Privacy Policy
This Privacy Policy describes how the Haneef mobile application ("App", "we", "us", or "our") collects, uses, stores, shares, and protects your personal data. By downloading, installing, or using the App you agree to the practices described in this policy. If you do not agree, please do not use the App.
1. Data Controller
The data controller responsible for your personal data is the operator of the Haneef application. For any privacy-related enquiries you can reach us at privacy@haneef.nl.
2. Information We Collect
2.1 Information you provide
- Account data - email address, display name, and avatar when you create an account. If you sign in with Google, we receive your name, email, and profile photo from Google.
- Religious preferences - Islamic school of thought (madhab), prayer calculation method, and language preference.
- User-generated content - prayer logs, Quran reading progress, bookmarks, learning progress, quiz results, dhikr sessions, and reminder settings.
- Social data - friend requests, circle memberships, and community participation you initiate.
- Feedback and support - any information you voluntarily include when contacting us via email.
2.2 Information collected automatically
- Device and usage analytics - screen views, feature usage events, app language, theme preference, and authentication state. Collected via Firebase Analytics.
- Crash and diagnostic data - error type, error message, abbreviated stack trace, and platform identifier. Collected via Firebase Crashlytics.
- Location data - approximate or precise location, only when you grant permission, used to calculate prayer times, determine Qibla direction, and find nearby mosques. We do not continuously track your location in the background.
- Notification permission status - whether you have granted or denied notification permissions.
2.3 Purchase information
If you subscribe to Haneef Premium, Google Play Billing processes the transaction. We receive a purchase token, product identifier, and subscription status for validation purposes. We do not have access to your payment card details.
3. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide core features - prayer times, Quran reader, learning modules, reminders, and social features | Performance of contract |
| Synchronise your progress and settings across devices | Performance of contract |
| Validate subscriptions and manage premium access | Performance of contract |
| Send local prayer and reminder notifications you configure | Consent |
| Analyse aggregated usage to improve the App | Legitimate interest |
| Detect and resolve crashes, errors, and abuse | Legitimate interest |
| Display public profile information to other users in social features | Legitimate interest / Consent |
4. Data Sharing and Third-Party Services
We do not sell your personal data. We share data only with the following categories of service providers, strictly for the purposes described:
| Service | Provider | Data Shared | Purpose |
|---|---|---|---|
| Authentication and database | Google Firebase | Account data, user content, analytics events, crash reports | User authentication, cloud storage, analytics, crash diagnostics |
| Sign-in | Google Sign-In | Email, name, profile photo from Google | Account creation and login |
| Subscription billing | Google Play Billing | Purchase token, product ID, package name | Subscription validation |
| Mosque location data | Overpass API and OpenStreetMap | Latitude and longitude coordinates | Finding nearby mosques |
| Reverse geocoding | Nominatim and OpenStreetMap | Latitude and longitude coordinates | Converting coordinates to addresses |
| Quran content | Alquran.cloud API | Requested surah and ayah identifiers | Retrieving Quran text, translations, and audio |
5. Data Shared Between Users
When you use social features, certain information is visible to other authenticated users:
- Public profile - display name, username, avatar, madhab, level, streak, rank, and premium status.
- Circles - within a circle, members can see your display name, avatar, role, prayer progress, and learning progress.
- Duels - quiz opponents can see your display name and quiz score.
You can limit your visibility by enabling privacy options in App settings.
6. Data Storage and Security
- On your device - prayer logs, learning databases, reminder settings, and cached content are stored locally using encrypted platform storage and SQLite databases.
- In the cloud - if you are signed in, your account data and progress are stored in Google Firebase with encryption in transit and at rest.
We implement appropriate technical and organisational measures to protect your data, including Firestore security rules that ensure users can only access their own data.
7. Data Retention
- Account and user content - retained while your account is active. Deleted within 30 days of a verified deletion request.
- Analytics data - retained for up to 14 months.
- Crash reports - retained for 90 days in Firebase Crashlytics.
- Local data - remains on your device until you uninstall the App or clear app data.
8. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access - request a copy of the personal data we hold about you.
- Rectification - request correction of inaccurate data.
- Erasure - request deletion of your account and associated data.
- Restriction - request that we limit processing of your data.
- Data portability - request your data in a structured, machine-readable format.
- Objection - object to processing based on legitimate interest.
- Withdraw consent - withdraw previously given consent at any time via your device settings.
To exercise any of these rights, contact privacy@haneef.nl. We will respond within 30 days.
9. International Data Transfers
Your data may be processed in countries outside your country of residence, including the United States, where Google Firebase infrastructure is located. Where such transfers occur, they are protected by appropriate safeguards including Standard Contractual Clauses.
10. Account Deletion
You may request deletion of your account and all associated data at any time by emailing privacy@haneef.nl with the subject "Delete my Haneef account". We will process verified requests within 30 days.
If you have an active Google Play subscription, please cancel it in Google Play before requesting account deletion.
11. Children's Privacy
The App is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a child under 16, please contact us and we will promptly delete the data.
12. Cookies and Tracking Technologies
The App does not use cookies. Firebase Analytics uses device-level identifiers to associate usage events. You can reset your advertising identifier or opt out through your device settings. We do not serve advertising.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, notify you via the App.
14. Contact Us
If you have questions or concerns about this Privacy Policy, contact us at privacy@haneef.nl.