Privacy Policy

Last updated: September 15, 2025

1) Who We Are

Masajid Manager (“we”, “us”) provides cloud software that helps mosques, Islamic centers, nonprofits, and community organizations manage memberships, donations, subscriptions, kiosks, and reporting.

  • Service Operator (Processor): Masajid Manager processes personal data on behalf of subscribing organizations (“Organizations” or “Tenants”) for their member and donor operations.

  • Website Operator (Controller): Masajid Manager is the controller for data collected on our marketing website, product demo pages, and support channels.

  • Organization Controller: Each subscribing Organization is the controller of its member/donor data inside its Masajid Manager workspace.

2) Scope of This Policy

This policy covers:

  • Our public websites, demos, and sales/support channels
  • The Masajid Manager Admin Console, Member Portal, Mobile App, and Kiosk
  • Data we process for Organizations inside their private workspaces

3) Information We Collect

A) Account, Membership & Donation Data
  • Identity & contact: name, email, phone, address, DOB (where required), photo (optional)
  • Membership details: type, category/plan, dependents, seat assignments (for organizations), status & history
  • Donations & subscriptions: amounts, currency, frequency, campaign/fund, invoices & receipts
  • Kiosk interactions: card/QR scans, OTP verification via mobile number, donation/dues submissions
  • Digital membership cards: QR identifiers, issuance/revocation logs
  • Documents & forms: custom fields, file uploads, consents, application responses
B) Payment Data
  • Processed via third-party gateways (e.g., Stripe). We do not store full card numbers.
  • We may store limited payment metadata (last 4 digits, brand, expiration month/year) and transaction references for receipts and reconciliation.
C) Technical & Usage Data
  • Device, browser, OS, IP address, time zone, language, referring URLs
  • App and portal activity, feature usage, error logs, and performance metrics
  • Cookies and similar technologies (see Cookies below)
D) Communications
  • Emails, SMS, push notification preferences, support tickets, survey responses

4) How We Use Your Information

A) To deliver the Masajid Manager service
  • Provision secure tenant workspaces, authenticate users, and enforce roles & permissions
  • Manage memberships, donations, subscriptions, invoices, receipts, campaigns, and kiosks
  • Generate dashboards, reports, and exports for authorized users
B) To improve, secure, and support Masajid Manager
  • Monitor reliability, prevent fraud/abuse, debug issues, and enhance features
  • Provide customer support and product announcements (opt-out available)

5) How We Share Information

We do not sell personal data. We may share with:

  • Organizations (Controller):Member/donor data is accessible to the Organization’s authorized admins
  • Service providers (Subprocessors): hosting, email/SMS, analytics, payment, support
  • Legal & safety: to comply with law, enforce terms, or protect rights/security

6) Cookies & Similar Technologies

We use cookies and local storage for:

  • Strictly necessary: login sessions, load balancing, security
  • Preferences: language, time zone, accessibility
  • Analytics: usage and performance reports
  • Marketing (website only): ad/attribution cookies where consented

7) Data Retention

We retain data for as long as necessary to deliver the service and as required by law:

  • Membership & donation records: per Organization policy and legal retention (e.g., tax)
  • Invoices & receipts: typically, 7–10 years (jurisdiction dependent)
  • Account/log data: shorter periods for security and troubleshooting
  • Marketing site leads: until withdrawn or after defined inactivity windows

When retention ends, data is securely deleted or anonymized.

8) Security

We implement industry-standard safeguards:

  • Audit logs
  • Encryption in transit and at rest, modern TLS
  • Vulnerability management, backups, disaster recovery

9) International Data Transfers

Where data moves outside its origin country/region, we use appropriate safeguards (e.g., Standard Contractual Clauses). Additional regional addenda may apply.

10) Your Privacy Rights

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal data
  • Object to or restrict processing; data portability
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a supervisory authority

Members/donors: please contact your Organization (controller) first.
Website/demo users: contact Masajid Manager at contactus@masajidmanager.com.

We will verify your identity before fulfilling requests and respond within applicable timelines.

11) Children’s Privacy

Masajid Manager is not directed to children under the age required by local law without parental/guardian involvement. Organizations are responsible for obtaining required consents where youth programs collect data.

12) Organization Responsibilities

Organizations using Masajid Manager must:

  • Configure lawful bases for processing (e.g., consent, contract)
  • Set and publish their own privacy notices and retention policies
  • Manage user access and review audit logs
  • Respond to data subject requests and regulatory obligations

Masajid Manager provides tools (exports, deletion requests, consent fields) to support these obligations.

13) Third-Party Links & Integrations

Masajid Manager may link to third-party sites or integrate with services (e.g., payment gateways). Their privacy practices are governed by their own policies. Review those policies before sharing data.

14) Kiosk, Mobile, and Digital Card Details

  • Kiosk: Members identify via digital card (QR/NFC) or mobile OTP. Guests can donate using name + mobile. We log transactions and send receipts via email/SMS.
  • Mobile App: Offers push notifications (opt-in), and offline cache for your digital card.
  • Digital Membership Cards: Store a tokenized identifier (not full personal data) for fast verification. Cards can be revoked/reissued at any time.

15) Marketing Communications

You can opt out of non-essential emails/SMS at any time via unsubscribe links, notification settings, or by contacting support. Transactional messages (e.g., receipts, security alerts) are required to operate the service.

16) Do Not Track & Automated Decision-Making

Masajid Manager does not respond to Do Not Track signals. We do not engage in automated decision-making that produces legal or similarly significant effects without human review.

17) Changes to This Policy

We may update this policy to reflect changes in technology, law, or our services. The “Last updated” date will change. Material changes will be announced via the product or email where appropriate.

Contact

Questions? contactus@masajidmanager.com