Privacy Policy

Mizan is a free, ad-free Muslim companion app for iPhone and iPad, prayer times, a Qibla compass, the full Quran, dhikr, a Hijri calendar, and a memorization mode. It is built to run entirely on your device. This policy describes exactly what the app does and does not do with information, in specific terms you can check against the app’s behaviour.

What stays on your device

All of the following is saved locally (in iOS’s standard preference store and the app’s sandboxed folders) and is never transmitted anywhere:

• Your settings, theme, accent, Arabic font and size, calculation method, madhhab, app language, reciter, translation, notification and quiet-hours preferences.
• Your activity, completed prayers and prayer history, tasbih counts, memorization and reading progress, daily goals, bookmarks (verses, surahs, hadiths, du’as, books), and recent searches.
• Things you write, your profile name, your journal entries (which you can lock behind Face ID or Touch ID), personal calendar events, and a Family Mode PIN if you set one.
• Cached and downloaded files, any non-bundled translation you open is cached, and any reciter you download for offline listening is saved, both inside the app’s Application Support folder.
• Your last known location, the most recent coordinate and resolved place name, kept locally so the app can open on your city and compute prayer times when you’re offline.

Deleting the app removes every bit of this from your device.

Location

Mizan requests When In Use location only. It never asks for “Always” or background location, and it deliberately requests only kilometer-level accuracy, not precise GPS, because prayer times and the bearing to Makkah don’t need it. Your location is used on your device to calculate prayer times and the Qibla direction.

One honest detail: to show your city and region name on the Today and Qibla screens, Mizan passes your coordinate to Apple’s geocoding service (the standard iOS CLGeocoder). This is a first-party Apple system service governed by Apple’s privacy policy. That lookup is the only time your coordinate leaves the device, and it goes to Apple, never to a Mizan server (we don’t run one) and never to any other third party. You can turn location off at any time in Settings → Privacy & Security → Location Services → Mizan; the app falls back to a default and keeps working.

The Qibla compass

The compass reads your device’s magnetometer heading through Core Location. Mizan does not use Core Motion and collects no motion, fitness, or activity data. iOS’s own figure-eight calibration overlay may appear when the magnetometer needs it; that is a system feature, and no sensor data is recorded or sent anywhere.

Notifications

Adhan alerts, pre-prayer reminders, calendar reminders, and the garden watering nudge are all local notifications, scheduled by iOS on your device through the system notification center. Nothing is sent to a server, and Mizan does not use push notifications. You can turn them off in iOS Settings or inside the app.

Calendar

If, and only if, you tap Add to Calendar on a Hijri event, Mizan asks for permission to add that single event to your device’s calendar. It does not read your existing events. You can also export a year of Hijri dates as an .ics file through the iOS share sheet, which needs no permission at all.

The only network requests Mizan makes

Mizan has no backend. The complete list of things that ever touch the internet is below. Each is optional, anonymous, and carries no account, name, or identifier:

• Quran text, the Arabic (Uthmani), the transliteration, and the default English (Saheeh International) and Turkish (Diyanet İşleri) translations are bundled inside the app and work fully offline. If you switch to a different translation (for example Pickthall, Yusuf Ali, Hilali, Elmalılı, or Öztürk), Mizan fetches that surah once from api.alquran.cloud and caches it on your device so it never fetches again. Only the surah number and the translation’s identifier are sent.
• Recitation audio, when you play or download a reciter, the audio streams over HTTPS from everyayah.com, a free public Quran-audio archive. Mizan sends only the path of the verse you’re playing. Your IP address is visible to that archive in exactly the way it would be if you opened the same file in Safari, with no identifiers attached. If you download a reciter for offline use, the files are stored on your device and nothing streams after that.
• City name lookup, your coordinate is sent to Apple’s geocoding service to resolve a place name, as described under Location above.
• Links you tap, opening a study link (such as quran.com, sunnah.com, or altafsir.com) or the route to Makkah hands off to your browser or to Apple Maps. From that point you’re on that service, under its own policy, not ours.

Widgets and Live Activities

The home-screen widget and the lock-screen Live Activity show your next prayer. They read that schedule from a shared container on your device (an App Group) that the app and its widget both use. This is on-device storage only; nothing about it leaves your phone.

What Mizan does not do

• No accounts, no login, no profiles, no in-app purchases, no subscriptions.
• No analytics SDKs (no Firebase, Google Analytics, Mixpanel, Amplitude).
• No crash-reporting SDKs (no Crashlytics, no Sentry).
• No advertising, no ad identifier (IDFA), and no App Tracking Transparency tracking.
• No HealthKit, Contacts, Photos, Camera, or Microphone access.
• No third-party SDKs at all, the app ships with none bundled.
• We never sell, rent, or share your personal information, because we never have it.

iCloud and backups

Mizan runs no cloud sync of its own. Like every iOS app, the data it stores on your device is included in your encrypted iCloud or computer backup only if you have device backup turned on, and that backup is controlled by you and Apple, not by Mizan. The app itself sends nothing to iCloud.

Children

Mizan does not knowingly collect personal information from anyone, including children under 13. There are no accounts, no messaging, and no user-generated content that is shared with anyone.

Your rights and controls

You stay in control of everything:

• Revoke Location, Notifications, or Calendar access at any time in the iOS Settings app.
• Clear your journal, bookmarks, downloaded audio, and other data from within Mizan’s own settings.
• Delete the app to remove all Mizan data from your device at once.

Because Mizan has no account and no server, there is no remote copy of your data for anyone to access, sell, or leak. Under the GDPR and UK GDPR, the CCPA and CPRA (California), and the KVKK (Türkiye), rights such as access, portability, and erasure are satisfied entirely on your device, your data is in your hands, literally. We do not “sell” or “share” personal information as those laws define it.

Security

Your data lives inside the app’s iOS sandbox, isolated from other apps by the operating system. Every network request the app makes uses HTTPS. The journal can be protected with Face ID or Touch ID so it stays private even if your phone is unlocked.

Changes to this policy

If the app starts doing something new with data, this page will be updated and the “last updated” date at the top will change. Material changes will also be noted in the app’s release notes on TestFlight or the App Store.

Contact

Questions about this policy or anything Mizan does: shinkayoubi@gmail.com.