Privacy Policy
Nadwa — mosque community & Quran memorization app · Last updated: 11 July 2026
This Privacy Policy explains what information the Nadwa mobile app (“Nadwa”, “the app”, “we”, “us”) collects, how we use it, and the choices you have. Nadwa is operated by AlphaAlgorithms. By using the app you agree to the practices described here.
1. Who we are (data controller)
AlphaAlgorithms is the data controller for information processed through Nadwa. For any privacy question or request, contact us at meshal@alphaalgorithms.io.
2. Authentication
We do not build or manage passwords ourselves. Sign-in is handled by our authentication provider, Clerk, which supports OAuth / social sign-in and email-based login. When you sign in, Clerk verifies your identity and shares a unique account identifier and your email address with Nadwa. Your password or social-login credentials are held by Clerk (and, for social logins, the identity provider you chose) — never by Nadwa. See Clerk’s privacy notice at clerk.com/legal/privacy.
3. Information we collect
We collect only what the app needs to run a mosque community and its Quran memorization program. Specifically:
| Category | Examples | Why |
|---|---|---|
| Account & identity | Email address, display name, authentication provider ID (from Clerk) | To create your account and sign you in |
| Profile | City, ZIP/postal code, approximate location (latitude/longitude derived from the ZIP you enter), gender, and a shareable friend code | To help you find and join a nearby mosque and connect with other members |
| Membership | The mosque(s) you belong to, your role (member, teacher, admin, etc.), and status | To grant the right access and keep each mosque’s data separate |
| Children / student profiles | Child’s name, date of birth, gender, grade level, study notes, memorization progress, grades, and attendance | Entered by a parent or teacher to run the Quran memorization program. See section 4. |
| Community content | Events, announcements, comments, reactions, and RSVPs you create or interact with | To power the community features of the app |
| Device & notifications | Push notification token, device platform (iOS/Android), and device name | To deliver push notifications you’ve opted into |
| Payments | A Stripe customer ID and subscription ID | To process class tuition. Card numbers are handled by Stripe — see section 6. |
| Technical logs | IP address, request timestamps, and basic diagnostic logs | Standard server logging for security, reliability, and debugging |
We do not collect precise GPS/device location, your contacts, your photos (beyond images you deliberately upload for an event), or advertising identifiers, and we do not use third-party advertising or analytics SDKs.
4. Children’s data
Nadwa’s memorization program is designed for parents and teachers to manage on behalf of children who typically do not have their own accounts. A child’s profile is created and controlled by the parent or the mosque teacher/admin, not by the child. We collect only the information needed to run the program (listed above) and do not knowingly allow children to create their own accounts. If you are a parent and want a child’s profile deleted, see section 9 or email us.
5. How we use information
- To provide, maintain, and improve the app’s features
- To authenticate you and keep your account secure
- To connect you with your mosque and its members
- To run the Quran memorization program (classes, lessons, grading, attendance)
- To send notifications you’ve opted into
- To process tuition payments
- To detect, prevent, and respond to fraud, abuse, or security issues
We do not sell your personal information, and we do not use it for third-party advertising.
6. Third-party services (sub-processors)
We rely on a small number of trusted providers to run the app. They process data only to provide their service to us:
- Clerk — authentication and identity (email, account ID).
- Stripe — payment processing. When you pay tuition, your card details are collected and stored by Stripe under its own security and PCI compliance; Nadwa never sees or stores your full card number. See stripe.com/privacy.
- Expo — push notification delivery (via the Expo push service).
- Cloud hosting — our servers and database are hosted on Microsoft Azure.
7. Data security
In transit:All communication between the app and our servers is encrypted using HTTPS/TLS (certificates issued by Let’s Encrypt). Traffic to Clerk, Stripe, and Expo is likewise encrypted over HTTPS.
At rest:Our database and file storage run on managed cloud infrastructure (Microsoft Azure) with access restricted to authorized systems and staff. Payment card data is isolated within Stripe’s PCI-compliant environment.
No method of transmission or storage is 100% secure, but we take reasonable measures to protect your information.
8. Data retention
We keep your information for as long as your account is active and as needed to provide the app. When you request deletion (section 9), we remove your personal data and any student profiles you manage, except where we must retain limited records to comply with legal, tax, or accounting obligations (for example, payment records held by Stripe).
9. Your rights & deleting your data
You can request access to, correction of, or deletion of your personal data at any time. To request deletion of your account and associated data, follow the instructions on our Data Deletion page or email meshal@alphaalgorithms.io. We will respond within 30 days.
10. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be reflected by the “Last updated” date above. Continued use of the app after an update constitutes acceptance of the revised policy.
11. Contact
AlphaAlgorithms
Privacy contact: meshal@alphaalgorithms.io