← Back to Chat

Privacy Policy

Last Updated: 8/18/2025

Effective Date: 8/18/2025

1. Data Controller

Company: Tauhid Lab

Contact Email: contact.uptake395@passinbox.com

Website: https://tauhidlab.com

Tauhid Lab ("we," "our," or "us") is the data controller responsible for your personal data. This privacy policy explains how we collect, use, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, password when you register
  • Chat Messages: Questions and conversations you have with our AI assistant
  • Profile Information: Any additional information you choose to provide
  • Support Communications: Messages you send to our support team

2.2 Information Automatically Collected

  • Usage Data: Pages visited, features used, time spent on the platform
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Server logs, error reports, performance metrics
  • Cookies: See our Cookie Policy section below for detailed information

2.3 Third-Party Information

  • Telegram Integration: Telegram user ID and profile information (if you connect)
  • Analytics Data: Aggregated usage statistics from our analytics providers

3. Legal Basis for Processing

Consent (Article 6(1)(a) GDPR)

Analytics cookies, marketing cookies, and optional features

Contract Performance (Article 6(1)(b) GDPR)

Providing AI chat services, account management, service delivery

Legitimate Interest (Article 6(1)(f) GDPR)

Security monitoring, fraud prevention, service improvement, essential cookies

Legal Obligation (Article 6(1)(c) GDPR)

Compliance with applicable laws and regulations

4. How We Use Your Information

  • Service Delivery: Provide AI chat assistance and platform functionality
  • Account Management: Create and manage your user account
  • Communication: Send service-related notifications and support responses
  • Improvement: Analyze usage patterns to enhance our services
  • Security: Detect and prevent fraud, abuse, and security threats
  • Legal Compliance: Meet legal obligations and enforce our terms
  • Marketing: Send promotional content (only with your consent)

5. Data Sharing and Transfers

5.1 Third-Party Service Providers

  • Google Analytics: Website analytics and usage statistics
  • PostHog: Product analytics and user behavior tracking
  • Hosting Providers: Cloud infrastructure and data storage
  • Email Services: Transactional and marketing email delivery

5.2 International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure adequate protection through:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable

5.3 Legal Disclosures

We may disclose your information when required by law, court order, or to protect our rights, property, or safety, or that of our users or the public.

6. Data Retention

  • Account Data: Retained while your account is active and for 3 years after deletion
  • Chat Messages: Retained for service improvement, deleted upon account deletion
  • Analytics Data: Anonymized and retained for up to 26 months
  • Marketing Data: Retained until consent is withdrawn or for 13 months
  • Log Data: Retained for 12 months for security and debugging purposes
  • Legal Hold: Data may be retained longer if required by legal proceedings

7. Cookie Policy

7.1 What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us provide and improve our services.

7.2 Types of Cookies We Use

Necessary Cookies (Always Active)

Purpose: Essential website functionality, authentication, security
Legal Basis: Legitimate Interest
Retention: Session only or until logout
Examples: Login status, security tokens, basic preferences

Analytics Cookies (Requires Consent)

Purpose: Usage analytics, performance monitoring
Legal Basis: Consent
Retention: Up to 26 months
Third Parties: Google Analytics, PostHog
Data: Page views, click events, anonymized user behavior

Marketing Cookies (Requires Consent)

Purpose: Personalized advertising, conversion tracking
Legal Basis: Consent
Retention: Up to 13 months
Third Parties: Google Ads, Facebook Pixel
Data: Ad interactions, conversion events, remarketing data

Preference Cookies (Requires Consent)

Purpose: Remember user preferences and settings
Legal Basis: Consent
Retention: Up to 12 months
Data: Language preferences, theme settings, UI customizations

7.3 Managing Cookies

You can manage your cookie preferences through our cookie consent banner or by adjusting your browser settings. Note that disabling necessary cookies may affect website functionality.

8. Your Rights Under GDPR

Right to Access (Article 15)

Request a copy of the personal data we hold about you

Right to Rectification (Article 16)

Correct inaccurate or incomplete personal data

Right to Erasure (Article 17)

Request deletion of your personal data ("right to be forgotten")

Right to Restrict Processing (Article 18)

Limit how we use your personal data in certain circumstances

Right to Data Portability (Article 20)

Receive your data in a structured, machine-readable format

Right to Object (Article 21)

Object to processing based on legitimate interests or for direct marketing

Right to Withdraw Consent (Article 7)

Withdraw consent at any time where processing is based on consent

Right to Lodge a Complaint

File a complaint with your local data protection authority

How to Exercise Your Rights

To exercise any of these rights, please contact us at contact.uptake395@passinbox.com. We will respond to your request within 30 days. You may need to provide identification to verify your identity.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Employee training on data protection
  • Incident response and breach notification procedures

10. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we may also provide additional notice such as email notification.

12. Contact Us

Data Protection Contact:

Email: contact.uptake395@passinbox.com

Subject Line: "Privacy Policy Inquiry" or "GDPR Request"

For general inquiries about our services, please visit our main contact page. For privacy-specific matters, please use the email above.

13. Supervisory Authority

If you are located in the EU/EEA and have concerns about our data processing that we cannot resolve, you have the right to lodge a complaint with your local data protection authority. You can find contact information for EU data protection authorities at:https://edpb.europa.eu/about-edpb/board/members_en

navigation.termsnavigation.privacynavigation.aboutnavigation.contactnavigation.feedbacknavigation.contributions

© 2025 Islamic Knowledge Assistant. All rights reserved. contact.uptake395@passinbox.com