-party infrastructure providers such as Google Firebase (Auth, Firestore, Analytics, Crashlytics, Performance, App Check), Google Play (Billing and In-App Review), Google Fonts/CDNs, and Vercel (hosting/analytics).

Your Rights

You can control local mobile data by clearing app data or uninstalling the app. If you used cloud sync and want assistance with account-linked cloud data requests, use our Contact page and include enough detail for us to identify the account safely.

You can also use our dedicated Account and Data Deletion page for request instructions.

Where applicable law provides rights (such as access, deletion, objection, or restriction), we will handle valid requests in accordance with legal requirements.

GDPR (EEA/UK) Information

If you are in the European Economic Area (EEA) or the United Kingdom, this section explains additional information under GDPR/UK GDPR.

Legal bases we rely on:

  • Performance of a contract / service request: to provide features you request, such as optional cloud sync.
  • Legitimate interests: to maintain app reliability, security, and performance (for example diagnostics and performance monitoring).
  • Consent (where required): for optional website analytics/cookie choices where applicable.
  • Legal obligations: where processing is required by applicable law.

Your GDPR rights may include: access, rectification, erasure, restriction, objection, and data portability, plus the right to lodge a complaint with your local data protection authority.

To exercise rights, use our Contact page. We may request limited verification details before fulfilling a request.

International Users

Our services are available globally. Third-party providers we use (for example Google and Vercel) may process data in multiple countries. By using the relevant features, you understand that cross-border processing may occur.

Where required, cross-border transfers are handled using available legal mechanisms under applicable law (for example contractual safeguards provided by our processors).

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

If we make significant changes to how we handle privacy, we will notify users through the app or website.

Contact Us

If you have any questions about this privacy policy or our privacy practices, please use our Contact page.