Privacy & Data Protection

Your privacy matters to us. Learn how we protect your data and ensure your Islamic practice remains secure and private.

Data Controller Information

Rowhni is an Islamic companion app. The data controller responsible for your personal data is the app developer.

Data Collection

We collect only essential data needed to provide Islamic features and improve your experience.

Location Services

Device location for accurate prayer times and Qibla direction calculations.

App Preferences

Your settings, calculation methods, and notification preferences.

Account & Sync Data (Optional)

If you choose to sign in, we process your account identifier/email and the content you opt to sync (e.g., preferences, progress) via Firebase.

Camera (Halal Scanner)

When you use the halal scanner, the camera reads ingredient text on-device. Recognized text may be sent to our AI provider for analysis; images are not stored.

AI Assistant

Text you enter in “Ask Rowhni” is sent to OpenAI to generate a response. No account identifiers are attached to these requests.

Usage Analytics

Privacy-friendly analytics via Plausible Analytics to understand app performance and feature usage - no personal data collected.

Advertisement Data

The Android version of Rowhni does not display any advertisements. Where contextual ads are shown (other platforms/editions), only non-personal contextual data is used - no cross-app tracking or personal profiling.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under GDPR and applicable privacy laws.

Essential App Functions (Art. 6(1)(b) GDPR)

Processing necessary for contract performance:

  • Prayer time calculations based on your location
  • Qibla direction using device compass
  • Voice-powered dhikr counting (processed on-device only)
  • App settings and preferences storage
Legal Basis: Contract Performance

Optional Features (Art. 6(1)(a) GDPR)

Processing based on your explicit consent:

  • Prayer reminder notifications
  • App usage analytics (anonymized via Plausible)
  • Feature improvement data
Legal Basis: Explicit Consent (withdrawable anytime)

Advertisement Support (Art. 6(1)(f) GDPR)

Contextual advertisements to support free app development:

  • Islamic-themed contextual ads based on app sections
  • No personal data collection or cross-app tracking
  • No behavioral profiling or personalization
  • Third-party ad networks process only non-personal contextual data
Legal Basis: Legitimate Interest (supporting free Islamic app)

Data Protection Standards

Data Processors & Recipients

We only share data with processors necessary for app functionality, all bound by data protection agreements.

Apple Inc. (Distributor & Service Provider)

Program Terms: In accordance with the Apple Developer Program License Agreement (Schedule 2), Apple acts as our agent for marketing and making apps available on the App Store and as merchant of record for paid transactions.

Purpose: App distribution, hosting, formatting for download, billing, refunds, tax handling, iCloud synchronization

Controller Roles:
Apple is the controller for App Store transaction, account and receipt data.
Rowhni is the controller for in‑app processing (e.g., preferences, location for prayer times) performed on your device or in our services.

Legal Safeguards: Apple's Privacy Policy, Data & Privacy portal, Standard Contractual Clauses where applicable

Data Types handled by Apple: App purchase history, receipts, refunds, region and tax data, Apple ID account metadata

Apple Privacy PolicyApple Data & Privacy

Google Play (Android Distributor & Service Provider)

Purpose: On Android, Google Play distributes the app, hosts updates, and acts as merchant of record for paid purchases and subscriptions (billing, refunds, taxes).

Controller Roles:
Google is the controller for Play Store transaction, account and receipt data.
Rowhni is the controller for in‑app processing performed on your device or in our services.

Data Types handled by Google Play: Purchase history, subscription status, region and tax data, Google account metadata

Google Privacy Policy

Google Firebase (Accounts, Sync & Notifications)

Purpose: Optional sign‑in, cloud sync of your data, and push notifications are powered by Firebase Authentication, Cloud Firestore, Cloud Storage and Cloud Messaging.

Data Types: Account identifier/email (only if you sign in), the app content you choose to sync, and a device push token

Legal Safeguards: Processed under Google's Data Processing Terms and Standard Contractual Clauses where applicable

Firebase Privacy & Security

OpenAI (AI Assistant)

Purpose: The optional “Ask Rowhni” assistant and AI‑assisted features send the text of your question (and, for the halal scanner, recognized ingredient text) to OpenAI to generate a response.

Data Types: The text you submit. No account identifiers are attached to these requests.

Legal Safeguards: Processed via the OpenAI API; API data is not used to train OpenAI's models.

OpenAI Privacy Policy

Google Maps Platform (Mosque Finder)

Purpose: The mosque finder displays maps and nearby places. Your approximate location is sent to Google to return relevant results.

Data Types: Approximate location and map interaction data

Google Privacy Policy

Advertisement Partners (Non-Personal Data Only)

Purpose: Display contextual advertisements to support free app development

Data Shared: Only non-personal contextual data (current app section, Islamic content category)

No Personal Data: No user identification, no tracking, no behavioral profiling

Legal Safeguards: Data Processing Agreements ensuring GDPR compliance and no personal data collection

Plausible Analytics (Privacy-First)

Purpose: Privacy-friendly web analytics for app performance monitoring

Data Types: Aggregated usage statistics, no personal identification

GDPR Compliance: EU-based, no cookies, no personal data storage

App Store Distribution & Roles

To align with the Apple Developer Program License Agreement (Schedule 2):

  • Apple acts as agent and merchant of record for paid app distribution via the App Store.
  • Apple may host, copy, format and make available the app for download; Apple issues invoices and processes payments/refunds.
  • Rowhni does not receive your full payment details; we only receive information necessary to operate the app (e.g., eligibility for features).
  • For rights regarding App Store transactions, receipts or Apple ID account data, use Apple’s Data & Privacy portal.
  • For in‑app data (location, preferences, on‑device voice processing), your rights can be exercised via App Store support as described below.

