A. Personal & Profile Data

We collect the following basic information:

• Full Name,
• Phone Number,

• Source of Information (how you heard about the app),
• Gender & Blood Group,
• Short Address,
• Profile Images,
• User Type (Student, Teacher, Guest etc.),
• IP Address (for security and fraud prevention).

For our madrasa members, we take additional informations:

• Name in multiple languages.
• Guardian/Parent's Names (in multiple languages).

B. Authentication & Security Data

• Passwords (securely hashed so that no one can read them even when saved).
• Verification Codes (for registration & password reset/change).
• Device IDs (for Fraud prevention, security, and compliance).
• All Authentication Related History (for security monitoring).
• Session Data (for maintaining login state).

C. Device & Technical Data

• Language Preference.
• Basic technical device info to improve performance.

D. Performance & Monitoring Data

We collect anonymous performance metrics to ensure app reliability:

• Response times and latency,
• Error rates and types,
• API usage patterns,
• System performance metrics,
• Crash data.

This data is aggregated and does not identify individual users.

• Manage user accounts and access control.
• Allow authorized staff to view user's collected data.
• Authenticate registrations, payments, and password resets.
• Enhance app functionality, personalization, and security.
• Communicate notifications, updates, and support messages.
• Monitor system performance and troubleshoot issues.
• Prevent fraud and enforce security policies.
• Comply with legal requirements.

When you make fee payments or donations, we collect:

• Basic User Data (such as Fullname and Phone).
• Amount, Type of Payment, Doantion Fund (fee or donation).
• Transaction History (For Recording and Displaying in your account).

We partner with multiple third-party payment processors (such as SSLCommerz, bKash, Nagad, and others) to process payments securely. Your payment information is handled directly by these providers in accordance with their privacy policies. We do not store any card information. The list of our current payment partners is available on our website LINK.

• Server-side data is retained for the duration of your account unless you request deletion.
• Local data (profile, preferences, cached images, etc.) is stored on your device only.
• Profile images and uploaded files are stored on secure servers.
• Verification codes expires automatically and are purged after certain time.
• All authentication related attempt logs are retained for 30 days.
• Transaction history is retained indefinitely for accounting purposes.
• Some system logs are automatically purged after a fixed time.

We do not sell or trade your personal information. Data is shared only with:

• Authorized madrasa staff for educational administration.
• Third-party services as needed:
• SSLCommerz for payment processing,

• SSLCommerz for SMS verification,

• OpenTelemetry collectors for performance monitoring.

• We use third party webview plugins to Render external payment pages. Those pages are governed by their own privacy policies and data practices.

Our app may request access to device features (such as the gallery or SMS inbox) to provide certain functionality. We do not share this information with third-party SDK providers.

• Our app supports multiple accounts per device.
• Account data is stored locally and can be switched within the app.
• Unrecognized devices require re-verification.

• Access and Correction: You can view and update your personal information at any time through the profile section of the app.
• Account Deletion: You may request account deletion and data removal at any time through Our Website or by contacting support. Deletion is processed after 30 days. User can cancel the deletion request within that time. Deletion is permanent after that. No data can be retained after 30 days of deletion request.
• Account Deactivation: You can deactivate your account anytime through Our Website or by contacting support.

• All data is encrypted in transit (HTTPS/TLS).
• Passwords are hashed.
• Access is limited to authorized personnel only.
• Rate limiting on secure endpoints.
• Automatic blocking of suspicious IP addresses.
• Regular security audits and monitoring.

If you have questions:

• Phone: +8801687877822

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or sms using the address associated with your account. The effective date at the top of this policy will also be updated. By continuing to use the app after changes, you accept the updated policy.

Our app is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use this app or provide any information to us. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

By using this app, you agree to our Privacy Policy and Terms & Conditions. We process your personal data only when necessary to provide our services, fulfill our contract with you, comply with legal obligations, or with your consent. You must provide certain data to use the app; otherwise, we cannot create or manage your account.

All personal data is stored and processed within our secure servers. Only authorized admin personnel have access to your data for the purposes described in this policy. If we need to transfer data internationally, we will ensure appropriate safeguards are in place.

We use minimal cookies for essential functionality:

• Session cookies for secure login and account management
• No advertising or marketing cookies
• No third-party tracking cookies
• Performance monitoring is done server-side without client tracking