Privacy Policy
Last updated: July 8, 2026
QuranWay is built to respect your privacy. Here, in plain words, is what stays on your device, what we use to improve the service, and what we never do. This page covers the site quranway.xyz, the web app app.quranway.xyz, and the QuranWay iOS app.
No account needed to read
You can read the Quran, listen, and track your progress without creating an account. Your bookmarks, reading position, streak, and settings are stored in your browser, not on our servers. If you allow location access, it is used only in your browser to calculate prayer times and the qibla — your GPS coordinates are never sent to us.
Usage analytics (to improve the service)
We use audience-measurement tools (PostHog, hosted in the United States) to understand how the site and app are used (pages viewed, funnel steps) and to improve them. This data is tied to an anonymous identifier, not to your identity, and includes neither your name nor your precise location.
Advertising measurement & cookies
There are no ads in the app or on the site. However, if you arrive via a referral link or an ad, we may store a referral code in your browser to credit the right partner, and we use campaign-measurement pixels (e.g. Meta, TikTok, Google) on the site to measure our campaigns. You can block these cookies from your browser.
Payments
Subscriptions and purchases are handled by our payment providers (RevenueCat and Stripe). We never see your card details. If you buy on the web, we keep your email for one reason only: to let you restore your subscription on another device.
Email: purchase recovery & partnership
If you use “Recover my purchase,” you give us your email to locate your subscription; it is processed by Stripe and our email provider (Mailjet) to send you a secure link valid for 15 minutes. The “Partner program” form collects the information you enter (name, email, platform, audience, message) and sends it to us by email.
The QuranWay iOS app
This page is also the official privacy policy of the QuranWay iOS app (the one referenced on the App Store). In the app: your reading and progress feed our internal analytics (BPA Hub), tied to a random identifier — there is no account. To measure our ad campaigns, the app includes the TikTok Business SDK: the advertising identifier (IDFA) is used only if you accept Apple's App Tracking Transparency (ATT) prompt, and you can refuse or change your mind at any time in iOS Settings. Recitation audio streams from the everyayah.com CDN, which sees your IP address like any server delivering a file to you. Purchases go through Apple (StoreKit) and RevenueCat — we never see your card. App blocking (Screen Time) runs 100% on your device: Apple only gives us opaque tokens, so we never know which apps you block and nothing about them reaches us. Your personalization photos never leave your device, and your location (prayer times, qibla) is never sent to our servers.
What we never do
We never sell or rent your data to data brokers. Using analytics to improve the service is not the same as selling your data — and we do not sell it.
Your rights
Depending on where you live, you may request access to or deletion of data about you, and decline measurement cookies from your browser. Write to us and we will help.
Security
All exchanges with the site go over an encrypted connection (HTTPS/TLS).
Changes
We may update this policy. Any change will be published here with a new date.
Contact us
For any question or request about your data: baptiste@bpa-solutions.app