← Back to DuruApps

Privacy Policy - DuruApps

Last Updated: March 9, 2026

1. Introduction

Welcome to DuruApps. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you use our mobile applications (FastTally, Hatim, and Community) and tell you about your privacy rights.

Developer: Duru Apps
Apps: FastTally, Hatim, Community
Website: duruapps.com
Contact: support@duruapps.com

2. Information We Collect

2.1 Information You Provide to Us

2.1.1 FastTally - Fasting Tracker

• Account Information: Email address, password (encrypted), and optional profile information
• Fasting Records: Your fasting history, including dates, fast types (Ramadan, makeup, extra, missed), and personal counters
• Counter Adjustments: Manual adjustments you make to your fasting debt counters and associated comments
• Period Tracking Records: Menstrual cycle information including period start/end dates, cycle phases (period or spotting), prayer times when bleeding started/ended (Fajr, Zuhr, Asr, Maghrib, Isha), flow characteristics (tags: heavy, light, cramps), intimate activity indicators (displayed as "•••" for privacy), and personal notes. This sensitive health data is stored securely and used only to help you track your fasting obligations during menstruation and calculate Ramadan days affected by your cycle.
• Prayer Counter Records: The number of makeup prayers you need to complete for each of the five daily prayers (Fajr, Zuhr, Asr, Maghrib, Isha). This data helps you track your missed prayer obligations.
• Preferences: Language preference, theme selection, calendar display settings, and Ramadan date configurations
• Support Requests: When you contact us for support, we collect your email, issue description, device information, and optional screenshots

2.1.2 Hatim - Quran & Recitation Tracker

• Account Information: Email address, password (encrypted), display name, and optional profile information
• Group/Community Information: Group membership, community roles (owner, admin, member), and membership status (pending, active, banned)
• Quran Recitation Tracking:
  • Portion tracking (Quran pages, juz, surahs, chapters)
  • Recitation completion records and timestamps
  • Portion assignment history
  • Verification status for completed portions
• Book Recitation Projects: Participation in group recitation projects for Islamic texts including Cevsen and Hizbul Hakaik
• Custom Recitation Projects:
  • Custom project creation (surahs, zikr, custom items with repetition counts)
  • Project participation and assignments
  • Completion tracking for custom recitations
• Project Management:
  • Niyyah/intentions set for projects
  • Project invite codes generated and used
  • Project start and end dates
• Daily Khatm Tracker: 3-month daily khatm progress tracking to help you complete the Quran regularly
• Cross-App Posting: When posting to Community app from Hatim, your recitation achievements and project updates
• Support Requests: Email, issue description, device information, and optional screenshots

2.1.3 Community - Community Management

• Account Information: Email address, password (encrypted), display name, and optional profile information
• Group/Community Information: Group creation and management, community roles (owner, admin, member), and membership status (pending, active, banned)
• Community Events:
  • Event details (title, description, location, dates/times, capacity)
  • Event flyers and images (URLs you provide for event posters)
  • External signup links (URLs to third-party event registration sites like Eventbrite, Google Forms)
  • Event RSVP responses (going/maybe/not going status)
  • Event check-in records
• Volunteer Management:
  • Volunteer sign-ups for events
  • Volunteer hour logging and tracking
  • Volunteer task assignments and completion status
• Event Tasks: Task creation, assignments, descriptions, and completion tracking for community events
• Community Announcements: Announcement content (title, description), pinned status, and posting timestamps
• External Website Links: Community website URLs you optionally provide for your community groups
• Content Sharing: When you use your device's share button to share events, communities, announcements, or Hatim projects, the app generates share links that may include event/community titles and descriptions. This sharing functionality uses your device's native share capabilities (iOS Share Sheet or Android Share menu). We do not track or store what you share or with whom you share it.
• Help System:
  • Help requests posted by community members
  • Help offers and responses
  • Request status (open, in-progress, resolved)
• Content Moderation: Content reports, moderation actions, and user-flagged content for community safety
• Cross-App Posting: When posting to Community from Hatim, content shared across apps
• Support Requests: Email, issue description, device information, and optional screenshots

2.1.4 Shared Features (Hatim & Community)

• Group Management: Group/community creation, settings, and membership management
• Member Roles: Role assignments (owner, admin, member) and permission levels
• Membership Status: Status tracking (pending, active, banned) for all group members
• Cross-Platform Integration: Data shared when posting between Hatim and Community apps

