Legal

Data Collection Disclosure

What data we collect, why we collect it, and how we use it

بِسْمِ اللَّهِ الرَّحْمَنِ الرَّحِيمِ

In the Name of Allah, Most Gracious, Most Merciful

Last updated: February 2026

1. Overview

This Data Collection Disclosure provides detailed information about what data Assirat App (com.ainnovatex.assirat) collects, why we collect it, and how it is used. We believe in complete transparency about our data practices.

Privacy-First Approach

Assirat App follows an offline-first architecture. Most features work entirely on your device without sending data to any server. When data does leave your device, it's specifically to enable the features you're using.

2. Data We Collect

2.1 Location Data

What: GPS coordinates from your device's location services

When: When you use prayer times, Qibla direction, or mosque finder features

Why: To calculate accurate prayer times, determine Qibla direction, and find nearby mosques

Shared with: Aladhan API (prayer time calculations), Google Maps (mosque finder)

Storage: Processed in real-time; cached locally for offline use; not stored on our servers

Your Control: Deny location access or set a manual location in app settings

2.2 Account Data (Optional)

What: Email address and encrypted password

When: Only if you voluntarily create an account for cloud sync

Why: To enable cross-device sync of bookmarks, reading progress, and settings

Shared with: Supabase (our authentication and backend provider)

Storage: Stored securely on Supabase servers with encryption

Your Control: Account creation is optional; you can delete your account at any time

2.3 Cloud Sync Data (Optional)

What: Bookmarks, Quran reading progress (Khatmah), game statistics, achievements, dhikr counters, Ramadan tracking, Zakat history, notification preferences, and user devices

When: Only if you create an account and enable sync

Why: To keep your data consistent across multiple devices

Shared with: Supabase (backend storage)

Storage: Encrypted on Supabase servers; deletable via in-app data export/delete

2.4 Usage Analytics

What: Anonymized app usage data via Firebase Analytics

  • Screen views (e.g., which features are used most)
  • User properties: preferred language, theme selection
  • Feature interactions: Quran reading, game plays, quiz completions
  • Settings changes

Why: To understand which features need improvement and to prioritize development

Shared with: Firebase / Google Analytics (anonymized)

Storage: Aggregated on Firebase servers per Google's retention policies

2.5 Device Information

What: Device model, operating system version, app version, language/region settings

Why: Compatibility, crash diagnosis, and performance optimization

Shared with: Firebase (crash reports and analytics)

2.6 Camera Data

What: Camera feed for barcode scanning and OCR text recognition

When: Only when you actively use the Halal food scanner or Quran Video Creator

Why: To scan product barcodes and read ingredient labels for halal verification; to create Quran verse videos

Shared with: Google ML Kit (on-device OCR processing — no data leaves your device); Open Food Facts API (barcode numbers only)

Storage: Not stored — processed in real-time

2.7 Microphone Data

What: Audio input for speech recognition

When: Only when you use the voice search feature

Why: To convert speech to text for searching Quran, Hadith, and Duas

Shared with: Device speech recognition service (processed on-device where supported)

Storage: Not stored

2.8 Subscription Data

What: Subscription status and entitlements

When: If you purchase a premium subscription or make a donation

Why: To unlock premium features and manage your subscription

Shared with: RevenueCat (subscription management), Apple App Store / Google Play Store (payment processing)

Storage: Subscription status is stored by RevenueCat; payment details are handled by the app stores — we never see them

3. Data We Do NOT Collect

What We Don't Track

  • Contacts: We never access your contact list
  • Messages: We don't read SMS, emails, or messages
  • Browsing History: No tracking of websites you visit
  • Other Apps: No monitoring of other installed apps
  • Payment Details: Credit card and financial information is handled by app stores — we never see it
  • Personal Worship Habits: We do not track whether you pray, fast, or perform any religious act
  • Audio Recordings: Voice search audio is processed in real-time and never stored
  • Photos: We only access media you explicitly create or save within the app

