Privacy & Terms

Fitra runs on your phone. We don't collect your data, we don't sell ads, and there is no server you sign in to. Everything below is the long form of that.

What we collect

Nothing leaves your device under normal use. Your preferences, prayer log, fasting log, reading minutes, bookmarks, custom dhikr names, and Hijri event reminders are stored on your phone in an AES-256 encrypted database. The encryption key lives in iOS Keychain so a backup of your phone doesn't include data you intended to keep local.

Location

If you grant location permission, your latitude and longitude are used on-device to compute prayer times and the Qibla bearing. Two public services help name your city and fetch a weather snapshot; they receive your coordinates over an encrypted connection with no identifier attached. We do not store your coordinates on any server — we don't run one.

Notifications

Adhan and Hijri-event reminders are scheduled locally on your device. There is no push server. Times are computed from your saved location and calculation method, then handed to iOS to fire at the right instant. Toggling adhan off cancels every scheduled future notification.

Qur'an, hadith, dua content

Qur'an text, translations, and recitation audio are fetched from public Islamic content sources over an encrypted connection. Your IP is visible to those sources the same way it would be to any website you open in a browser. No account or identifier is attached to the request.

No ads, no selling, no tracking

The app is sadaqah jariyah — built as ongoing charity. There are no ads on any screen, no advertising identifiers, no analytics SDKs, no cross-app tracking. We don't sell, share, or monetise any data. There is no plan to change this.

Crash reports

If the app crashes, an anonymous crash report can be sent to help us fix the bug. The report contains the crash stack trace and OS version, with personal identifiers stripped. Crash reporting is gated behind an admin sign-in that V1 users do not have access to — meaning crash reports are effectively disabled for all users at launch. When the admin-sign-in feature ships in a future version, you'll be able to opt out at any time.

Sign-in

Fitra supports an optional sign-in so your profile carries between devices, but your in-app activity (prayer log, bookmarks, custom dhikr) still lives on your device only. Even when you sign in, we do not upload your prayer history, fasting log, reading minutes, or any personal data to a server.

Your rights

You own your data because it lives on your device. To delete everything, delete the Fitra app — iOS removes the entire encrypted database when the app is uninstalled, and there is nothing on our side because we never received it. Each bookmark, prayer log entry, and custom dhikr can also be deleted individually inside the app.

Children (COPPA & Apple 4+ rating)

The app is rated 4+ on the App Store and complies with the Children's Online Privacy Protection Act (COPPA). It collects no information that identifies a child or an adult, requests no personal information at any age, has no chat or social features, and serves no advertising. Parents can supervise location and notification permissions through iOS Settings → Fitra.

Third-party services we connect to

Fitra fetches public Islamic content from the following services. None of them receive any account or device identifier from us; they see only your IP address as any website does when you visit it.

sunnah.com — hadith corpus content for the in-app browse, when you open a collection that isn't already bundled.
tanzil.net & quran.com — Qur'an text, translations, and recitation audio.
open-meteo.com — local weather snapshot displayed on the Today screen.
nominatim.openstreetmap.org — reverse-geocoder for the city-name label.
Sentry — anonymized crash reports, only if the V2 admin sign-in is enabled (disabled for all V1 users).

No advertising identifier, no IDFA, no tracking

Fitra does not request or use the Apple Advertising Identifier (IDFA), does not implement App Tracking Transparency (ATT) prompts (because there is no tracking to authorize), and does not embed any analytics SDK that collects device fingerprints or behavioral signals. The app's Privacy Manifest (PrivacyInfo.xcprivacy) declares Tracking = false and Tracking Domains = empty.

GDPR, CCPA, PIPEDA

Fitra does not process personal data in the GDPR/CCPA/PIPEDA sense — your data lives only on your device. There is no controller, no processor relationship, no cross-border transfer, no data subject access request to fulfill because there is no copy of your data to access. If you want to exercise data-deletion rights anyway, deleting the app removes everything iOS stored on your behalf. The encrypted backup of your phone may contain Fitra's encrypted database; iOS handles deletion of those backups per your own iCloud / encrypted backup settings.

Data retention

On-device data is retained until you delete it (either individually inside the app, or by uninstalling the app). We retain nothing on any server because we operate no server.

Account deletion

V1 of Fitra has no account system; there is nothing to delete server-side. When the optional V2 sign-in ships, you will be able to delete the account and any associated profile data from inside the app, with no email confirmation required.

Terms of use

The app is provided "as is" for personal worship and reference. Qur'an, hadith, and dua text are sourced from public Islamic content libraries and are reproduced for educational and devotional use. Adhan recordings are either Public Domain (Makkah, Doha) or sourced from the praytimes.org community archive (Sheikh Abdul Basit). Hadith corpora are from sunnah.com and fawazahmed0/hadith-api. Qur'an translations come from tanzil.net and quran.com. Prayer-time calculations use the open-source adhan-dart library by Tarek Sherif. Weather snapshots come from open-meteo.com.

Contact

Security or privacy concern: security@spidyops.com
General questions: ask@spidyops.com