2.2 Photos and Media

• Photo Library Access: When you submit a support request, you may optionally attach images from your photo library. We only access photos you explicitly select - we never access your entire photo library or camera without your permission.
• Event Flyers and Images: When creating events in the Community app, you can optionally provide a URL link to an event flyer or poster image (for example, an image hosted on your own website or a public image hosting service). We store only the image URL you provide, not the actual image file itself. We do not have control over images hosted on external services. If the external link becomes unavailable, the image will no longer display in the app.
• Image URL Storage: Image URLs (for event flyers) are stored as part of event records and retained according to our event data retention policy (see Section 4.3). The actual images remain on the external hosting service you choose.
• Support Screenshots Storage: Support screenshots you optionally attach are stored securely on our servers and automatically deleted after 90 days.

2.3 Information Collected Automatically

• Device Information: Device model, operating system version, app version, and platform (iOS/Android)
• Usage Data: App features you use, session duration, and crash reports (anonymized)
• Authentication Data: Login timestamps and authentication tokens
• Analytics Data: We use Amplitude Analytics to understand how users interact with our apps. This includes:
  • App sessions (when you open and close the app)
  • Feature usage (which tabs you visit, which features you use)
  • App lifecycle events (foreground/background transitions)
  • Device information and app version
  • Note: We do NOT track IP addresses. All analytics data is anonymized and aggregated.
• Error Monitoring: We use Sentry to detect and fix crashes and errors. When an error occurs, Sentry automatically collects:
  • Error type and stack trace (technical details about what went wrong)
  • Device model, OS version, and app version
  • Anonymized session information
  • Note: Error reports do NOT include your personal data (email, fasting records, period data, prayer counters, recitation records, community events, or any other sensitive information). We filter out all sensitive information before sending error reports.

2.4 Third-Party Authentication

If you choose to sign in with Google or Apple:

• Google Sign-In: Email address and basic profile information
• Apple Sign-In: Email address (or private relay email) and optional name

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 FastTally - Fasting Tracker

• Provide the Service: Store and sync your fasting records, period tracking data, and prayer counters across devices
• Period Cycle Calculations: Analyze your period records to calculate cycle statistics (average cycle length, next expected period date, duration), identify Ramadan days affected by menstruation, and help you track fasting obligations during your cycle
• Prayer Tracking: Store and display your makeup prayer counters to help you track missed prayer obligations
• Personalization: Display your data in your preferred language and theme

3.2 Hatim - Quran & Recitation Tracker

• Provide the Service: Store and sync your recitation records, project participation, and group memberships across devices
• Quran Recitation Tracking: Track your assigned portions, completion status, and recitation history
• Project Management: Coordinate group recitation projects, distribute portions, and track collective progress
• Daily Khatm Tracking: Monitor your 3-month daily Quran completion progress
• Group Coordination: Manage group memberships, roles, and collaborative recitation efforts
• Invite System: Generate and process invite codes for joining recitation projects
• Cross-App Integration: Enable sharing of recitation achievements to Community app when you choose to post

3.3 Community - Community Management

• Provide the Service: Store and sync your community events, announcements, and help requests across devices
• Event Management: Create, manage, and track community events including RSVPs, check-ins, and attendance
• External Links and Images: Store and display external signup URLs (for third-party event registration) and event flyer image URLs you provide. When you click these links, our app displays a disclaimer informing you that you're leaving the app and visiting an external website. We are not responsible for the privacy practices or content of external websites. The external links you provide are visible to community members who can view the event.
• Volunteer Coordination: Manage volunteer sign-ups, track volunteer hours, and coordinate event tasks
• Community Communication: Distribute announcements and facilitate help requests/offers within communities
• Content Sharing: Enable you to share events, communities, announcements, and Hatim projects using your device's native share functionality. Shared content may include titles, descriptions, and links. We do not track what you share or with whom.
• Content Moderation: Process content reports to maintain safe and respectful community spaces
• Cross-App Integration: Enable receiving posts from Hatim app when users share recitation achievements

3.4 All Apps - General Uses

• Account Management: Create and maintain your user account
• Customer Support: Respond to your support requests and troubleshoot issues
• App Improvement: Analyze anonymized usage patterns through Amplitude Analytics to understand which features are most valuable, identify areas for improvement, and prioritize new features
• Error Detection: Use Sentry to automatically detect crashes and bugs so we can fix them quickly and improve app stability
• Security: Detect and prevent fraud, abuse, and security incidents
• Legal Compliance: Comply with legal obligations and protect our legal rights

4. How We Store Your Information

4.1 Data Storage Infrastructure

Your data is stored securely using Supabase, a secure cloud database platform built on PostgreSQL. Supabase provides:

• Industry-standard encryption for data at rest and in transit (SSL/TLS)
• Regular automated backups
• Row-level security (RLS) policies ensuring users can only access their own data
• ISO 27001 certified infrastructure

4.2 Data Location

Your data is stored in secure data centers. Supabase uses cloud infrastructure that may store data in multiple regions for redundancy and performance.