4. Third-Party Services and Data Flow

4.1 Supabase (Backend)

Purpose: User authentication and cloud data synchronization

Data Received: Email, password (encrypted), user preferences, bookmarks, progress data

When: Only if you create an account

4.2 Firebase (Google)

Purpose: Analytics, crash reporting, and push notifications

Data Received: Anonymized usage patterns, device info, crash logs, push notification tokens

When: Automatically when using the app

4.3 RevenueCat

Purpose: Subscription and in-app purchase management

Data Received: Anonymous user ID, subscription status, entitlements

When: When you interact with premium features or make purchases

4.4 Aladhan API

Purpose: Prayer time calculations and Islamic calendar data

Data Received: Location coordinates, calculation method preference

When: When fetching prayer times (with local Adhan library as offline fallback)

4.5 Open Food Facts API

Purpose: Product lookup for halal food scanner

Data Received: Barcode numbers

When: When scanning a food product barcode

4.6 Google Maps

Purpose: Mosque finder and location mapping

Data Received: Location coordinates for nearby mosque search

4.7 Google ML Kit

Purpose: OCR text recognition for ingredient scanning

Data Received: None — processing happens entirely on your device

4.8 Quran Audio CDNs

Purpose: Streaming Quran recitations

Sources: everyayah.com, mp3quran.net, Islamic Network CDN

Data Received: Standard web request data (IP address, requested audio file)

5. Data Protection Measures

Technical Safeguards:

  • Offline-first architecture: Quran, Hadith, and Duas stored locally in SQLite database
  • Sensitive data encrypted via Flutter Secure Storage
  • All network transmissions use HTTPS encryption
  • Supabase backend uses row-level security policies
  • No unnecessary data collection — we follow data minimization principles

Your Control:

  • Revoke any permission (location, camera, microphone) via device settings
  • Use all core features without creating an account
  • Delete local data by uninstalling the app
  • Delete cloud data via in-app account settings or by contacting us
  • Export your data via the GDPR data export feature in app settings

6. Data Retention

Local Device Data:

Duration: Until you uninstall the app or clear app data

Includes: Settings, bookmarks, reading progress, downloaded content

Cloud Data (Account Users):

Duration: Until you delete your account or request data deletion

Includes: Sync data (bookmarks, progress, game stats, achievements)

Analytics Data:

Duration: Per Firebase default retention policies (14 months for user-level, 2 months for event-level)

Processing: Automatically aggregated and anonymized

7. Your Data Rights

GDPR Rights (EU Users):

  • Right of Access: Request a copy of your data (available in-app)
  • Right to Rectification: Update your account information
  • Right to Erasure: Delete your account and all cloud data
  • Right to Data Portability: Export your data in a standard format
  • Right to Object: Opt out of analytics data collection

CCPA Rights (California Users):

  • Right to know what data is collected
  • Right to request deletion of data
  • Right to opt out of data sales (we do not sell data)

8. Islamic Principles in Data Handling

Islamic Values in Privacy

  • Amanah (Trust): Your data is a trust we are obligated to protect
  • Sitr (Privacy): Personal religious practices are private and never tracked
  • Adl (Justice): Fair and transparent data practices for all users
  • Maslaha (Benefit): Data is used only to benefit users and the Muslim community

9. Contact Us

Data Protection Contact

Email: asiratapp@gmail.com

Subject Line: "Data Request - [Your Request Type]"

  • Data Access: "What data do you have about me?"
  • Data Deletion: "Please delete my data"
  • Data Export: "Please send me my data"
  • Opt-Out: "Please stop collecting my data"

Response Time: Within 48 hours

وَمَا يَخْفَى عَلَى اللَّهِ مِن شَيْءٍ فِي الْأَرْضِ وَلَا فِي السَّمَاءِ

And nothing is hidden from Allah on the earth or in the heaven

This disclosure represents our commitment to transparency and respect for your privacy. Protecting your personal information is both a legal responsibility and a moral obligation.