How do I calculate my zakat?

Zaqat calculates your zakat by totaling your zakatable assets and subtracting eligible liabilities based on your chosen madhab or school of fiqh. Supports both Sunni (Hanafi, Maliki, Shafi'i, Hanbali) and Shia (Ja'fari) jurisprudence.

What madhabs does Zaqat support?

Zaqat supports all four Sunni madhabs (Hanafi, Maliki, Shafi'i, Hanbali) and Ja'fari (Twelver Shia) fiqh. Each applies its own rulings on zakatable assets, debt deductions, and nisab thresholds.

Is Zaqat free to use?

Yes. Manual asset entry and full zakat calculation are free forever, no credit card required. Premium features like bank account sync via Plaid, annual reminders, household mode, and CSV import are available starting at $5.99/month or $54.99/year.

What is the nisab threshold?

The nisab is the minimum wealth threshold that makes zakat obligatory. It is commonly measured by the value of 85 grams of gold or 595 grams of silver. Zaqat uses live gold and silver prices to calculate the current nisab automatically.

Can I calculate zakat for my whole family?

Yes. Zaqat's Household Mode lets you track zakat for your spouse, dependents, and extended family. Each member gets individual calculations, and you can view a combined household total.

← Back to Home

Privacy Policy

Effective Date: March 1, 2026 | Last Updated: March 25, 2026

Products: OurBarakah (ourbarakah.com) & Zaqat (zaqat.org)

Operated by Summer Slice LLC

1. Introduction and Scope

Summer Slice LLC, a limited liability company organized under the laws of the United States ("Company," "we," "our," or "us"), is committed to protecting the privacy and security of personal information entrusted to us by users of our services. This Privacy Policy ("Policy") describes how we collect, use, store, disclose, transfer, and otherwise process personal information when you access or use the websites, web applications, mobile experiences, application programming interfaces ("APIs"), tools, features, and content operated under the OurBarakah (ourbarakah.com) and Zaqat(zaqat.org) brands, collectively referred to as the "Service."

This Policy applies to all users of the Service, including registered account holders, visitors to our public-facing pages and informational tools, and any person whose information is submitted to the Service by an authorized user (e.g., household members, estate plan beneficiaries). This Policy does not apply to the practices of third-party companies or individuals that we do not own or control, or to individuals that we do not employ or manage, even where such third parties' services are integrated with or accessible through the Service.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree with any provision of this Policy, you must immediately discontinue all access to and use of the Service. Your continued use of the Service following the posting of any changes to this Policy shall constitute your acceptance of such changes.

2. Definitions

For purposes of this Policy, the following terms shall have the meanings set forth below:

"Personal Information"(also referred to as "Personal Data") means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable natural person or household.
"Financial Information" means information relating to your financial accounts, assets, liabilities, holdings, transactions, balances, and related data, whether submitted manually or obtained through third-party integrations.
"Processing" means any operation or set of operations performed on Personal Information, including but not limited to collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, combination, restriction, erasure, or destruction.
"Sub-Processor" means any third-party entity engaged by us that processes Personal Information on our behalf in connection with the Service.
"Special Category Data"means Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person's sex life or sexual orientation, as such term is defined under applicable data protection law.

3. Information We Collect

We collect several categories of information, depending on how you interact with the Service. The categories and specific types of information collected are described below.

3.1 Account and Authentication Information

Full name, email address, login credentials (password hash), and user profile details you provide during account registration or subsequently update.
Authentication data received from third-party identity providers you authorize, including Google and Apple (e.g., display name, email address, unique account identifier). We receive only the information you authorize these providers to share and do not receive your password for those services.
Multi-factor authentication ("MFA") enrollment status and factor metadata. We do not store your TOTP secrets or recovery codes in plaintext.
User preferences and configuration settings, including but not limited to Islamic school of thought (madhab), sect affiliation, preferred currency, theme preferences, notification preferences, and onboarding progress.
Support correspondence, including the content and metadata of support requests, communications, and feedback you submit through the Service.

