1. Introduction
Welcome to WasiyyaBox ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.
WasiyyaBox is designed to help you manage and share important personal information, messages, and digital assets with designated beneficiaries in case of emergency or as part of your final wishes (Wasiyya).
Important: By using WasiyyaBox, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.
2. Information We Collect
2.1 Personal Information
We collect the following types of personal information:
- Account Information: Name, email address, phone number, and authentication credentials
- Profile Data: User preferences, settings, and profile customization
- Content Data: Text messages, audio recordings, journal entries, photos, videos, and documents you create or upload
- Beneficiary Information: Names, email addresses, and contact details of designated beneficiaries
- Emergency Contacts: Information about individuals designated to receive notifications
2.2 Automatically Collected Information
- Device Information: Device type, operating system, unique device identifiers
- Usage Data: App features used, time spent, interaction patterns
- Log Data: IP address, access times, crash reports, and diagnostic information
- Location Data: Approximate location based on IP address (we do not collect precise GPS location)
2.3 Information from Third Parties
We may receive information from:
- Authentication services (e.g., Google Sign-In, Apple Sign-In)
- Cloud storage providers (if you choose to integrate)
- Payment processors (for premium features)
3. How We Use Your Information
We use your information for the following purposes:
3.1 Service Delivery
- Create and manage your account
- Store and encrypt your messages, recordings, and documents
- Facilitate the delivery of content to beneficiaries upon trigger activation
- Process emergency notifications
- Enable backup and restoration of your data
3.2 Communication
- Send you service-related notifications and updates
- Respond to your inquiries and support requests
- Notify beneficiaries when appropriate triggers are activated
- Send important security alerts
3.3 Improvement and Analytics
- Analyze usage patterns to improve our services
- Develop new features and functionality
- Perform research and analytics
- Fix bugs and technical issues
3.4 Security and Legal Compliance
- Protect against fraud, abuse, and unauthorized access
- Comply with legal obligations and law enforcement requests
- Enforce our Terms of Service
- Protect the rights and safety of our users
4. Data Storage and Security
4.1 Storage Infrastructure
Your data is stored using industry-standard cloud infrastructure providers with strong security measures. We use Firebase and may utilize additional secure cloud storage solutions for backup purposes.
4.2 Encryption
- Data in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols
- Data at Rest: Sensitive content is encrypted using AES-256 encryption
- Password Protection: User passwords are hashed using industry-standard algorithms
4.3 Security Measures
We implement multiple layers of security including:
- Regular security audits and vulnerability assessments
- Access controls and authentication mechanisms
- Secure backup procedures
- Employee training on data protection
- Incident response procedures
Note: While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to using commercially reasonable efforts to protect your data.
5. Data Sharing and Disclosure
5.1 With Beneficiaries
Your content will be shared with designated beneficiaries only when:
- Emergency triggers are activated as configured by you
- You manually release content to specific beneficiaries
- Scheduled delivery dates are reached
5.2 Service Providers
We may share information with trusted third-party service providers who assist us in:
- Cloud hosting and storage
- Email delivery services
- Analytics and monitoring
- Customer support
- Payment processing
These providers are contractually obligated to protect your information and use it only for the services they provide to us.
5.3 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Valid legal processes (subpoenas, court orders)
- Law enforcement requests
- Protection of our legal rights
- Prevention of fraud or illegal activities
- Protection of user safety
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your data.
5.5 With Your Consent
We may share your information for other purposes with your explicit consent.
6. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
- Active Accounts: Data is retained while your account is active
- Deleted Accounts: After account deletion, personal data is removed within 90 days, except where retention is required for legal purposes
- Delivered Content: Content delivered to beneficiaries may be retained according to beneficiary preferences
- Backup Data: Backup copies may be retained for up to 30 days after deletion for recovery purposes
7. Your Rights and Choices
7.1 Access and Control
You have the right to:
- Access: Request a copy of your personal information
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and associated data
- Portability: Request your data in a portable format
- Restriction: Request limitation of processing in certain circumstances
- Objection: Object to processing of your personal information
7.2 Communication Preferences
- Opt out of marketing communications
- Manage notification settings within the app
- Control which emails you receive
7.3 Account Deletion
You can delete your account at any time through the app settings. Upon deletion:
- All your personal data will be permanently removed
- Undelivered content will be deleted
- Beneficiary access will be revoked
- The action is irreversible
8. Children's Privacy
WasiyyaBox is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.
9. International Data Transfers
Your information may be transferred to and maintained on servers located outside of your country, where data protection laws may differ. By using WasiyyaBox, you consent to the transfer of your information to other countries. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.
10. Third-Party Services
Our app may contain links to third-party services or integrate with external platforms. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
Third-party services we may integrate with include:
- Google Services (Authentication, Cloud Storage)
- Apple Services (Sign-In)
- Email delivery services
- Payment processors
11. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to improve your experience:
- Essential Cookies: Required for app functionality
- Analytics Cookies: Help us understand usage patterns
- Preference Cookies: Remember your settings and preferences
You can control cookie preferences through your device settings, though disabling certain cookies may limit functionality.
12. Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes through:
- In-app notifications
- Email notifications to your registered email address
- Updates to the "Last Updated" date at the top of this policy
Your continued use of WasiyyaBox after changes are posted constitutes acceptance of the updated Privacy Policy.
13. Regional Privacy Rights
13.1 European Economic Area (EEA) and UK Users
If you are located in the EEA or UK, you have additional rights under GDPR:
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
- Right to detailed information about processing activities
- Right to data portability in machine-readable format
13.2 California Residents (CCPA)
California residents have specific rights including:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information
- Right to deletion of personal information
- Right to non-discrimination for exercising privacy rights
Note: We do not sell your personal information.
13.3 Other Jurisdictions
We comply with applicable data protection laws in all jurisdictions where we operate. Please contact us to learn more about your specific rights.
15. Acceptance of This Policy
By using WasiyyaBox, you signify your acceptance of this Privacy Policy. If you do not agree with this policy, please do not use our services. Your continued use following the posting of changes constitutes acceptance of those changes.