Privacy Notice

How TahfizFlow handles personal data.

This notice explains how TahfizFlow collects, uses, stores and protects personal data for sales inquiries, onboarding, institution administration, student monitoring, reports, notifications and support.

Last updated: 12 Jul 2026

Data we collect

Contact details, account details, institution details, role information, student profile data, hafazan and tasmi records, murajaah plans, audio submissions, reports, support messages and system audit logs where applicable.

Purpose of processing

We process personal data to provide the TahfizFlow service, manage tenant access, generate reports, send notifications, provide support, improve security and respond to sales or onboarding inquiries.

Disclosure and processors

Data may be shared only with authorized users in the same institution and selected service providers such as hosting, storage, email, WhatsApp or payment providers when enabled. We do not sell personal data.

Security and access

TahfizFlow uses role-based access control, tenant isolation, protected files, audit logs and environment-based secrets to reduce unauthorized access risk.

Retention

Personal data is kept only as long as needed for service delivery, legal, billing, security, reporting or support purposes. Institutions may request deletion or export according to the applicable agreement.

Your rights

You may request access, correction or withdrawal of consent where applicable by contacting the TahfizFlow administrator or support contact.

This operational notice is a product compliance baseline and should be reviewed by a qualified legal or PDPA advisor before public launch.