Introduction
At VAAZ ("we", "the app"), we are committed to protecting the privacy of our users. This policy explains what data is collected when you use the VAAZ mobile application, how it is used, and how it is protected. By using the app, you agree to this policy.
Data Collected
VAAZ may collect the following data to improve service quality and provide core features:
- Account information: Email address, name (when creating an account). If you sign in with Google or Apple, basic profile information is received from these services.
- Location information: Your device's location data is used for prayer time calculation, qibla direction, and nearby mosque search features. Location data is processed only for these purposes.
- Usage data: Anonymous statistics such as in-app interactions, screens viewed, and feature usage frequency.
- Device information: Device model, operating system version, and app version (for bug diagnosis).
- User-generated content: AI chat history, quiz results, favorite hadiths, dhikr counts, Quran reading progress, and hatim participations.
Use of Data
Collected data is used only for the following purposes:
- Accurate calculation of prayer times and qibla direction
- Providing personalized content and recommendations
- Analyzing and improving app performance
- Identifying and resolving technical issues
- Managing subscriptions and in-app purchases
- Providing user support
Third-Party Services
VAAZ uses the following third-party services to operate the app. Each of these services has its own privacy policy:
- Convex (convex.dev): Server-side database and backend infrastructure. User data is stored on Convex cloud servers.
- PostHog (posthog.com): Anonymous app usage analytics. No personally identifiable information is collected.
- Sentry (sentry.io): Error reporting and performance monitoring. Device information and error details are sent when the app crashes.
- RevenueCat (revenuecat.com): Subscription and in-app purchase management. Your payment information is processed directly by Apple or Google; VAAZ never sees your credit card details.
- Google AdMob (admob.google.com): Ad serving. AdMob may use device identifiers and usage data for ad personalization.
- Google Sign-In and Sign in with Apple: Authentication for social sign-in. Only basic profile information such as name and email is received. Sign in with Apple supports the Hide My Email relay option.
- Apple Push Notification Service (APNs) and Google Firebase Cloud Messaging (FCM): Push notification delivery. A device token is transmitted; notification content is processed only for the duration of delivery.
- AlAdhan API (api.aladhan.com): Prayer-time calculation requires sending your device's location. The remote service does not retain the location; it is used only for the current request.
- Overpass API (overpass-api.de, OpenStreetMap): Nearby-mosque search transmits your device's location as a query parameter. Responses are cached on-device for 4 hours.
- Anthropic Claude AI: For the AI chat feature. Your chat messages are relayed through Convex servers to the Anthropic API and used to generate responses.
Data Storage and Local Storage
Server-side data (account, chat history, quiz results) is stored on Convex cloud servers for as long as your account is active. On your local device, app state data such as theme preferences, dhikr counts, streak tracking, and badge progress is stored via AsyncStorage/MMKV. External API responses such as prayer times and mosque data are cached on your device for performance. When you delete the app, local data is automatically removed.
Data Security
We implement industry-standard security measures to protect your data. All data transfers are encrypted with HTTPS/TLS. Server-side data is protected by Convex's security infrastructure. Authentication is managed through secure session handling. Your personal information is never shared with or sold to third parties for marketing purposes.
Children's Privacy
VAAZ is not directed at children under the age of 13 and does not knowingly collect personal data from this age group. If you become aware that a child under 13 has shared data, please contact us and we will promptly delete the relevant data.
Your Rights
As a user, you have the following rights:
- You can request access to your data
- You can request correction or deletion of your data
- You can change your notification preferences at any time
- You can disable location access from your device settings at any time
- You can opt out of ad personalization from your device settings
- You can close your account at any time and request deletion of all your data
Data Deletion
To close your account and request deletion of all your personal data, you can use the account settings within the app or send an email to support@getvaaz.com. Your deletion request will be processed within 30 days.
Policy Changes
This privacy policy may be updated from time to time. Users will be notified of important changes via in-app notification or email. Continuing to use the app after an update means you accept the changes.
Data Controller
The data controller for the VAAZ app is Erkam Demirci. To exercise your rights under the Turkish Personal Data Protection Law (KVKK) Article 11 or for any privacy-related inquiries, please contact support@getvaaz.com.
