Privacy Policy | ZakatWise — Islamic Finance AI

1. Introduction

ZakatWise ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our AI-powered Islamic finance assistant.

We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) where it applies. By using ZakatWise, you agree to the practices described in this policy.

2. Information We Collect

a) Information You Provide

Chat Queries: When you interact with our AI assistant, we receive and process the questions, prompts, and context you submit.
Email Address: If you subscribe to our newsletter, create an account, or contact us via email, we collect your email address.
Payment Information: When you purchase a subscription (Pro or API plan), payment processing is handled entirely by Stripe. We do not store full credit card numbers or bank details on our servers. Stripe may share limited billing info (e.g., last four digits, billing name, and subscription status) with us.

b) Information Collected Automatically

Usage Data: We collect anonymised analytics such as pages visited, time spent, and features used to improve our service.
Cookies: We use essential cookies for session management and (with your consent) non-essential cookies for analytics and preferences.
Device & Browser Info: IP address (anonymised where possible), browser type, operating system, and referrer URL.

3. How We Use Your Information

We use your information for the following purposes:

To operate and improve our AI Islamic finance assistant and website.
To respond to your inquiries and provide customer support.
To process subscriptions and manage your account.
To send service-related emails (e.g., account updates, payment receipts).
To send marketing communications only with your explicit consent.
To detect, prevent, and address technical issues or misuse.

4. Cookies

We use the following types of cookies:

Essential Cookies: Required for the website to function properly (e.g., session management). These are set automatically.
Analytics Cookies: Help us understand how visitors interact with our site. We use privacy-friendly analytics that do not track you across third-party sites.
Preference Cookies: Remember your settings and preferences for a better experience.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect site functionality.

5. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes described in this policy:

Chat Queries: Stored for up to 90 days for quality improvement, then anonymised or deleted.
Account & Billing Data: Retained for the duration of your account plus any period required by applicable law (e.g., tax records).
Email Subscriptions: Retained until you unsubscribe or request deletion.
Analytics: Aggregated and anonymised data may be retained indefinitely for statistical purposes.

6. Third-Party Services

We use the following third-party services:

Stripe (Payment Processing)

All payments are processed by Stripe. Stripe's use of your information is governed by their Privacy Policy. We receive only limited billing information necessary for subscription management.

Ollama (AI Processing)

Our AI assistant runs on Ollama, a self-hosted large language model. Chat queries are processed locally on our infrastructure. We do not share your conversation data with third-party AI providers. Conversations are not used to train or fine-tune models unless you explicitly opt in.

Key point: We self-host our AI models. Your chat data is not sent to external AI API providers like OpenAI or Google.

7. Data Security

We implement industry-standard security measures, including:

Encryption in transit (TLS 1.3).
Encryption at rest for stored data.
Regular security audits and access controls.
Limited employee access to personal data on a need-to-know basis.

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights (GDPR & Global)

If you are in the European Economic Area (EEA), UK, or other regions with similar laws, you have the following rights:

Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal obligations.
Right to Restrict Processing: Request that we limit how we use your data.
Right to Data Portability: Request a machine-readable copy of your data.
Right to Object: Object to processing for direct marketing or legitimate interests.
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at privacy@zakatwise.com. We will respond within 30 days.

9. International Data Transfers

Your data is stored on servers located in [Country/Region]. If we transfer data to countries outside the EEA or UK, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

10. Children's Privacy

ZakatWise is not intended for children under 13 (or 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For material changes, we will notify you via email or a prominent notice on our website.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@zakatwise.com
Website: zakatwise.com/contact