Welcome to OpenAyah. We are committed to protecting your privacy and being transparent about how we handle your information. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights regarding your personal information.
Quick Summary: OpenAyah is designed with privacy in mind. We collect only the minimum data necessary to provide you with a personalized Quran reading experience. We do not sell your data, we do not show advertisements, and we do not track you across other apps or websites.
Table of Contents
- Who We Are
- Information We Collect
- How We Use Your Information
- Third-Party Services
- Data Storage and Security
- Data Retention
- Your Rights
- Children's Privacy
- International Data Transfers
- California Privacy Rights (CCPA)
- European Privacy Rights (GDPR)
- Apple App Store Privacy Details
- Changes to This Policy
- Contact Us
1. Who We Are
OpenAyah is a mobile application developed to help users read, study, and engage with the Quran. Our mission is to provide a beautiful, distraction-free reading experience while respecting your privacy.
Data Controller:
Kitaby LTD
Email: [email protected]
Website: https://openayah.com
2. Information We Collect
2.1 Information You Provide Directly
| Data Type | When Collected | Purpose |
|---|---|---|
| Email Address | When you create an account | Account authentication, password recovery, important service notifications |
| Name | When you sign in with Apple or Google | Personalization (display name in app) |
| Reading Progress | As you read the Quran | Track your position, display progress statistics, sync across devices |
| Bookmarks & Notes | When you save verses or add notes | Store your personal annotations for later reference |
| App Preferences | When you customize settings | Remember your theme, font size, translation preferences, and reading settings |
2.2 Information Collected Automatically
| Data Type | What We Collect | Purpose |
|---|---|---|
| Device Information | Device model, operating system version, app version | Ensure app compatibility, troubleshoot issues |
| Usage Analytics | Features used, reading sessions (stored locally) | Calculate your reading streaks and statistics |
| Crash Reports | Technical error logs (if app crashes) | Fix bugs and improve app stability |
2.3 Information We Do NOT Collect
OpenAyah is designed to respect your privacy. We explicitly do not collect:
- Location data - We do not request or access your device location
- Contacts - We do not access your address book or contacts
- Photos or media - We do not access your camera or photo library
- Audio recordings - We do not record your voice or save audio from your device
- Browsing history - We do not track websites you visit
- Cross-app tracking - We do not track you across other apps
- Advertising identifiers - We do not collect IDFA or similar advertising IDs
- Biometric data - We do not collect fingerprints, face data, or voice prints
3. How We Use Your Information
We use your information only for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide app functionality - Display Quran text, track reading progress, save bookmarks | Contract Performance |
| Sync data across devices - Keep your progress consistent when you use multiple devices | Contract Performance |
| Process subscriptions - Manage premium features and payment processing | Contract Performance |
| Send service notifications - Password resets, account security alerts | Legitimate Interest |
| Improve the app - Analyze crash reports to fix bugs | Legitimate Interest |
| Respond to support requests - Help you when you contact us | Contract Performance |
We do NOT use your information for:
- Advertising or marketing to third parties
- Selling or renting to data brokers
- Profiling for targeted advertising
- Building marketing profiles
4. Third-Party Services
To provide OpenAyah's features, we work with the following trusted third-party service providers:
4.1 Authentication & Data Storage
| Service | Provider | Purpose |
|---|---|---|
| Supabase | Supabase Inc. | User authentication, secure cloud data storage |
| Apple Sign-In | Apple Inc. | Optional secure login method |
| Google Sign-In | Google LLC | Optional secure login method |
4.2 Payment Processing
| Service | Provider | Purpose |
|---|---|---|
| RevenueCat | RevenueCat Inc. | Manage subscriptions and in-app purchases |
| Apple App Store | Apple Inc. | Process iOS payments |
| Google Play | Google LLC | Process Android payments |
Important: We never receive, store, or have access to your credit card numbers, bank account details, or payment credentials.
4.3 No Advertising or Analytics SDKs
OpenAyah does not include any advertising SDKs, tracking pixels, or behavioral analytics services.
5. Data Storage and Security
5.1 Local Storage (On Your Device)
Most of your data is stored locally on your device using encrypted storage:
- Quran text and translations - Stored in local SQLite database
- Reading progress - Cached locally for offline access
- Settings and preferences - Stored in encrypted local storage
- Authentication tokens - Encrypted and stored securely on device
5.2 Security Measures
We implement industry-standard security measures to protect your data:
- Encryption in transit - All data transmitted uses TLS/HTTPS encryption
- Encryption at rest - Sensitive data is encrypted on our servers
- Secure authentication - We use OAuth 2.0 and JWT tokens with short expiration
- Access controls - Strict access controls limit who can access backend systems
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until you delete your account |
| Reading progress & bookmarks | Until you delete your account |
| Local app data | Until you uninstall the app or clear data |
| Crash reports | 90 days |
| Support correspondence | 2 years after resolution |
7. Your Rights
You have the following rights regarding your personal data:
7.1 Access and Portability
You can view your data within the app (Settings > Account) or request a complete export of your data by contacting us.
7.2 Correction
You can update your account information directly in the app or by contacting us.
7.3 Deletion
You can delete your account and all associated data at any time:
- In-app: Go to Settings > Account > Delete Account
- Email: Send a request to [email protected]
8. Children's Privacy
OpenAyah is designed to be family-friendly and suitable for users of all ages. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA) without parental consent.
If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at [email protected].
9. International Data Transfers
Your data may be processed in countries outside your country of residence. Our service providers operate data centers in the United States and European Union. When we transfer data internationally, we ensure appropriate safeguards are in place including Standard Contractual Clauses (SCCs).
10. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the CCPA:
- Right to Know - Request disclosure of personal information collected
- Right to Delete - Request deletion of your personal information
- Right to Opt-Out - We do not sell your personal information
- Right to Non-Discrimination - We will not discriminate against you for exercising your rights
11. European Privacy Rights (GDPR)
If you are located in the EEA, UK, or Switzerland, you have additional rights under the GDPR including the right to lodge a complaint with your local data protection authority and the right to data portability.
12. Apple App Store Privacy Details
OpenAyah does NOT track users. We do not display targeted advertisements, share data with advertising networks, or use IDFA.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date and notify you via email or in-app notification.
14. Contact Us
Privacy Questions?
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [email protected]
General Support: [email protected]
Website: https://openayah.com
We aim to respond to all privacy-related inquiries within 30 days.