4.3 Data Retention

• Active Accounts: Your data is retained as long as your account is active
• Deleted Accounts: When you delete your account, all personal data is permanently deleted within 30 days
• Support Requests: Support tickets and associated screenshots are retained for 90 days, then automatically deleted
• Event Flyers: Event images are retained during the event and for 30 days after the event concludes, then automatically deleted
• Completed Events: Event data is archived after completion and deleted after 1 year unless required for record-keeping

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

5.1 Service Providers

• Supabase: Database and authentication services. Stores your account information, app-specific records (fasting, recitation, events), and user data securely with encryption.
• Amplitude Analytics: Usage analytics platform. Receives anonymized data about app usage, sessions, and feature interactions. Does NOT receive your personal data, fasting records, period data, prayer counters, recitation records, or community content.
• Sentry: Error monitoring and crash reporting service. Receives technical error information when crashes occur. We filter out all sensitive personal data before sending error reports.
• Google/Apple: OAuth authentication (only if you choose to use third-party sign-in)
• Expo/EAS: App distribution and updates

5.2 Within Community Groups

• Hatim - Group Recitation: When you join a recitation project, your completion status and assigned portions are visible to other group members and admins to coordinate group progress
• Community - Event Information: When you RSVP to events or volunteer, your participation status may be visible to event organizers and community admins
• Community - Announcements: Your announcements and help requests are visible to other members of your community groups
• Group Admins: Community owners and admins can view member lists, roles, and participation in group activities

5.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests from public authorities.

5.4 Business Transfers

If DuruApps is involved in a merger, acquisition, or sale of assets, your information may be transferred. You will be notified via email and/or a prominent notice in the app.

6. Your Privacy Rights

You have the following rights regarding your personal data:

6.1 Access and Portability

• Request a copy of your personal data
• Export your fasting records, counter history, recitation records, event history, and community participation data

6.2 Correction

• Update your email address and profile information
• Correct any inaccurate records (fasting, recitation, events, etc.)

6.3 Deletion

• Delete Individual Records: Delete specific fasting days, period tracking records, recitation portions, events, or announcements at any time
• Reset Counters: Reset your prayer counters to zero at any time through manual adjustment (FastTally)
• Leave Groups: Leave community groups or recitation projects at any time (Hatim & Community)
• Clear Data: Delete all app-specific records while keeping your account (available in Account Settings → Data Management → Clear Data)
• Delete Account: Permanently delete your account and all associated data across all DuruApps applications (Account Settings → Data Management → Delete Account)

6.4 Withdrawal of Consent

• Revoke third-party authentication permissions through your Google/Apple account settings
• Stop using the app and delete your account at any time

6.5 Data Portability

You can request a machine-readable export of your data by contacting us at support@duruapps.com.

7. Children's Privacy

Our apps are rated 4+ and are safe for children to use. However, we comply with the Children's Online Privacy Protection Act (COPPA):

• Children Under 13: We do not knowingly collect personal information from children under 13 without verifiable parental consent. Parents or guardians must create and manage accounts for children under 13.
• Parental Control: Parents can review, delete, or refuse further collection of their child's information by contacting us at support@duruapps.com.
• Data Collection: For children's accounts, we only collect the minimum necessary information: app-specific records and preferences. We do not share children's data with third parties.
• Parental Rights: Parents have the right to review their child's personal information, request deletion, and refuse further collection at any time.

If you are a parent or guardian and believe your child under 13 has provided us with personal information without your consent, please contact us immediately, and we will delete such information.