International Data Transfers

When data is transferred outside the EEA/UK, we ensure adequate protection through legal mechanisms.

Apple's Global Infrastructure

Data may be processed in Apple's data centers globally. Apple ensures protection through:

  • EU-US Data Privacy Framework participation
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Technical and organizational measures

Your Rights Remain Protected

Regardless of processing location, your data protection rights under GDPR remain fully enforceable. You can exercise these rights through App Store support.

Data Retention Periods

We apply data minimization principles and retain data only as long as legally required or necessary for legitimate purposes.

Location Data

Storage: Device-local only, never transmitted to servers

Retention: Until app deletion or location permission withdrawal

Purpose: Real-time prayer time calculation

Voice Processing Data

Storage: Processed entirely on-device

Retention: Not stored - processed and discarded immediately

Purpose: Voice-powered dhikr counting

App Preferences & Settings

Storage: Device-local and, if you sign in, optionally synced to your account (iCloud on iOS, Firebase on Android)

Retention: Until manually deleted or app uninstalled

Purpose: Maintain user customizations across devices

Privacy-Friendly Analytics

Storage: Plausible Analytics (EU-based, privacy-first)

Retention: Maximum 24 months aggregated data, no personal information

Purpose: App improvement and performance optimization

Advertisement Context Data

Storage: Not stored - processed in real-time only

Retention: Immediately discarded after ad display

Purpose: Show relevant Islamic-themed contextual advertisements

Your Legal Rights

Under GDPR, CCPA, and other privacy laws, you have enforceable rights over your personal data. For in‑app data, exercise your rights through App Store support; for App Store transaction/account data, visit Apple’s Data & Privacy portal.

Right to Access (Art. 15 GDPR)

Request a complete copy of your personal data, including processing purposes and recipients.

In‑app data: via App Store support • App Store transactions: via Apple Data & Privacy

Right to Rectification (Art. 16 GDPR)

Correct inaccurate personal data or complete incomplete information.

Most corrections can be made directly in app settings

Right to Erasure (Art. 17 GDPR)

Request deletion of your personal data when processing is no longer necessary.

Uninstalling the app deletes local data; request server deletion via App Store

Right to Restriction (Art. 18 GDPR)

Limit processing of your data in specific legal circumstances.

Request through App Store support with specific justification

Right to Portability (Art. 20 GDPR)

Receive your data in a structured, machine-readable format for transfer.

Available for data processed based on consent or contract

Right to Object (Art. 21 GDPR)

Object to processing based on legitimate interests, including contextual advertisements.

Disable analytics and contextual ads in app settings or upgrade to Rowhni Pro

Right to Withdraw Consent

Withdraw consent for optional features like notifications and analytics.

Available in app settings under Privacy section

Right to Complain

Lodge complaints with your local data protection authority if rights are violated.

Contact your national DPA (e.g., ICO in UK, CNIL in France)

Security & Data Protection Measures

Data Encryption

All data encrypted in transit (TLS 1.3) and at rest using the platform's data-protection APIs (Apple Data Protection on iOS, Android Keystore and file-based encryption on Android).

Privacy by Design

Voice processing on-device only, contextual ads without personal data collection, Plausible Analytics for privacy-friendly insights.

Access Controls & Audits

Secure keystore storage for sensitive data (iOS Keychain / Android Keystore), regular security assessments, OWASP MASVS-L1 compliance for mobile app security.

Children's Privacy (COPPA Compliance)

Age Restrictions: Rowhni is intended for a general audience as indicated by its app-store age rating. We do not knowingly collect personal information from children under 13 (COPPA) or 16 (GDPR Article 8).

Parental Notice: If you believe a child under the applicable age has provided personal information, immediately contact us through App Store support for prompt deletion.

Islamic Education: While Islamic content is educational, the app's technical features require mature handling of privacy settings and location permissions.

Religious Content Disclaimer

Educational Purpose: Rowhni provides Islamic prayer times, dhikr counting, and Quran reading features for personal spiritual practice and education.

No Religious Authority: The app and its developers do not represent any Islamic authority or institution. For religious rulings (fatawa), interpretation of Islamic law, or specific religious guidance, consult qualified Islamic scholars or recognized religious institutions.

Accuracy Disclaimer: While we strive for accuracy in prayer times and Islamic content, users should verify important religious information with local Islamic authorities.

Policy Updates & Changes

Notification Method: Material changes to this Privacy Policy will be communicated through:

  • In-app notifications upon opening the app
  • App Store update descriptions
  • Updated version posted on this website

Your Options: If you disagree with material changes, you may delete the app. Continued use after notification constitutes acceptance under applicable law.

Version Control: This policy version is effective July 2026. Previous versions are archived and available upon request through our contact form.

Privacy Contact

Reach us any time through our contact form. Privacy and data-protection requests are answered within 30 days as required by GDPR.

Exercise Your Rights

Data Subject Requests: Access, rectification, erasure, portability, and restriction requests.

Response Time: We will respond within 30 days as required by GDPR.

Submit a Request

Privacy Violations

Report Issues: Data breaches, unauthorized access, or privacy violations.

Escalation: If unsatisfied, contact your local Data Protection Authority.

Report an Issue

Legal Representatives

EU Users: We will designate an EU representative if legally required under GDPR Article 27.

UK Users: UK representative information available upon request through our contact form.

Request Representative Info