Last updated: April 2026
Ummaly Ltd (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Ummaly platform, including our website and mobile applications (“Platform”).
When you create an account, we collect your email address, display name, and authentication provider (Google, Apple, or email/password). We do not store your password directly; authentication is handled by Firebase Authentication.
When you scan a product barcode, we record the barcode, scan timestamp, and the halal assessment result. This data is linked to your user account to provide scan history and favourites.
With your permission, we access your device location to provide prayer times, Qibla direction, and nearby restaurant/mosque search. Location data is used in real-time and is not stored on our servers.
We collect anonymised usage analytics including feature usage, session duration, and crash reports to improve the Platform. This data cannot be used to identify you personally.
We may collect device type, operating system version, browser type, and app version for compatibility and debugging purposes.
Subscription payments are processed entirely by Apple App Store or Google Play Store. We do not collect, store, or have access to your payment card details.
We use your information to:
Account and scan data is stored in secure cloud databases (Firebase/Google Cloud and Railway-hosted PostgreSQL). All data is encrypted in transit (TLS) and at rest.
We retain your account data for as long as your account is active. Scan history is retained indefinitely unless you delete it within the Platform or request account deletion.
We implement industry-standard security measures including encrypted connections, secure authentication tokens, and regular security reviews. However, no method of electronic transmission is 100% secure.
We do not sell your personal data. We may share data with third-party services that help us operate the Platform, including:
These providers are bound by their own privacy policies and process data only as necessary to provide their services. We may also disclose information if required by law, court order, or to protect our rights, safety, or property.
Under UK GDPR, you have the right to:
To exercise these rights, contact us at privacy@ummaly.com or use the account deletion feature in the app (Profile > Settings > Delete Account).
Our website uses cookies for authentication sessions and to maintain your logged-in state. These are essential cookies required for the Platform to function correctly. We also use Firebase Analytics for anonymised usage tracking on both the website and mobile applications. You can manage cookie preferences in your browser settings. You can opt out of analytics in your device settings.
The Platform is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we discover such data has been collected, we will delete it promptly.
The Platform may display advertisements via Google Mobile Ads. Ad personalisation is governed by Google's advertising policies. You can manage ad preferences in your device settings.
Your data may be processed in countries outside the UK/EEA where our service providers operate. We ensure appropriate safeguards are in place through standard contractual clauses and adequacy decisions.
We may update this Privacy Policy from time to time. We will notify you of material changes through the Platform. Your continued use constitutes acceptance of the updated policy.
For privacy-related queries:
Email: privacy@ummaly.com
Ummaly Ltd
United Kingdom
