Privacy Policy

Last updated: April 26, 2026

What we collect

When you create an account, we collect your name and email address.

As you use the app, we store your daily check-in data (mood, streak count, pledge status) and niyyah selections (your reasons for quitting).

If you record a personal dua, the audio file stays on your device only. It's never uploaded to our servers.

We collect basic usage analytics (screens visited, feature usage) to improve the app. This data is anonymous and not tied to your identity.

How we use it

  • Provide the Nafs service (check-ins, streaks, panic button)
  • Pair you with an accountability partner
  • Send you daily reminders (if enabled)
  • Improve the app based on anonymous usage patterns

What your accountability partner sees

Your partner only sees your mood today and streak day count. That's it. They never see your notes, your ibadah details, or any other personal information.

What we share

Nothing. We don't sell your data. We don't share it with advertisers. We don't give it to third parties. Your struggle is between you and Allah.

Data storage

Your account data is stored on secure cloud servers with encryption at rest and in transit. Dua audio recordings are stored on your device only and are never uploaded.

Your rights

  • Delete your account: Email us at reza@controlnafs.com with the subject "Delete my account" and we'll permanently remove all your data within 30 days.
  • Update your info: You can update your name and niyyah directly in Profile Settings inside the app.
  • Access or correct your data: Email us at reza@controlnafs.com and we'll respond within 30 days.

Content blocker and focus features

Nafs includes optional focus features that add a moment of friction before certain apps open. To provide this, Nafs may use platform APIs (such as Accessibility Services or Screen Time APIs) to detect when a shielded app comes to the foreground.

What is accessed: only the identifier of whichever app is about to open. Nothing else — no screen content, no text, no passwords, no keystrokes, no clipboard, no other user input.

Where that data goes: the app identifier is checked locally on your device against your list of shielded apps. It is never uploaded to our servers. The only events we log are high-level actions (for example, whether you completed the friction step) — never which specific app triggered them.

Your installed apps list: Nafs may request permission to display your installed apps so you can choose which ones to shield. This list is used only on your device and is never uploaded or shared.

Display permissions: Nafs may request permission to display a screen on top of other apps in order to show the friction moment. This permission is used solely to render that screen. Nafs never uses it to read or interact with any other app's content.

All data processed through these mechanisms stays on your device. You can disable focus features at any time from the Shield tab inside the app.

Age requirement

You must be at least 13 years old (or the minimum digital consent age in your country) to use Nafs. We do not knowingly collect data from anyone under 13. If you believe a child has created an account, please contact us and we'll remove it immediately.

Changes to this policy

If we make significant changes, we'll notify you through the app. Continued use after changes means you accept the updated policy.

Contact

Questions about your privacy? Email us at reza@controlnafs.com.