3.2 Financial Information

Financial account data, balances, holdings, and transaction metadata obtained from approved third-party data aggregation services such as Plaid, Inc., including but not limited to bank account names, financial institution names, account types, sub-types, current balances, and available balances.
Investment holdings data from connected brokerage accounts, including ticker symbols, security names, quantities, market values, cost basis, security types, and International Securities Identification Numbers (ISINs) or similar identifiers.
Financial details you manually enter into the Service, including but not limited to cash balances, savings account values, gold and silver holdings (by weight and value), cryptocurrency holdings, real estate valuations, business asset values, accounts receivable, liabilities, debts, and accompanying notes or descriptions.
Zakat calculation inputs, parameters, outputs, and related records, including historical calculations, calculation methodology selections, and hawl (lunar year) tracking dates.
Zakat payment tracking records, payment history, recipient information, and payment method designations.
Estate planning financial data, including total estate valuations, outstanding debts, anticipated funeral expenses, charitable bequests, and Faraid (Islamic inheritance) share calculations.

3.3 Household Information

If you utilize the Household Mode feature, we collect names and financial data for each household member you add to your account. You represent and warrant that you have obtained the informed consent or possess the legal authority (such as legal guardianship or power of attorney) to provide such information on behalf of each household member whose data you submit.

3.4 Estate Planning Information

Testator identifying information: name, email address, gender, marital status, and religious sect or school of thought.
Spouse identifying information (for joint estate plans): name, email address, gender, and sect.
Heir and beneficiary identifying information: names, familial relationships, gender, and living status, for the purpose of computing Faraid inheritance shares.
Lawyer or legal representative contact information (if voluntarily provided): name, email address, law firm or practice name.
Estate financial data: total estate valuations, outstanding liabilities, estimated funeral expenses, charitable bequest amounts, and resulting inheritance share allocations.

3.5 Investment Screening Information

Ticker symbols, security identifiers, and security names from your connected brokerage accounts are transmitted to the RizqInvests screening database for the purpose of determining Shariah compliance status.
Screening results (classified as halal, not halal, doubtful, or not screened) are stored in association with your account and the respective securities.

3.6 AI Assistant Data

Conversation messages, prompts, and responses exchanged between you and the Barakah AI assistant, stored for your reference and retrieval.
When you enable the optional "Use My Data" feature, an anonymized, aggregated financial summary (containing no personally identifiable information) is generated and included in the AI prompt context. This summary is regenerated fresh for each request and is not permanently stored alongside conversation records.

3.7 Payment and Billing Information

Subscription and payment transactions are processed by Stripe, Inc. ("Stripe"). We do not directly collect, store, or process your full credit card number, debit card number, bank account number, or other complete payment instrument details. Stripe receives and processes your payment information in accordance with Stripe's Privacy Policy and is certified as a PCI Level 1 Service Provider.
We store your Stripe customer identifier, subscription status, subscription plan type, billing period start and end dates, and transaction history references in our database for the purpose of managing your account access and entitlements.

3.8 Usage, Device, and Technical Information

Server log data including Internet Protocol ("IP") address, browser type and version, operating system, referring URL, and access timestamps.
Device information including device type, screen resolution, operating system version, and application performance diagnostics.
Feature usage patterns, interaction events, and navigation paths within the Service.
Pages visited, session duration, click events, and general geographic region (collected via Google Analytics when you have provided consent, as described in Section 4 below).
Error logs, crash reports, and performance telemetry used for debugging and service reliability purposes.

3.9 Information Received from Third Parties

We may receive information about you from third-party sources, including identity providers (Google, Apple), financial data aggregators (Plaid), payment processors (Stripe), and analytics providers (Google Analytics), and we may combine such information with information we collect directly through the Service.

4. Cookies, Local Storage, and Tracking Technologies

4.1 Essential Cookies and Storage

We use strictly necessary cookies and browser storage mechanisms (including localStorage and sessionStorage) to:

Establish, maintain, and manage your authenticated session.
Remember user preferences such as theme, brand selection, madhab, and onboarding progress state.
Cache application data locally to improve performance and reduce redundant network requests.
Implement security measures including cross-site request forgery ("CSRF") protection.

