Privacy Policy

Introduction

Welcome to Zain ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you understand how your personal information is collected, used, and safeguarded when you use our mobile application ("App") and related services.

This Privacy Policy applies to the Zain mobile application available on iOS and Android platforms, our website at thezainapp.com, and any related services we provide.

By using Zain, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our App.

Information We Collect

Information You Provide Directly

We collect information you provide when you:

• Create an Account: Name, email address, profile picture (optional), and authentication credentials
• Use Our Features: Habit tracking data, reading logs, journal entries, notes, goals, and preferences
• Subscribe: Payment information is processed securely by Apple App Store, Google Play Store, or RevenueCat (our payment processor) - we do not store your credit card details
• Contact Support: Information you provide in support requests or feedback
• Use Social Features: Posts, comments, likes, messages, and content you share with other users

Information Collected Automatically

When you use our App, we automatically collect:

• Device Information: Device type, operating system version, unique device identifiers
• Usage Data: Features used, time spent in the App, actions taken, crash reports
• Location Data: Only for prayer time calculations and with your explicit permission
• Health & Fitness Data: Only if you choose to connect fitness devices (Apple Watch, Health Kit) and grant explicit permission

Information from Third Parties

• Sign-in Services: If you sign in using Apple, Google, or other third-party services, we receive basic profile information according to your privacy settings with those services
• Book Data: When you search for books, we retrieve publicly available book information from Google Books API

How We Use Your Information

We use the information we collect to:

• Provide Core Services: Enable habit tracking, reading logs, journaling, and other App features
• Personalize Your Experience: Customize content, recommendations, and insights based on your usage patterns
• Enable Social Features: Allow you to connect with friends, join challenges, and participate in book clubs
• Process Subscriptions: Manage your Pro subscription and provide premium features
• Send Notifications: Remind you about habits, provide updates, and notify you of social activity (with your permission)
• Improve Our Services: Analyze usage patterns to enhance features and fix issues
• Provide Support: Respond to your questions and requests
• Ensure Safety: Detect and prevent fraud, abuse, or violations of our Terms of Service

Health and Fitness Data

If you choose to connect fitness devices or health apps:

• We only access health data with your explicit, informed consent
• Health data is used solely to track fitness-related habits and provide insights
• We never sell health data to third parties
• We never use health data for advertising purposes
• You can disconnect fitness integrations and delete associated data at any time
• Health data is encrypted both in transit and at rest

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

With Your Consent

• When you choose to share posts, achievements, or content publicly or with specific friends
• When you participate in book clubs or challenges with other users

Service Providers

We work with trusted third-party services that help us operate the App:

• Firebase (Google): Authentication, database, cloud storage, push notifications, and analytics
• RevenueCat: Subscription management and payment processing
• Google Books API: Book search and information
• Apple/Google Health: Fitness data integration (only with your permission)

These providers are contractually obligated to protect your information and only use it to provide services to us.

Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, privacy, safety, or property
• Protect users or the public from harm
• Enforce our Terms of Service

Data Security

We implement industry-standard security measures to protect your data:

• All data transmission is encrypted using TLS/SSL
• Data at rest is encrypted using AES-256 encryption
• Access to user data is restricted to authorized personnel only
• We use secure cloud infrastructure (Google Cloud/Firebase)
• We conduct regular security assessments
• Authentication is secured through Firebase Authentication with support for biometric login

While we strive to protect your information, no method of transmission or storage is 100% secure. We encourage you to use a strong password and enable biometric authentication where available.

Data Retention

• Active Accounts: We retain your data for as long as your account is active
• Account Deletion: When you delete your account, we delete or anonymize your data within 30 days, except where retention is required by law
• Backup Data: Backup copies may persist for up to 90 days after deletion
• Aggregated Data: We may retain anonymized, aggregated data for analytics purposes

Your Rights and Choices

Access and Portability

You can access and export your data from within the App settings. This includes habits, notes, reading history, and other personal data.

Correction

You can update your profile information and correct your data directly within the App.

Deletion

You can delete your account and all associated data through the App settings or by contacting us at support@thezainapp.com. See our Account Deletion page for instructions.

Notifications

You can control notification preferences through the App settings or your device settings.

Location Services

You can enable or disable location access through your device settings. Note that disabling location may affect prayer time accuracy.

Health Data

You can disconnect fitness integrations at any time through the App settings.

Children's Privacy

Zain is not intended for children under 13 years of age (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@thezainapp.com. If we learn we have collected personal information from a child under 13, we will delete that information promptly.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers operate. These countries may have different data protection laws than your country.

We ensure appropriate safeguards are in place to protect your information in compliance with applicable laws, including standard contractual clauses approved by relevant authorities.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to Know: Request information about the categories and specific pieces of personal information we have collected
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do not sell personal information, so this right does not apply
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at support@thezainapp.com.

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights:

• Legal Basis: We process your data based on consent, contract performance, legitimate interests, or legal obligations
• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to certain processing activities
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at support@thezainapp.com. You also have the right to lodge a complaint with your local data protection authority.

Third-Party Links

Our App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy in the App and on our website
• Updating the "Last updated" date at the top of this policy
• Sending you a notification through the App for significant changes

We encourage you to review this Privacy Policy periodically.