Privacy Policy — SalahMate
1. Introduction
SalahMate ("the App") helps you track daily prayer, journal entries, streaks, circles with people you trust, and optional reminders and alarms. We use analytics to understand how the App is used and to improve reliability. We may introduce advertising in the future; if we do, we will describe it here and adjust the App or obtain consent where required. This policy explains what information we process, why, and your choices.
2. Who we are
The App is operated by Muhammad Haseeb. When you use the App, we act as a controller of certain personal data described below. Some processing is done on our behalf by service providers (see Section 6).
3. Information we collect and why
3.1 Account and profile (when you sign in)
If you choose Sign in with Google, Google shares authentication data with us as part of that sign-in (for example an identifier and, where available, your name and email) so we can create and maintain your account.
We store a user profile in our database, including items such as: your user id, email, display name, location label (for example city or region you set or that we derive from device location—see Section 3.2), prayer calculation preferences, reminder settings, streak counts, optional feature flags (for example whether Period Mode, the Fajr alarm, or app blocking is enabled), and timestamps when your profile is updated.
We use this information to run the App: show your name, compute prayer times and reminders, sync your settings across devices when you use the same account, and provide community features you opt into.
3.2 Location
The App may request approximate or precise device location so we can calculate prayer times for where you are and, where applicable, show or save a human-readable place (for example city or region) in your profile.
Storage: Location-related data needed for prayer times and your profile is stored in our database—for example coordinates or derived position we use for calculation, saved place labels, calculation-method preferences tied to that place, and timestamps when location or preferences change. We use this data to sync prayer times and settings across devices when you use the same account and to operate location-dependent features.
You can control location permission in your device settings. If you deny location, features that depend on it may be limited or unavailable. You may also be able to enter or adjust a place manually in the App instead of using live GPS, depending on the version.
3.3 Prayer activity and journal
Prayer logs (which prayer, date, time, and status such as on time, late, excused, or missed) and related journal content you enter are stored so the App can show history, streaks, and your journal inside the App.
Period Mode is designed to adjust how the App prompts and tracks streaks during menstruation. Your choice is stored with your profile; we treat it as sensitive health-related preference you control.
3.4 Circles and nudges
If you use circles, we store circle membership, circle names, and related data needed for those features.
Nudges (gentle reminders from people in your circle) may be delivered using push notifications (see Section 3.5). Content is limited to what is needed for that feature.
3.5 Notifications and device tokens
If you allow notifications, we use Firebase Cloud Messaging (FCM) to deliver push messages (for example nudges or reminders, depending on your settings).
We store a device push token associated with your account so messages can reach your device. Tokens can change over time and are updated when the App runs.
3.6 Camera and on-device analysis (optional Fajr alarm)
If you enable the Smart Fajr alarm and grant camera permission, the App uses the camera so you can silence the alarm by pointing the device at a prayer mat, using on-device image analysis (Google ML Kit image labeling).
For each check, the App may capture a still frame on your device, analyze it locally, then delete the image file from your device. We do not upload your camera images to our servers for this mat-detection flow.
You can skip camera permission and still use other parts of the App; the mat-based silence flow requires camera access when you choose to use it.
3.7 Optional app blocking (Android)
On Android, if you turn on app blocking, you may be asked to enable an Accessibility Service so the App can detect when a blocked app opens during prayer-related windows you configure, and show a blocking overlay. This uses package names and timing needed for blocking; it is controlled on your device and tied to your explicit setup.
3.8 Technical and security data
Like most online services, our servers and providers may automatically receive technical data (for example IP address, device type, timestamps) when the App talks to our backend. We use this to operate, secure, and improve the service.
3.9 Analytics
We use analytics services to measure how the App is used, diagnose crashes, and improve features and performance. Depending on how analytics is configured, these services may collect and process data such as: device identifiers (for example advertising or analytics IDs where permitted), device model and manufacturer, operating system version, screen size or language, app version, installation and session information, general geographic region (often derived from IP address by the analytics provider), in-App events (for example screens viewed or features used), and error or diagnostic logs.
Analytics data may be associated with your account, a pseudonymous installation ID, or your device as allowed by the platform and your settings. Analytics providers process this information on our behalf under their own terms and privacy policies (see Section 6).
3.10 Advertising (possible future feature)
We may introduce advertising in the App (for example banner or interstitial ads). If we do, ads may be shown by us or by third-party ad networks and partners. Those partners may use identifiers, device details, and usage or performance data to deliver, personalize, frequency-cap, and measure ads, subject to platform rules and applicable law.
Where required, we will ask for consent before enabling personalized or interest-based advertising, or rely on platform-level settings you control (for example on iOS or Android). We will update this policy when advertising goes live so you can see what data is involved and your opt-out choices.
4. Legal bases (if you are in the EEA, UK, or similar regions)
Depending on where you live, we rely on one or more of: contract (providing the App you asked for), legitimate interests (security, reliability, analytics that does not require consent under local law, and improving the App—balanced against your rights), and consent where required (for example optional notifications, camera, location, certain analytics or advertising preferences, or personalized ads when we introduce them). You may withdraw consent where applicable by changing device or in-App settings and, for account-linked data, by contacting us.
5. Retention
We keep your information for as long as your account is active and as needed to provide the App. We may delete or anonymize data when it is no longer needed, unless we must keep it longer for legal, security, or dispute reasons. Analytics and server logs may be kept for shorter rolling periods or in aggregated form, according to our configuration and provider settings.
6. Sharing of information
We do not sell your personal information to data brokers for a fee. If we introduce third-party advertising, ad partners may receive or derive identifiers and limited usage or device data to show and measure ads, as described in Section 3.10 and in their respective policies. What they collect and how they use it is subject to applicable law (including opt-out rights in some regions) and platform rules.
We share data with service providers as needed to run the App:
- Supabase — authentication, database, and realtime features for your account, profile, location fields stored with your profile, logs, circles, and related data.
- Google — Google Sign-In (and related account services).
- Google Firebase — Firebase Cloud Messaging for push delivery, and Firebase or other Google services we use for analytics, crash reporting, or (if enabled) performance monitoring, which may process device-level and usage data as described in Section 3.9.
- Analytics providers — tools we use to collect aggregated or event-level analytics and device details (see Section 3.9). The specific vendors may change; we will keep this policy aligned with what we actually use.
- Advertising partners (if/when ads are enabled) — ad networks or exchanges that display ads in the App and measure impressions and clicks. Their use of data is governed by their policies and by your consent or device settings where applicable.
These providers process data under their own terms and privacy policies, as well as agreements we have with them where applicable.
We may also disclose information if required by law, to protect rights and safety, or as part of a business transfer (for example merger), subject to applicable law.
7. International transfers
Your information may be processed in countries other than where you live, including where our providers host data (for example the United States or the European Union, depending on configuration). Where required, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms.
8. Security
We use reasonable technical and organizational measures to protect your information. No method of transmission or storage is completely secure.
9. Your rights
Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing (including some analytics or advertising processing where the law allows), and to withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority. Device and system settings may offer additional controls for analytics or interest-based advertising.
To exercise rights, contact us at mhaseeb.inbox@gmail.com. You can also delete your account or data through controls we provide in the App or app store where available; if we cannot offer self-service deletion yet, email us and we will process verifiable requests as required by law.
10. Children
The App is not directed at children under 13. We do not knowingly collect personal information from children. If you believe we have, contact us and we will delete it.
11. Changes
We may update this policy from time to time. We will post the new effective date at the top and, where appropriate, notify you in the App or by email.
12. Contact
Questions about this policy: mhaseeb.inbox@gmail.com