These technologies are necessary for the proper functioning of the Service and cannot be disabled without impairing core functionality.

4.2 Analytics Cookies (Optional, Consent-Based)

With your affirmative consent, we use Google Analytics (measurement ID: G-B4D4PF3ZFT) to collect anonymized usage data for the purpose of understanding how the Service is used and improving user experience. Analytics cookies collect information including pages visited, session duration, bounce rate, and general geographic region.

You may accept or decline analytics cookies through our cookie consent banner, which is presented upon your first visit to the Service.
If you decline non-essential cookies, no analytics tracking scripts will be loaded and no analytics data will be collected from your session.
You may withdraw your consent at any time by clearing your browser cookies and revisiting the Service, at which point the consent banner will reappear.
Google's data practices are described in Google's Privacy Policy. You may also opt out of Google Analytics across all websites by installing the Google Analytics Opt-out Browser Add-on.

4.3 Do Not Track Signals

Some web browsers transmit "Do Not Track" ("DNT") signals to websites. Because there is no universally accepted standard for how to respond to DNT signals, the Service does not currently respond to or alter its practices upon receiving DNT signal requests. However, you may control tracking through our cookie consent mechanism and the browser-level controls described above.

5. Legal Bases for Processing (GDPR and Equivalent Laws)

For users located in the European Economic Area ("EEA"), the United Kingdom ("UK"), Switzerland, and other jurisdictions that require a lawful basis for Processing Personal Data, we rely on one or more of the following legal bases:

Performance of a Contract (Article 6(1)(b) GDPR): Processing necessary to perform our contractual obligations to you, including providing account functionality, executing zakat calculations, processing financial data integrations, conducting investment screening, generating estate planning documents, managing subscriptions and billing, and delivering the core features of the Service.
Legitimate Interests (Article 6(1)(f) GDPR): Processing necessary for our legitimate interests or those of a third party, provided such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include: maintaining the security and integrity of the Service; detecting, investigating, and preventing fraud, abuse, and unauthorized access; improving service reliability, performance, and user experience; conducting internal analytics and business intelligence; and communicating with you regarding your account and the Service.
Consent (Article 6(1)(a) GDPR): Processing based on your freely given, specific, informed, and unambiguous consent, including: the use of analytics cookies; enabling the "Use My Data" mode in the AI assistant; and any marketing communications you opt in to receive. You have the right to withdraw your consent at any time without affecting the lawfulness of Processing based on consent before its withdrawal.
Legal Obligation (Article 6(1)(c) GDPR): Processing necessary to comply with a legal obligation to which we are subject, including compliance with tax laws, financial regulations, court orders, and lawful government requests.

5.1 Special Categories of Personal Data

The Service enables you to configure preferences related to your Islamic school of thought (madhab) and sect affiliation. Such information may be considered "Special Category Data" revealing religious beliefs under applicable data protection law (including Article 9 of the GDPR). We process this information solely on the basis of your explicit consent (Article 9(2)(a) GDPR), which you provide by voluntarily selecting and saving these preferences within the Service. This information is used exclusively to customize the Service's calculations and outputs to align with your preferred jurisprudential methodology and is not used for profiling, marketing segmentation, or any other purpose. You may update or remove these preferences at any time through your account settings.

