Privacy Policy

1. Introduction

myShahada ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services (collectively, the "Services").

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Services.

2. Information We Collect

2.1 Personal Information You Provide

• Name, email address, phone number
• Date of birth and gender (optional)
• Location data (city, country)
• Religious affiliation and conversion information (for Shahada certificate services)
• Account credentials (username, password)
• Communication preferences
• Content you create (questions, comments, feedback)
• Event registration information
• Prayer time preferences

2.2 Information Collected Automatically

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, time spent, click patterns)
• Cookies and similar tracking technologies
• Location data (with your permission)
• Analytics data

2.3 Special Category Data

Religious beliefs and affiliations are considered special category data under GDPR. We process this data only with your explicit consent or where necessary for providing religious services you have requested.

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

• Consent: For marketing communications, special category data, and optional services
• Contract: To provide services you have requested
• Legitimate Interest: For service improvements, security, and fraud prevention
• Legal Obligation: To comply with applicable laws and regulations
• Vital Interests: In emergency situations affecting life or safety

4. How We Use Your Information

• Provide and maintain our Services
• Process Shahada certificates and religious documentation
• Connect you with Islamic scholars and community resources
• Send prayer time notifications and religious reminders
• Respond to your questions and provide customer support
• Send administrative and service-related communications
• Improve and personalize your experience
• Conduct research and analytics
• Prevent fraud and enhance security
• Comply with legal obligations
• With your consent, send marketing communications

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

• Service Providers: With trusted third parties who assist in operating our Services (hosting, analytics, email delivery)
• Islamic Scholars: With certified scholars when you request religious guidance or certificates
• Legal Requirements: When required by law, court order, or government request
• Protection of Rights: To protect our rights, privacy, safety, or property
• Business Transfers: In connection with merger, acquisition, or sale of assets
• Consent: With your explicit consent

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

• Account information: Until account deletion plus legal retention period
• Shahada certificates: Permanently for religious documentation purposes
• Communications: 3 years or as required by law
• Analytics data: 26 months
• Marketing preferences: Until withdrawn

8. Your Privacy Rights

8.1 Rights Under GDPR (European Users)

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Request limited processing of your data
• Portability: Receive your data in a portable format
• Object: Object to certain processing activities
• Withdraw Consent: Withdraw previously given consent
• Complaint: Lodge a complaint with supervisory authorities

8.2 Rights Under CCPA (California Residents)

• Know: Right to know what personal information is collected, used, shared, or sold
• Delete: Right to request deletion of personal information
• Opt-Out: Right to opt-out of sale of personal information (we do not sell data)
• Non-Discrimination: Right not to be discriminated against for exercising privacy rights

To exercise these rights, contact us at contact@myShahada.net. We will respond within 30 days (GDPR) or 45 days (CCPA).

9. Children's Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place through:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with service providers
• Compliance with Privacy Shield principles (where applicable)

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Maintain your session and preferences
• Analyze usage and improve our Services
• Provide personalized content
• For security and fraud prevention

You can control cookies through your browser settings. Note that disabling cookies may affect functionality.

12. Third-Party Services

Our Services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

13. Marketing Communications

With your consent, we may send you marketing communications about our Services, events, and Islamic content. You can opt-out at any time by:

• Clicking "unsubscribe" in any marketing email
• Updating your account preferences
• Contacting us directly

14. Data Breach Notification

In the event of a data breach that may affect your personal information, we will notify you and relevant authorities within 72 hours of becoming aware of the breach, as required by applicable laws.

15. Updates to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We may also notify you via email for significant changes.

16. Contact Us

For questions about this Privacy Policy or to exercise your privacy rights, contact us at:

17. Regulatory Compliance

This Privacy Policy complies with:

• General Data Protection Regulation (GDPR) - EU/EEA
• California Consumer Privacy Act (CCPA/CPRA) - California, USA
• Children's Online Privacy Protection Act (COPPA) - USA
• Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
• Data Protection Act 2018 - United Kingdom