8. Sensitive Health Data (Period Tracking - FastTally)

FastTally's period tracking feature collects sensitive health information about your menstrual cycle. We take extra precautions to protect this data:

8.1 What Period Data We Collect

• Period start and end dates
• Cycle phase (period or spotting)
• Prayer times when bleeding started/ended (to calculate fasting obligations)
• Flow characteristics (heavy, light, cramps)
• Intimate activity indicators (stored as "intimate" tag, displayed as "•••")
• Personal notes you choose to add

8.2 How We Protect Period Data

• Encryption: All period data is encrypted during transmission (TLS/SSL) and storage
• Private by Default: Your period data is NEVER shared with third parties, including analytics services
• Row-Level Security: Database policies ensure only you can access your period records - even our staff cannot view your data
• No Health Data in Analytics: Amplitude and Sentry do NOT receive any period tracking information
• Local Control: Period data is cached locally on your device for offline access and synced securely to the cloud

8.3 Why We Collect Period Data

We collect period tracking information solely to help you:

• Track which days you cannot fast due to menstruation
• Calculate how many Ramadan fasting days were affected by your period
• Understand your cycle patterns (average length, duration, next expected date)
• Know when bleeding started/ended relative to prayer times (for religious obligations)

8.4 Your Period Data Rights

• Delete Anytime: Remove individual period records or all period data instantly
• Export Your Data: Request a complete export of your period tracking history
• Stop Using the Feature: Period tracking is optional - you can use FastTally without ever enabling it
• No Sharing: We will never sell, rent, or share your period data with advertisers, researchers, or any third parties

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your personal information in accordance with this privacy policy.

10. Security Measures

We implement appropriate technical and organizational security measures to protect your personal information:

• Encryption: All data transmitted between your device and our servers is encrypted using TLS
• Password Security: Passwords are hashed using industry-standard algorithms (bcrypt)
• Access Controls: Row-level security ensures users can only access their own data
• Regular Audits: We conduct regular security reviews and updates

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

11. Third-Party Links and External Websites

Our apps may contain links to third-party websites or services. We are not responsible for the privacy practices, content, or security of these third parties.

11.1 Service Provider Links

Our apps integrate with the following third-party services. We encourage you to read their privacy policies:

• Amplitude Privacy Policy
• Sentry Privacy Policy
• Supabase Privacy Policy

11.2 User-Provided External Links (Community App)

In the Community app, users can provide external links including:

• Event Signup Links: Links to third-party event registration websites (e.g., Eventbrite, Google Forms, Zoom, custom websites)
• Community Websites: Links to official community websites or social media pages
• Event Flyer Images: URLs to images hosted on external services

11.3 External Link Disclaimer

Important: When you click on external links within our apps, you will see a disclaimer informing you that:

• You are leaving the DuruApps application
• You will be visiting an external website not controlled by DuruApps
• We are not responsible for the privacy practices, terms of service, or content of external websites
• External websites may have different data collection practices and privacy policies

We strongly encourage you to review the privacy policy and terms of service of any external website you visit through links in our apps.

11.4 User Responsibility for External Content

Community Organizers: When you add external links (event signup URLs, website links, image URLs) to your community events or groups, you are responsible for:

• Ensuring the external website is safe and appropriate for your community members
• Complying with the external website's terms of service
• Verifying that the external website has adequate privacy protections
• Updating or removing broken or inappropriate links

Users Clicking External Links: When you visit external websites through links in the Community app, you do so at your own risk. We recommend exercising caution and verifying the legitimacy of external websites before providing any personal information.

11.5 Image Hosting

Event flyer images are provided as URLs pointing to external image hosting services. We do not host, store, or have control over these images. If you provide an image URL:

• The image must be hosted on a publicly accessible website or image hosting service (e.g., Imgur, your own website, cloud storage with public sharing enabled)
• You are responsible for ensuring the image URL remains accessible and does not violate any copyright or terms of service
• If the external hosting service removes the image or changes the URL, the image will no longer display in our app
• We do not monitor, review, or verify the content of externally hosted images

12. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by:

• Posting the new privacy policy in the app
• Updating the "Last Updated" date
• Sending you a notification for material changes

Your continued use of any DuruApps application after changes become effective constitutes your acceptance of the revised policy.

13. Your California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell your information)
• Right to non-discrimination for exercising your CCPA rights

14. European Users (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right of access, rectification, erasure, and restriction of processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

Legal Basis for Processing: We process your personal data based on your consent, contractual necessity, and our legitimate interests in providing and improving our services.

15. Governing Law

This Privacy Policy shall be governed by and interpreted in accordance with the laws of the State of California, United States, without regard to its conflict of law principles.

16. Contact Us

17. Consent

By using any DuruApps application (FastTally, Hatim, or Community), you consent to this privacy policy and agree to its terms.

---

© 2026 Duru Apps. All rights reserved.
DuruApps - FastTally, Hatim, Community