Privacy policy.

Mizan is a private support network. We collect only what we need to verify members, run the application process, and operate in-app messaging. We do not sell or share your personal data with advertisers, and we do not run third-party tracking pixels.

Account data: email address, password (stored as a salted hash), display name.

Application data: the answers you submit on the apply form, including your stated relationship to following the Qur'an solely.

Profile data: anything you choose to add to your member profile.

Messages: the contents of in-app messages you send to other members, retained so the recipient can read them.

Operational data: technical logs (IP address, user agent, timestamps) used for security, abuse prevention, and rate-limiting.

Verification signals: the Cloudflare Turnstile challenge result during sign-up. We do not receive your IP from this challenge.

We do not collect marriage interest, sectarian affiliation, location for matchmaking, or financial information.

We do not run advertising trackers, third-party analytics pixels, or fingerprinting scripts.

To verify and review your application.

To operate your account, surface support requests, and route in-app messages.

To enforce the Code of Conduct and protect members from abuse.

To send transactional notifications (sign-up confirmation, password reset, message alerts). Email is never used for marketing or member-to-member content.

We process your data on the basis of (a) the contract you enter when joining the network, (b) our legitimate interest in keeping the network safe, and (c) your consent for any optional data you choose to provide.

We use trusted infrastructure providers (hosting, database, email delivery, bot-protection) to operate the platform. They process data only on our instructions and under appropriate safeguards.

Other members see only what your profile and messages reveal — never your email address or application contents.

We may disclose data when required by law, to protect members from imminent harm, or to defend our legal rights.

Account and profile data is kept for as long as your account is active.

Application data is retained while your account exists, so admins can review it.

If you close your account, we delete or anonymise personal data within 90 days, except where retention is required by law or to resolve disputes.

You can access, correct, export, or delete your personal data at any time by contacting us. Where applicable law gives you additional rights (UK / EU GDPR, etc.) we honour them.

You can also lodge a complaint with your local data-protection authority.

Passwords are hashed. Database access is restricted by row-level security policies, so members can only read what they are allowed to see. Admin actions are logged.

No system is perfect — please report any suspected security issue to us through the contact form.

We use a small number of strictly necessary cookies (and equivalent local storage) to keep you signed in, remember your theme preference, and protect against abuse. We do not set advertising or cross-site tracking cookies.

The Cloudflare Turnstile bot-protection challenge sets its own short-lived cookies on the sign-up page solely to verify that you are a human; it is not used for tracking.

Our infrastructure providers may process data in countries outside your own, including the European Economic Area, the United Kingdom, and the United States. Where data is transferred outside the UK / EEA, we rely on appropriate safeguards (such as the UK International Data Transfer Agreement or the EU Standard Contractual Clauses).

Mizan only facilitates introductions and messaging inside the platform. We do not vouch for any individual member or verify the truth of what they say in conversations. Any decision to share personal information, money, accommodation, or to meet a member in real life is entirely at your own discretion and risk. Verify before you travel, host, or share private details.

Mizan is intended for users aged 16 and over. We do not allow accounts for anyone under 16 and we do not knowingly collect, store, or process personal data from anyone under that age.

We've chosen 16 because it matches the highest data-protection consent age applied across the EU/UK under the GDPR, so the same minimum applies wherever you live, and because the conversations on the network are not appropriate for younger users.

If we become aware that an account holder is under 16, we will permanently close the account and delete associated personal data. If you are a parent or guardian and believe a minor has provided us with personal data, please contact us through the contact form and we will delete it promptly.

We will post material changes to this policy on this page and, where appropriate, notify you in-app or by email.

For privacy questions, data-access requests, or to raise a complaint, reach us through the contact form. UK and EU residents have the right to lodge a complaint with their local supervisory authority (in the UK, the Information Commissioner's Office at ico.org.uk).