Wasilah · Legal
Privacy Policy
1. Introduction
Wasilah is a mobile application that provides Islamic religious tools, including prayer times, Qibla direction, the Holy Quran with audio recitation, and dhikr and duʻa collections. We respect your privacy and are committed to processing the minimum amount of personal data necessary to deliver these features. This policy explains what we collect, why, how we use it, and the rights you have over it.
By installing or using Wasilah you agree to this Privacy Policy. If you do not agree, please do not install or use the app.
2. Summary at a glance
| What we process | Why | Stored where |
|---|---|---|
| Approximate or precise device location | To compute accurate prayer times and the Qibla direction for your location | On your device. Coordinates may be sent to the AlAdhan API to compute prayer times; not retained by us |
| Crash and stability data | To detect and fix bugs that crash the app | Google Firebase Crashlytics (servers operated by Google LLC) |
| App usage events (e.g. screens viewed, app version) | To understand how features are used so we can improve them | Google Firebase Analytics (servers operated by Google LLC) |
| Push notification token | To deliver prayer time reminders and important app updates | Google Firebase Cloud Messaging (servers operated by Google LLC) |
| App preferences and downloaded content (e.g. bookmarks, settings) | To remember your settings between launches | Locally on your device only |
What we do not collect. We do not collect your name, email address, phone number, contacts, photos, payment information, or any account credentials. Wasilah does not require you to create an account.
3. Information we collect
3.1 Information you provide directly
Wasilah does not require sign-up or sign-in. We do not collect names, email addresses, profile photos, or contact details. The only data you "provide" is your in-app preferences (calculation method, reciter, notification settings, language, theme), which are stored only on your device using local storage and never transmitted to us.
3.2 Device location
If you grant location permission, the app reads your device's coordinates using the Android or iOS location service. This is used in two ways:
- Locally on device — to compute the Qibla compass bearing.
- Sent to the AlAdhan API (operated by IslamicNetwork at
api.aladhan.com) — to compute prayer times for your latitude and longitude. The AlAdhan API processes the coordinates to return prayer times and does not require any account or identifier from you.
You can revoke location permission at any time through your device's system settings. If you do, Wasilah will fall back to manual city selection or stop showing prayer times until permission is restored.
3.3 Crash and diagnostic data (Firebase Crashlytics)
When the app crashes, Firebase Crashlytics collects a crash report containing:
- Stack trace and crash type
- Device model, operating system version, and language
- App version and build number
- An installation-specific identifier (Crashlytics Installation ID) used to group crashes from the same install. This is not your device's advertising ID and is reset if you uninstall and reinstall the app
- The state of the app at the time of crash (e.g. last screen viewed, breadcrumb logs)
This data is processed by Google LLC and is used solely to fix bugs.
3.4 Usage analytics (Firebase Analytics)
Firebase Analytics collects standard, automatic events provided by the SDK, including:
- App opens, screen views, and session duration
- App version, OS, country (derived from IP and not stored as IP)
- A pseudonymous Firebase Installation ID
We do not link these events to any identity. We use the aggregated data to understand which features are used and to improve the app.
3.5 Push notifications (Firebase Cloud Messaging)
If you grant notification permission, the app registers a Firebase Cloud Messaging (FCM) token. This token allows us to send notifications such as prayer reminders, dhikr nudges, and occasional product announcements. The token is associated with your installation, not your identity. You can disable notifications at any time in the app's Settings or in your device's system settings.
3.6 Network requests to third-party services
The app makes HTTPS requests to the following third-party services. These requests inherently expose your IP address, app version, and the request itself to the operator of that service:
- AlAdhan API (
api.aladhan.com) — to fetch prayer times. See aladhan.com/privacy-policy. - islamic.network audio CDN (
cdn.islamic.network) — to stream Quran recitation audio. - Google Firebase (multiple endpoints under
firebaseio.com,googleapis.com, etc.) — for the Crashlytics, Analytics, and Cloud Messaging functions described above.
4. How we use your information
- To compute and display accurate prayer times and Qibla direction
- To stream Quran recitation audio
- To send prayer-time reminders and other notifications you have opted into
- To detect, diagnose, and fix bugs and crashes
- To understand aggregate, anonymous usage patterns and improve features
- To comply with legal obligations
We do not use your data for advertising. Wasilah does not contain advertisements or third-party advertising SDKs.
