DarsDars

◆ Privacy

Privacy Policy

Last updated 6 May 2026

This policy explains what personal information Dars collects, why we collect it, who we share it with, and the rights you have over it. We've tried to write it in plain English. If anything is unclear, email us at support@darsapp.com.

Who we are

Dars (“we”, “us”) is the operator of the Dars mobile app and the website at darsapp.com. We are the data controller for the personal information described below. You can reach us at support@darsapp.com.

What we collect

We collect only what we need to run the app. The categories below are exhaustive — we don't collect anything else.

Account information

  • Your email address and display name, supplied when you sign up.
  • If you sign in with Apple or Google, the identifier that provider returns to us (we don't see your Apple/Google password).
  • Optional profile fields you choose to provide: chosen username, avatar style, study pathway, year level, madhab, syllabus preferences, daily-minutes goal, preferred study time, and language.
  • For students under 16, a parent or guardian email address may be collected at sign-up so we can comply with UK GDPR safeguarding requirements.

Study activity

  • Your progress through the curriculum: which books and chapters you've read, marked, or starred; flashcard review state and ratings; study session length and outcomes; mock-exam results; streaks and achievements.
  • Notes you write inside the app.
  • Custom flashcard decks and study materials you create or import.
  • Marketplace listings you publish, including the title, description, and content of any deck or PDF you upload.

AI tutor (“Abdullah”) conversations

When you message the in-app AI tutor, we store your messages and the AI's responses on our servers so the conversation persists across devices. To produce replies, your message and a small amount of relevant curriculum context are sent to our AI providers — currently Anthropic and OpenAI — under their enterprise terms. They process the text only to generate a response and do not use it to train their models.

Subscriptions and purchases

If you subscribe to Dars Pro or buy a top-up, the actual payment is processed by Apple (App Store) or Google (Play Store). We do not receive your card details. We do receive, via our subscription provider RevenueCat, a record of your subscription status, product identifier, renewal date, and an anonymous customer identifier so we can grant or revoke Pro features.

Device and analytics

  • Anonymous product analytics (which screens you open, which features you use) via PostHog. We don't use this to identify individuals.
  • Crash reports and error diagnostics via Sentry. These include your user identifier so we can reproduce the bug, plus the technical context of the error.
  • Push-notification tokens (if you grant permission) so we can send study reminders.
  • Standard technical information any app or website receives: device model, operating system version, app version, IP address of the request, language, and timezone.

How we use it

  • To run the app and sync your progress across devices.
  • To grant features matched to your subscription tier.
  • To improve the app: fix bugs (Sentry), understand which features people use (PostHog), and respond to support requests.
  • To send study reminders and notifications you've opted into.
  • To meet legal obligations (tax, accounting, responding to lawful requests).

We do not sell your personal information. We do not run third-party advertising in the app.

Who we share it with

We use a small number of vendors (“processors”) to run Dars. Each only gets the data it needs to do its job, and is bound by a written data-processing agreement.

  • Clerk — authentication (sign-up, sign-in, password and OAuth handling).
  • Supabase — primary database and file storage for your account, study state, notes, decks, and marketplace uploads.
  • RevenueCat — subscription management and receipt validation.
  • Anthropic and OpenAI — generation of AI tutor replies. They process inputs only to produce outputs and do not train on your data.
  • PostHog — product analytics, hosted in the EU.
  • Sentry — crash reporting.
  • Apple, Google, Resend — for in-app purchases, push notifications, and transactional email respectively.

International transfers

Some of the providers above are based in the United States. Where personal information is transferred outside the UK or EU, we rely on the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or an adequacy decision, depending on the recipient.

How long we keep it

  • Account, study activity, notes, and decks: kept while your account exists. Deleted when you delete your account.
  • AI tutor conversations: kept while your account exists. Deleted when you delete your account.
  • Crash reports: 90 days, then automatically purged by Sentry.
  • Analytics events: 12 months, then anonymised or purged by PostHog.
  • Subscription and payment records: kept for 7 years where required for tax and accounting law.

Your rights

Under the UK GDPR you have the right to access, correct, port, and erase your personal information, to object to or restrict its processing, and to withdraw consent where we rely on it. You can exercise most of these from inside the app:

  • Delete your account — in the app, go to Profile → Delete account. This permanently erases your profile, study history, notes, decks, AI conversations, and any marketplace listings you've published.
  • Get a copy of your data — email us at support@darsapp.com and we'll send an export within 30 days.
  • Correct or restrict — most profile fields can be edited inside the app. For anything you can't edit there, email us.

If you believe we've handled your data unlawfully, you can complain to the UK Information Commissioner's Office at ico.org.uk/make-a-complaint. We'd appreciate the chance to put it right first — email support@darsapp.com.

Children

Dars is intended for Alimiyyah students aged 11 and older. Children under 13 should only use Dars with the involvement of a parent, guardian, or madrasah. For users under 16 in the UK or EU, we may ask for a parent or guardian email address at sign-up. Parents who want to review or delete their child's account can email support@darsapp.com.

Security

All traffic between the app and our servers is encrypted in transit (HTTPS/TLS). Your account is protected by your sign-in method (Apple, Google, or email + password handled by Clerk). Database access is row-level-restricted so other users cannot read your private data. No system is perfectly secure — if you spot a vulnerability, please email support@darsapp.com.

Changes to this policy

If we make material changes we'll update the “Last updated” date at the top of this page and, where the change is significant, notify you in-app or by email before the change takes effect.

Contact

Questions, requests, or complaints: support@darsapp.com.