Privacy Policy

Donations (public). If you donate through our checkout, you may provide an optional email address for receipts. Payment details (such as card or wallet information) are entered into Stripe’s payment interface on our site; we do not receive or store your full card number on our servers.

Technical and usage data. Like most websites, we and our hosting provider may process technical data automatically, such as IP address, approximate location derived from IP, browser type, device type, date and time of requests, and similar diagnostic information needed to deliver the service securely and reliably.

Team dashboard accounts. Authorized users who sign in to the internal dashboard provide account credentials managed by our authentication provider (email-based sign-in and related profile data as configured). Session cookies (or similar technologies) keep you signed in while you use the dashboard.

Payment and donor records (operations). To operate IslamQA contribution and internal reporting, we store information about completed payments and related Stripe records (for example, transaction identifiers, amounts, timestamps, subscription status where applicable, and limited customer metadata) in our database. This data comes from Stripe via secure server-to-server integrations (such as webhooks and reconciliation), not from you typing card data into our database.

• To process and confirm donations and subscriptions
• To send or facilitate payment receipts and support responses
• To secure the site, prevent fraud and abuse, and troubleshoot issues
• To operate internal analytics and reporting for authorized team members (contribution metrics)
• To comply with law and respond to lawful requests

We share information with service providers that help us run this site and process payments. They are permitted to use the data only to provide services to us:

• Stripe — payment processing, fraud prevention, and related payment services. Stripe processes payment data according to its own policies. See Stripe’s Privacy Policy.
• Supabase — hosted database and authentication for dashboard accounts and operational contribution data. See Supabase’s Privacy Policy.
• Hosting provider — serves the application and may process technical logs. The provider depends on how this site is deployed (for example, a serverless or edge platform).

We may also disclose information if we believe in good faith that disclosure is required to comply with law, regulation, legal process, or government requests, or to protect the rights, safety, and security of our users, the public, or our services.

We do not sell your personal information as a commodity. We do not use your donation data for third-party advertising profiles on this site.

Our service providers may process data in countries other than your own. Where required, appropriate safeguards (such as contractual clauses) may apply depending on the provider and your location.

We retain operational and payment-related records for as long as needed to run the service, meet legal and accounting obligations, resolve disputes, and enforce our agreements. Retention periods can vary by data category and legal requirements.

We use industry-standard protections appropriate to the nature of this service, including:

• Encrypted connections (HTTPS) between your browser and our site
• Payment card data handled by Stripe under PCI-DSS scope, not stored as full card numbers on our application servers
• Server-only secrets for sensitive integrations; access controls on databases and admin tools
• Verified Stripe webhook signatures so payment events we process are authentic

No method of transmission or storage is completely secure. If you believe your information has been compromised, contact us using the details below.

Depending on where you live, you may have rights to access, correct, delete, or restrict certain personal data, or to object to certain processing. To make a request, email support@islamqa-contribution.org. We will respond in line with applicable law. You may also contact Stripe or your bank for payment-specific questions.

This site is not directed at children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps.

We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the “Last updated” date. Where changes are material, we will provide additional notice if required by law. Continued use of the site after changes means you accept the updated policy.

Questions about this policy: support@islamqa-contribution.org. You can also visit our Support page.