6. How We Use Your Information

We use the information we collect for the following purposes, and we limit our use of Personal Information to that which is reasonably necessary and proportionate to achieve these purposes:

To provide, operate, maintain, and improve the Service and its features, including account management, authentication, and session management.
To process Financial Information for zakat calculations, investment screening, estate planning, and related user workflows.
To facilitate Shariah compliance screening of investment holdings via the RizqInvests database.
To generate estate planning documents, including Faraid inheritance share calculations and will document templates.
To power the Barakah AI-powered educational assistant, including generating and processing conversational prompts and responses (see Section 8).
To process subscription payments, manage billing cycles, and administer account entitlements through Stripe.
To deliver live support chat communications and manage support interactions via our support infrastructure.
To improve the stability, security, reliability, and performance of the Service, including debugging, error analysis, and infrastructure monitoring.
To respond to your inquiries, support requests, and feedback communications.
To send transactional and service-related communications, including account notifications, security alerts, billing confirmations, and material changes to these Terms or our policies.
To conduct internal analytics, generate aggregated and anonymized statistical reports, and inform product development decisions.
To detect, investigate, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms of Use.
To comply with applicable legal obligations, respond to lawful government requests, and enforce our agreements.
To exercise or defend legal claims and protect the rights, property, and safety of the Company, our users, and the public.

7. Third-Party Service Providers

We engage trusted third-party service providers to assist in operating the Service and processing Personal Information on our behalf. These providers perform functions such as authentication, database management, hosting, financial data aggregation, payment processing, AI model inference, investment compliance screening, analytics, support communications, and related operational services.

Each service provider is bound by contractual obligations to process Personal Information only as necessary to perform services on our behalf, in accordance with our instructions, and in compliance with applicable data protection law. We share only the minimum categories of information required for each provider to fulfill its designated function.

Where you choose to use specific features of the Service — such as connecting financial accounts, enabling the AI assistant, processing payments, or initiating support conversations — information necessary to deliver those features may be shared with the applicable provider. The specific types of data involved in each feature are described in the relevant sections of this Policy (Sections 8 through 10).

Each third-party provider operates under its own privacy policy and terms of service. We encourage you to review the privacy policies of providers whose services you interact with through the Service. We may update the list of providers we engage from time to time; material changes to the providers that process your Personal Information will be reflected in updates to this Policy.

8. Third-Party Financial Data Integrations (Plaid)

If you choose to connect financial accounts through Plaid, Inc. or similar third-party data aggregation providers, you expressly authorize those services to share selected financial account information with us for the purposes described in this Policy. Your use of such integrations is additionally governed by the provider's own terms of service and privacy policy, including Plaid's End User Privacy Policy.

We request only the data categories reasonably necessary for Service functionality, including account balances, investment holdings, and financial institution metadata. We do not request transaction-level detail beyond what is necessary for balance and holdings calculations.
You may disconnect any linked financial account at any time through your account settings.
Upon disconnection, we immediately cease receiving new data from the provider. Previously synced data remains in your account until you affirmatively delete it or delete your account.
We are not responsible for the availability, accuracy, timeliness, or completeness of data provided by third-party financial institutions or aggregation providers. Account balances and holdings are reported by your financial institutions through Plaid and may be delayed, incomplete, or inaccurate.

9. AI-Powered Financial Assistant ("Barakah")

Subscribers to the OurBarakah All-Access plan may access Barakah, an AI-powered Islamic finance educational assistant. This section describes how your data is handled in the context of AI assistant interactions.

9.1 Nature of the Service

Barakah provides general educational information about Islamic finance topics, including but not limited to zakat, halal investing, and estate planning. Barakah does not provide, and shall not be construed as providing, financial, legal, tax, investment, or religious advice. All responses are AI-generated and may contain errors, inaccuracies, or outdated information.

9.2 Data Modes

Default Mode:No personal or Financial Information is transmitted to the AI model provider. Conversations are based solely on the AI model's general training knowledge.
"Use My Data" Mode: When explicitly enabled by you through an in-application toggle, an anonymized, aggregated financial summary is appended to the AI prompt context to enable more relevant educational guidance. You may enable or disable this mode at any time.

9.3 Personally Identifiable Information Safeguards

When the "Use My Data" mode is enabled, the following safeguards are applied:

Transmitted to the AI model: Aggregated asset totals by category (e.g., total cash, total investments), aggregated liability totals by category, investment ticker symbols with Shariah screening classification, zakat calculation summaries, and your selected sect/madhab preference.
Never transmitted to the AI model: Your name, email address, phone number, physical address, account numbers, routing numbers, login credentials, financial institution names, full transaction histories, Plaid connection identifiers or tokens, IP address, device identifiers, or any other personally identifiable information.

