Privacy Policy
In short: Falah respects your privacy. Personal data stays on your device. No accounts, no analytics, no tracking, no ads. We operate no servers that store your information.
1. Who We Are
Falah is a Muslim prayer companion app developed and published by Mykoala Pty Ltd, an Australian company trading as Mykoala. In this Privacy Policy, "we", "us" and "our" refer to Mykoala Pty Ltd.
If you have any questions about how we handle your data, please contact us at privacy@mykoala.com.au.
2. Our Core Privacy Commitment
Falah is built on a simple principle: your personal data stays on your device and goes nowhere else.
We do not operate servers that store your personal information. We do not create user accounts. We do not track you across apps or websites. We do not sell data, share data with advertisers, or build profiles of any kind.
This is not a marketing claim — it is a technical reality. The sections below explain exactly what is stored locally on your device and why.
Verify it yourself. Falah's privacy-relevant code (RevenueCat initialisation, the absence of analytics SDKs, location-handling pathways) is published as an open-source audit mirror at github.com/SamDev1303/falah-privacy-audit. You do not have to take our word for it.
3. What We Collect
3.1 On-Device Data (never transmitted to us)
All data created during your use of Falah is stored exclusively on your device using secure local storage (react-native-mmkv). We cannot access this data. It is not synced to any cloud service we operate.
| Data | Purpose | Location |
|---|---|---|
| Location coordinates | Calculate prayer times and Qibla direction | Device only — used in-memory |
| Hijri calendar preference | Display Islamic dates correctly | MMKV local storage |
| Theme preference | Remember your display choice | MMKV local storage |
| Prayer streak counter | Track consistency across sessions | MMKV local storage |
| Calculation preferences | Method and madhab | MMKV local storage |
| Notification preferences | Adhans and reminders enabled | MMKV local storage |
3.2 Location Data
We request access to your device location for the sole purpose of calculating accurate prayer times and Qibla direction for your location. Specifically:
- Location data is processed entirely on-device using the adhan calculation library.
- Location coordinates are never transmitted to our servers because we operate no servers that receive location data.
- If you grant precise-location permission, coordinates are used in real time for calculations.
- If you deny location permission, the app will ask you to set your location manually.
- We do not access location in the background beyond what iOS/Android require to deliver scheduled adhan notifications.
3.3 Purchase Data
If you purchase a Falah subscription or the lifetime plan, that transaction is processed entirely by Apple (App Store) or Google (Google Play). We receive confirmation of a successful purchase via RevenueCat — this confirmation contains an anonymised subscriber identifier generated by RevenueCat and your subscription entitlement status. It does not include your name, email address, payment method, or any other personally identifying information unless you choose to contact us directly.
4. What We Do NOT Collect
To be explicit:
- No accounts. You do not create an account to use Falah.
- No email addresses, names, or phone numbers.
- No contacts, calendar data, or photos.
- No advertising identifiers (IDFA / GAID).
- No crash analytics or usage analytics. Version 2.1 of Falah does not include PostHog, Sentry, Firebase Analytics, or any equivalent SDK.
- No behavioural tracking. We do not know which features you use, how long you spend in the app, or what content you view.
- No biometric or health data.
- No precise movement history. Location is requested for the current calculation only.
5. Third-Party Services
5.1 RevenueCat (operated by Radar Labs Inc., Delaware, USA)
RevenueCat is operated by Radar Labs Inc. (a Delaware-incorporated company trading as RevenueCat). It processes subscription purchases and manages entitlements on our behalf. When you make a purchase, RevenueCat receives the purchase receipt from Apple or Google and assigns you an anonymised subscriber ID. RevenueCat does not receive your location, prayer preferences, or streak data.
