Privacy Policy

When you create a Tajdeed account and use the app, we collect:

• —Account data — your email address and full name when you sign up.
• —Document data — document type, country of issue, holder name, document number, issue date, and expiry date. Entered manually or extracted via AI scanning.
• —Document scans — if you use the scan feature, the photo is uploaded to secure storage for AI processing. The photo is retained as your document archive.
• —Device token — your push notification token, used solely to send you expiry alerts.
• —Usage data — basic analytics on feature usage. This does not include document content.
• —Payment data — payments are processed by RevenueCat and the App Store / Google Play. We do not store your card details.

We use your information only to provide the Tajdeed service:

• —Send expiry alerts — push notifications and email reminders at your chosen intervals (30, 14, 7, and 1 day before expiry).
• —OCR document scanning — your document image is sent to Anthropic Claude to extract structured data. The image is stored in your account; the AI does not retain it after processing.
• —Family tracking — documents added for family members are associated with your account and accessible only by you.
• —Subscription management — RevenueCat manages your subscription status. We receive only tier information (free / personal / family), never payment details.
• —Duplicate detection — we use anonymous embeddings to detect duplicate documents in your account.

Your data is stored on Supabase infrastructure hosted in the EU (Frankfurt, Germany) region.

• —Row-Level Security (RLS) — database policies ensure each user can only access their own data.
• —Encryption in transit — all data transmitted over TLS 1.2+.
• —Encryption at rest — storage and database data encrypted at rest.
• —Document scan storage — document photos stored in a private, access-controlled bucket. Not publicly accessible.

We do not sell, rent, or trade your personal data to third parties.

Tajdeed uses the following services, each bound by their own privacy policies:

We retain your data for as long as your account is active. If you delete your account:

• —All document records are permanently deleted within 30 days.
• —Document scan images are deleted from storage within 7 days.
• —Email logs are deleted within 30 days.
• —Anonymised usage analytics (no personal data) may be retained for up to 2 years.

You can request account deletion at any time by emailing hello@tajdeed.app.

You have the right to:

• —Access — request a copy of all personal data we hold about you.
• —Rectification — correct inaccurate personal data.
• —Erasure — request deletion of your account and all associated data.
• —Portability — receive your document data in JSON or CSV format.
• —Objection — object to processing beyond service delivery.

To exercise any of these rights, email hello@tajdeed.app. We will respond within 30 days. EU residents may also lodge a complaint with their national Data Protection Authority (DPA).

Tajdeed is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

We may update this Privacy Policy when we change how we handle data or add new features. We will notify you by email and via an in-app notice at least 14 days before material changes take effect.

Questions, requests, or concerns about this policy: