Privacy Policy

Last Updated: January 13, 2026

1. Introduction

hiMasjid ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our masjid display management service.

By using hiMasjid, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Email address (for authentication and communication)
  • Password (stored securely using industry-standard hashing)
  • Username (for your unique display URL)
  • Masjid name (displayed on your TV screens)
  • Preferred language (for interface localization)

Location Information

To calculate accurate prayer times, we collect:

  • Latitude and longitude coordinates
  • Timezone
  • Prayer calculation method preference

Location data is used solely for prayer time calculations and is not shared with third parties for marketing purposes.

Content You Create

We store content you upload and create, including:

  • Slides (announcements, events, images, videos)
  • Playlists and scheduling configurations
  • Prayer time configurations (adhan/iqamah adjustments)
  • Masjid logo and theme settings
  • Emergency override messages

Usage Information

We automatically collect:

  • Sync events (for rate limiting and service optimization)
  • Client version information (to ensure compatibility)
  • Device type and browser information
  • Access timestamps

3. How We Use Information

We use collected information to:

  • Provide the Service: Display your content on TV screens, calculate and show prayer times
  • Authenticate Users: Verify your identity and secure your account
  • Sync Content: Keep your TV displays updated with your latest content
  • Improve the Service: Analyze usage patterns to enhance features and performance
  • Communicate: Send important service updates and respond to support requests
  • Prevent Abuse: Rate limiting and security monitoring

4. Data Storage & Security

Where We Store Data

Your data is stored on Supabase infrastructure. Data may be processed in data centers located in Singapore or other regions to ensure reliability and performance.

Security Measures

We implement multiple layers of security:

  • Encryption in Transit: All data transmitted between you and our servers is encrypted using HTTPS/TLS
  • Row Level Security: Database policies ensure users can only access their own data
  • Secure Authentication: Industry-standard password hashing and secure session management
  • Rate Limiting: Protection against brute force attacks and abuse
  • Input Sanitization: Protection against XSS and injection attacks

5. Third-Party Services

We share limited data with the following third-party services that help us operate hiMasjid:

ServicePurposeData Shared
SupabaseDatabase, Auth, File StorageAll user data
VercelWebsite HostingAccess logs, IP addresses
Aladhan APIPrayer Time CalculationLatitude, longitude, timezone
UpstashRate LimitingIP addresses
StripePayment ProcessingBilling information (Premium)

We do not sell your personal data to any third parties for marketing or advertising purposes.

6. Cookies & Local Storage

hiMasjid uses browser storage mechanisms to provide a seamless experience:

Essential Storage

  • Session Cookies: To keep you logged in
  • LocalStorage: To cache display content for offline access
  • IndexedDB: To store prayer times for TV displays (up to 2 years of data)

What We Don't Use

  • Third-party tracking cookies
  • Advertising cookies
  • Social media tracking pixels

All storage is used strictly for service functionality and improving your experience. TV displays use local caching to ensure content remains available even during internet outages.

7. Data Retention

  • Active Accounts: We retain your data for as long as your account is active
  • Deleted Accounts: When you delete your account, we remove your data within 30 days
  • Cached Data: Local storage and IndexedDB data expires automatically or when you clear your browser data
  • Backup Copies: Backups may be retained for up to 90 days for disaster recovery purposes

8. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you
  • Correction: Update inaccurate or incomplete data via your Settings page
  • Deletion: Delete your account and all associated data at any time
  • Export: Download your content and configurations
  • Objection: Object to certain processing of your data

To exercise any of these rights, please contact us at team@himasjid.com.

9. Children's Privacy

hiMasjid is designed for masjid administrators, who are typically adults. Our Service is not intended for children under 18 years of age.

We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can take appropriate action.

10. International Data

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

11. Policy Updates

We may update this Privacy Policy from time to time. When we make changes:

  • We will update the "Last Updated" date at the top of this page
  • For significant changes, we may notify you via email or in-app notification
  • Your continued use of the Service after changes constitutes acceptance of the updated policy

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Email: team@himasjid.com

We will respond to your inquiry as soon as possible, typically within 7 business days.