The data RevenueCat processes is limited to the Purchase History category as defined by Apple's Privacy Nutrition Label framework. No diagnostic, usage, location, contact, or identifier data is shared with RevenueCat. Privacy policy: revenuecat.com/privacy
5.2 Apple App Store
If you download Falah on iOS, Apple processes your App Store transaction subject to Apple's own privacy policy. Privacy policy: apple.com/legal/privacy
5.3 Google Play
If you download Falah on Android, Google processes your Play Store transaction subject to Google's own privacy policy. Privacy policy: policies.google.com/privacy
5.4 OpenStreetMap / Overpass API
To display nearby mosque locations on the Qibla map, Falah queries the OpenStreetMap Overpass API with your approximate location coordinates. This is a standard map data request and does not include personally identifiable information. Privacy policy: osmfoundation.org/privacy
6. Children's Privacy
Falah is rated 4+ on the App Store and Everyone on Google Play. The app does not contain content inappropriate for children, does not display advertising, and does not collect personal information. The app is not specifically directed at children under 13. Parents and guardians may use the app with or on behalf of children without privacy concern given the on-device-only data model.
7. Data Security
Because Falah does not transmit personal data to servers we operate, there is no server-side breach vector for personal data. Data stored locally on your device is protected by your device's own security mechanisms (iOS Secure Enclave / Android Keystore where applicable, and MMKV's local file encryption).
You can delete all app data at any time by uninstalling Falah from your device.
8. Data Retention
Since all data resides on your device, you control retention entirely. Uninstalling the app removes all locally stored data. We retain no server-side records because we receive none. RevenueCat retains your anonymised subscriber identifier for the lifetime of your subscription plus a reasonable period thereafter for dispute resolution purposes, as described in their own privacy policy.
9. Your Rights
9.1 Australian Privacy Act 1988 (Cth)
If you are located in Australia, the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) apply to the extent we handle your personal information. Given our on-device-only model, we do not hold personal information about you, and APP 12 (access) and APP 13 (correction) requests will be met by directing you to your own device settings where the data lives.
Statutory tort for serious invasions of privacy. The new statutory tort under the Privacy Act 1988 (Cth) commenced on 10 June 2025. It applies to serious invasions of privacy by intrusion upon seclusion or misuse of information. Falah's local-first architecture means we hold no information that could be misused; nonetheless we acknowledge this protection is now in force for Australian residents.
Automated decision-making (ADM) disclosure. ADM transparency requirements commence on 10 December 2026. Falah's prayer-time calculations are deterministic astronomical computations — they are not "automated decisions" within the meaning of the Act. We do not use AI, machine learning, or profiling to make decisions about users that produce legal or similarly significant effects.
Data deletion requests. Because we do not hold personal information, the practical way to delete all data is to uninstall Falah from your device. If you have made a purchase and wish to request deletion of the anonymised subscriber identifier held by RevenueCat (Radar Labs Inc.) on our behalf, email privacy@mykoala.com.au with the email address used to make the purchase and we will pass the request to RevenueCat within 5 business days. Apple and Google purchase records are subject to their own retention policies.
9.2 General Data Protection Regulation (GDPR)
If you are located in the European Union or European Economic Area, to the extent GDPR applies, you have the right to access, rectify, erase, restrict, and port your personal data, and to object to processing. As we hold no personal data about you, these rights can be exercised by deleting the app. If you have a concern about RevenueCat's processing of your subscriber identifier, please contact RevenueCat directly or contact us at privacy@mykoala.com.au and we will assist.
9.3 California Consumer Privacy Act (CCPA)
If you are a California resident, you have rights under the CCPA including the right to know, the right to delete, and the right not to be sold. We do not sell personal information. If you have a question, contact us at privacy@mykoala.com.au.
10. Changes to This Policy
We will update this policy if the app materially changes how it handles data. We will update the "Last updated" date at the top and, for material changes, we will notify users via an in-app notice.
11. Contact
Email: privacy@mykoala.com.au
Website: mykoala.com.au
Postal address: Mykoala Pty Ltd, Australia
We aim to respond to all privacy enquiries within 30 days.