Privacy Policy

Important: This policy explains how we handle personal data. Have it reviewed for your jurisdictions (including GDPR, UK GDPR, CCPA/CPRA, or local equivalents) before app store submission.

1. Who we are

Controller: [YOUR LEGAL ENTITY NAME], [ADDRESS]. Replace with your details. Contact: noreply@islamate.com

2. What we collect

We may process:

• Account data: name, email, phone, country, password hash, and verification status.
• Identity & address: document type and number, address lines, and images of ID documents you upload for verification.
• Usage & technical data: IP address, device/browser type, timestamps, approximate location derived from IP, and records needed for security and fixing problems.
• Communications: messages, files, and media you send through the Service, subject to retention and subscription rules.
• Payment data: we use payment processors; we typically do not store full card numbers on our servers.

3. Why we use data (purposes)

• To provide the Service, authenticate you, and sync messages and calls.
• To verify identity, prevent fraud, and meet legal obligations.
• To process subscriptions and invoices through third-party payment providers.
• To improve reliability, security, and support (including abuse detection).
• To communicate with you about the Service, security, and legal notices.

4. Legal bases (EEA/UK users)

Where GDPR/UK GDPR applies, we rely on: contract (providing the Service); legitimate interests (security, fraud prevention, product improvement balanced against your rights); legal obligation; and consent where required (for example optional marketing, if any).

5. Sharing & subprocessors

We may share data with:

• Infrastructure and hosting providers.
• Payment processors involved in your transaction, as indicated at checkout.
• Real-time messaging providers (for example Pusher or compatible servers) for push and channels.
• Authorities when required by law or to protect rights and safety.

We do not sell your personal information as “sale” is defined under CCPA/CPRA for those terms. We may use service providers under strict terms.

6. International transfers

If data is processed in countries other than your own, we use appropriate safeguards (such as Standard Contractual Clauses) where required.

7. Retention

We keep data only as long as needed for the purposes above, including legal, tax, and dispute resolution. Message retention may depend on your plan (for example free-tier limits vs subscribed history). Identity documents may be retained for verification and audit periods, then deleted or minimized as policy allows.

8. Your rights

Depending on your location, you may have rights to access, rectify, delete, restrict, port, or object to processing, and to withdraw consent where processing is consent-based. You may lodge a complaint with a supervisory authority. Contact us at the email above.

9. Children

The Service is not directed at children under the age required by law (often 13 or 16). Do not register if you are under that age.

10. Cookies & similar technologies

We use cookies and similar technologies to keep you signed in securely and remember your preferences where applicable. See our Cookie Policy for details.

11. Data protection summary

For a concise summary of processing and your rights (especially in the EU/UK), see our Data protection page.

12. Changes

We may update this Policy. We will adjust the “Last updated” date and, where required, provide additional notice.