1. Introduction

Hayafi Ltd (“we”, “us”, “our”) is a UK-based Muslim marriage platform designed for sincere, halal-intentioned connections. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with UK GDPR, the Data Protection Act 2018, and other applicable laws.

 

By using Hayafi (app or website), you consent to the practices described in this policy.

​

2. Information We Collect

​

A. Registration & Profile Data
   •    Name, email, phone number, gender, date of birth
   •    Location, city, bio, profile photos
   •    Language, ethnicity, religious practice details
   •    Lifestyle, personality, and preference selections

​

B. Verification Data

Mandatory: Selfie for account verification
Optional: ID documents, Wali/guardian details (name, email, phone)

​

C. Usage Data

​

   •    Chat messages, proposal actions, matches
   •    Profile completion and feature interactions
   •    Timestamps

​

D. Device & Technical Data

   •    IP address, device model, OS, app version, language
   •    Push notification tokens

​

E. Payment Data

​

Hayafi does not currently offer paid features, so no payment data is collected at this time.

If paid features are added in the future, payment processing will be handled securely by third-party processors, and this policy will be updated accordingly.

​

F. Third-Party Login Data

•    Only the data authorised by Apple, Google, etc.

​

G. Third-Party Services / SDKs

​

Essential SDKs (required for core functionality):

   •    Firebase (Analytics & Crashlytics) – FCM tokens, crash reports

   •    ZEGO Cloud SDK – audio/video calls, device details, call stats

   •    Twilio – phone number, OTP logs

   •    AWS S3 – photos, videos, profile media storage

   •    Node.js + MongoDB backend – user profiles, chats, preferences

   •    socket_io_client – messages, user IDs, call events

   •    image_picker – photos/videos from camera/gallery

   •    shared_preferences – local user settings

   •    connectivity_plus – network status

   •    intl_phone_field – phone number formatting

​

 

Optional SDKs (user choice features):

   •    file_picker, image_cropper, video_player, url_launcher

Non-Data-Collecting Packages: All other Flutter packages in the app are UI-only.

​

3. How We Use Your Data

   •    Operate, personalise, and improve your app experience

   •    Match you with compatible users

   •    Verification and safety checks

   •    Manage Wali/proposal features

   •    Respond to support requests

   •    Detect and prevent fraud, abuse, or prohibited behaviour

   •    Analyse anonymized trends for improvements

​

Legal Bases for Processing: Contractual necessity, legitimate interest, consent (for optional features)

​

4. Consent & Privacy Choices

   •    Users can manage app permissions in the consent banner (“Personalise My Choice”)

   •    Categories include:

   1.    Strictly Necessary – cannot be switched off

   2.    Analytics – optional, e.g., Firebase Analytics

   3.    Marketing – optional, e.g., Ads SDKs

   •    Users can allow/refuse all or customise per category
   •    New SDKs added in the future will follow the same consent rules

​

 

5. Verification Data

   •    Selfie: Confirm authenticity; stored securely; deleted 15 days after verification

   •    Optional ID: Display “Verified ID” badge; ID documents are deleted immediately               after verification is completed.

   •    No biometric templates created or face geometry extracted

​

6. Wali / Guardian Data

   •    Users may provide wali info for supervision

   •    Weekly chat transcripts sent if enabled

   •    Proposal feature allows sharing wali contact with potential matches

   •    Users may request another user’s wali/guardian contact from within chat.

         Wali details are only shared if the user manually approves the request.

​

 

7. Who We Share Data With

   •    Chosen wali

   •    Firebase, AWS S3 – storage & hosting

   •   Apple/Google

   •    Analytics/support tools

   •    Law enforcement if legally required

   •    In event of business transfer (merger/acquisition)

​

No data is sold to advertisers or third parties.

​

 

8. Data Retention

   •    Profile/account data: Until deletion or 2 years inactivity

   •    Selfie verification: 15 days after verification

   •    ID verification: Immediately deleted

   •    Chat & usage data: As needed for moderation and safety

   •    Payment records: As required by law

​

 

9. User Rights (UK GDPR)

   •    Access, correct, delete, restrict, or object to processing

   •    Withdraw consent for optional features

   •    Data portability requests

   •    Complaints to ICO

​

Contact: hello@hayafi.app

​

 

10. Security Measures

   •    Encrypted storage, secure servers, role-based access

   •    Monitoring for suspicious activity

   •    Users should avoid sharing sensitive info in chat

​

 

11. Changes to This Policy

   •    Updates may occur; major changes notified in-app or by email

​

12. Contact Information

Email: hello@hayafi.app

Registered Office: 5 Brayford Square, London E1 0SG, United Kingdom