Privacy Policy

How we collect, use, and protect your personal information

📅 Last updated: May 2025 · Effective: May 2025

🌙 Islamic Data Ethics Statement

MyNikkahOnline is committed to handling your personal data with the utmost care, honesty (Amanah), and trustworthiness (Sidq). We treat every user's information as a sacred trust (Amanah) bestowed upon us. We will never sell, misuse, or betray the trust of our members. Your data is used solely to help you find a righteous life partner — nothing more.

"Indeed, Allah commands you to render trusts to whom they are due..." — Quran 4:58

1. Information We Collect

1.1 Information You Provide

  • Full name, gender, date of birth, and profile-for details
  • Email address and mobile number (for verification)
  • Password (stored as a one-way bcrypt hash — we cannot see your password)
  • Profile details: sect, district, profession, education, family background
  • Contact form submissions

1.2 Information Collected Automatically

  • IP address (used for security and rate limiting — never shared publicly)
  • Browser type and version (for compatibility)
  • Pages visited and time spent (aggregate analytics only)

2. How We Use Your Information

  • To create and maintain your matrimonial profile
  • To verify your identity via email OTP
  • To match you with compatible profiles based on your preferences
  • To send important account notifications (OTP, security alerts)
  • To prevent fraud and ensure platform safety
  • To improve our services (aggregated, anonymized data only)

3. Information Sharing

We will never sell your personal information to third parties. Your data may be shared only:

  • With your explicit consent (e.g., sharing contact details with a match)
  • When required by law (court order, law enforcement request)
  • With trusted service providers who assist our operations (email delivery, hosting) under strict confidentiality agreements

4. Data Security

  • All passwords are hashed using bcrypt — we cannot retrieve your password
  • OTPs are stored as SHA-256 hashes and expire after 10 minutes
  • All data transmission is encrypted via HTTPS/TLS
  • Database access is restricted to authorized personnel only
  • Security headers (CSP, HSTS, X-Frame-Options) are applied to all pages
  • Rate limiting prevents brute-force attacks on accounts

5. Your Rights

  • Access: Request a copy of your personal data
  • Correction: Update incorrect information in your profile
  • Deletion: Request deletion of your account and all associated data
  • Portability: Receive your data in a portable format
  • Objection: Object to how we process your data

To exercise these rights, contact us at privacy@mynikkahonline.com

6. Cookies

We use only essential cookies:

  • Session cookie: Keeps you logged in during your session
  • Remember me cookie: Optional 30-day login cookie (only if you enable it)
  • CSRF token: Security cookie to prevent cross-site request forgery

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

7. Data Retention

  • Active profiles: retained while your account is active
  • Deleted accounts: personally identifiable data removed within 30 days
  • OTP tokens: automatically deleted after use or expiry
  • Contact messages: retained for 2 years for support continuity

8. Children's Privacy

MyNikkahOnline is strictly for users aged 18 and above. We do not knowingly collect data from minors. If you believe a minor has registered, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated by email or a prominent notice on the site. Continued use after changes constitutes acceptance.

10. Contact

For privacy-related queries:
📧 privacy@mynikkahonline.com
🌐 Contact form