5. Legal bases for processing
For users in the EEA, UK, and similar jurisdictions:
- Performance of a contract / provision of the requested service — for processing your location to compute prayer times and Qibla direction, and for delivering Quran audio.
- Legitimate interests — for crash reporting and aggregate usage analytics, where our interest is in maintaining a stable and useful app and that interest does not override your rights and freedoms.
- Consent — for push notifications and for accessing precise device location, granted via the operating system's permission prompt and revocable at any time.
6. Data sharing
We do not sell your data. We share data only with the third-party processors listed below, and only to the extent necessary to provide the corresponding feature:
| Recipient | Role | Region |
|---|---|---|
| Google LLC (Firebase) | Crash reporting, analytics, push delivery | United States and other Google data centres |
| IslamicNetwork (AlAdhan API) | Prayer time computation | Operated globally |
| IslamicNetwork (islamic.network CDN) | Quran audio streaming | Operated globally |
We may also disclose data if required to do so by law, regulation, or court order, or to protect the rights, property, or safety of users or the public.
7. International transfers
The third-party processors listed above operate globally and may store and process data in countries outside your country of residence, including the United States. Where data is transferred from the EEA, UK, or Switzerland, we rely on the recipient's compliance with appropriate safeguards (Standard Contractual Clauses or equivalent mechanisms) as published by that processor.
8. Data retention
- On-device data (preferences, downloaded audio, bookmarks) is retained until you uninstall the app or clear app storage.
- Firebase Crashlytics retains crash reports for up to 90 days by default.
- Firebase Analytics retains user-level event data for up to 14 months by default; aggregate, non-identifiable reporting is retained indefinitely.
- FCM tokens are retained for as long as the installation is active. Tokens are invalidated automatically when you uninstall the app.
- Location coordinates sent to the AlAdhan API are not retained by us; AlAdhan's retention is governed by their privacy policy.
9. Security
All network requests made by Wasilah use HTTPS / TLS encryption in transit. On-device data is stored using the operating system's standard application sandbox. Firebase services use Google's security infrastructure, including encryption in transit and at rest. No system can be guaranteed perfectly secure, and we cannot guarantee absolute security of your data.
10. Your rights
Depending on your jurisdiction, you may have some or all of the following rights:
- Right of access — to request a copy of the personal data we process about you.
- Right of rectification — to correct inaccurate or incomplete data.
- Right of erasure ("right to be forgotten") — to request deletion of your data.
- Right to restrict or object to processing — including objecting to processing based on legitimate interests.
- Right to data portability — to receive your data in a structured, commonly-used format.
- Right to withdraw consent — for any processing based on consent, by revoking the relevant permission in your device settings.
- Right to lodge a complaint — with your local data protection authority.
Because Wasilah does not collect names, emails, or other identifiers, the data we process is largely pseudonymous. To exercise any of these rights, contact us at the address in Section 14 and provide enough information for us to identify the relevant processing (e.g. your Firebase Installation ID if available, the approximate date of the event, and the device model). For data held by Firebase, you may also contact Google directly.
You can also delete most of the data we hold simply by uninstalling the app, which terminates the FCM token and stops new analytics and crash data from being sent.
11. Children's privacy
Wasilah is intended for general audiences and is suitable for users aged 13 and over. We do not knowingly collect personal data from children under the age of 13 (or the equivalent minimum age in your jurisdiction, such as 16 in some EEA countries). If you are a parent or guardian and you believe a child has provided personal data to us, please contact us at the address in Section 14 and we will take reasonable steps to delete the data.
12. Permissions used by the app
| Permission | Why we request it |
|---|---|
| Location (precise and approximate) | Compute prayer times and Qibla direction |
| Internet | Fetch prayer times, stream Quran audio, deliver crash and analytics data, receive push notifications |
| Post notifications | Show prayer-time and dhikr reminders |
| Schedule exact alarms / Use exact alarms | Trigger prayer-time notifications at the precise time |
| Receive boot completed | Re-arm scheduled prayer notifications after the device restarts |
| Vibrate, wake lock | Subtle haptic feedback and brief screen wake on notifications |
13. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this document and, where the changes are material, notify you within the app or via push notification. Continued use of Wasilah after the changes take effect constitutes acceptance of the revised policy.
14. Contact
For privacy questions, requests, or complaints, please contact:
Miraz Mullick (operator of Wasilah)
Email: privacy@wasilah.site
Web: https://wasilah.site