Privacy Policy

• Personal details: Name, phone number, address, family details
• Financial data: Donations, dues, payment records
• Technical data: Device info, app usage, logs

• Account management and member administration
• Donation & payment processing
• Generating receipts and financial reports
• Notifications via app, SMS, WhatsApp, and email
• Security monitoring and performance improvement

• We never sell or rent your personal data to third parties
• Data is shared only with: payment gateways (for processing), legal authorities (when required by law), and authorized Mahallu admin members

We use secure, industry-standard cloud services such as Firebase (Google Cloud) for data storage and processing. Your data may be stored on servers inside or outside India, but always under strict security controls.

• Firebase secured cloud infrastructure
• Data encrypted at rest and in transit (TLS/SSL)
• Regular security audits and backups

• Camera / Storage — Used for uploading profile photos and official documents
• Notifications — Used for payment alerts, reminders, and important updates
• Location (optional) — Used only for GPS cemetery mapping feature, with your consent

We implement multiple layers of security to protect your data:

• End-to-end encryption for sensitive financial data
• OTP-based authentication — no password required
• Role-based access — only authorized admins see committee data
• Regular security testing and vulnerability monitoring

Your data is retained for as long as your account remains active or as required by applicable law (e.g., financial records for Wakaf Board compliance). You may request deletion of your account and associated data at any time.

• Active account data: retained indefinitely while account is active
• Financial records: retained as required by Kerala Wakaf Board regulations
• Deleted accounts: data removed within 30 days of request

You have full control over your personal data. You may exercise the following rights at any time:

• Access — View all data we hold about you
• Correction — Request corrections to inaccurate data
• Deletion — Request complete account and data deletion
• Portability — Request an export of your data
• Objection — Object to specific uses of your data

Mahallu App is designed for adult community members and committee administrators. This app is not intended for children under the age of 13.

If we become aware that a child under 13 has provided personal information, we will take immediate steps to delete such data. If you believe a child has shared data with us, please contact us immediately.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make significant changes, we will:

• Send a push notification via the Mahallu App
• Notify via WhatsApp if opted in
• Update this page with the new effective date

Continued use of the app after updates constitutes acceptance of the revised policy.