9.4 AI Model Provider

Conversations are processed by OpenAI, L.L.C. via their API. OpenAI's data usage and retention policies apply to the processing of prompts and responses. As of the date of this Policy, OpenAI's API data usage policy states that API inputs and outputs are not used to train their models.
We do not use your conversation data for model training purposes. Refer to OpenAI's Privacy Policy for their current data handling practices.

9.5 Conversation Storage and Control

Conversation history is stored in your account in our database for your reference and may be deleted by you at any time from the assistant interface.
Financial context data included in prompts is generated fresh for each individual API request and is not permanently stored alongside conversation records.
You may enable or disable the "Use My Data" toggle at any time. The assistant will not reference your Financial Information unless you have explicitly activated this toggle.

10. Live Support Chat

The Service includes a live support chat feature. When you initiate a support conversation, the following categories of information are shared with our support team:

Your display name and email address (for the purpose of identifying your account).
Your internal user identifier.
The content and timestamps of all messages you send through the support chat.

Support conversations are facilitated through Discord, Inc.'s platform and are subject to Discord's Privacy Policy. Support chat transcripts may be retained for quality assurance, account management, and dispute resolution purposes for the period specified in our Data Retention schedule (Section 13).

11. Information Sharing and Disclosure

We do not sell, rent, or trade your Personal Information to third parties for their marketing purposes. We do not "share" your Personal Information for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"). We may disclose your information only in the following circumstances:

With Your Consent or at Your Direction: When you explicitly authorize or direct us to share information, including when you connect financial accounts, enable AI data sharing, or initiate support conversations.
With Service Providers and Sub-Processors: With trusted third-party vendors and Sub-Processors that perform services on our behalf, including hosting, database management, analytics, payment processing, authentication, and support operations. These parties are contractually bound to use your information only as necessary to perform services for us and in accordance with this Policy.
With Financial Integration Partners: When necessary to establish, maintain, or operate your connected financial account integrations (e.g., Plaid, Stripe).
For Legal and Compliance Reasons: When we believe in good faith that disclosure is required by applicable law, regulation, legal process (including subpoenas and court orders), or a valid governmental request.
To Protect Rights, Safety, and Security: To investigate, prevent, or take action regarding suspected fraud, abuse, security incidents, violations of our Terms of Use, or threats to the rights, property, or personal safety of our users, the Company, or the public.
In Connection with Business Transfers: In connection with, or during negotiations of, any merger, acquisition, financing, sale of assets, dissolution, bankruptcy, or similar corporate transaction. In such event, we will endeavor to notify affected users and ensure the acquiring entity is bound by privacy obligations substantially similar to those in this Policy.
Aggregated and De-Identified Data: We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify any individual for analytics, research, industry benchmarking, and product improvement purposes.

12. Data Security

We implement and maintain reasonable administrative, technical, physical, and organizational safeguards designed to protect Personal Information and Financial Information against unauthorized access, alteration, disclosure, loss, destruction, and other forms of unlawful Processing. Our security measures include, but are not limited to:

Encryption in transit using Transport Layer Security ("TLS") / HTTPS for all data communications between your browser or device and our servers.
Encryption at rest for stored data in our database infrastructure.
Row-level security ("RLS") policies in our database ensuring that authenticated users can only access their own data.
Secure, cryptographically signed webhook verification for payment processing events and third-party callbacks.
Support for multi-factor authentication ("MFA") to provide additional account security.
Password hashing using industry-standard one-way cryptographic hash functions.
Role-based access controls limiting internal access to user data on a strict need-to-know basis.
Periodic security assessments and code reviews of critical application components.
Monitoring and logging of access to sensitive systems and data.

Notwithstanding the foregoing, no method of electronic transmission or data storage is completely secure, and we cannot guarantee absolute security. We strongly encourage you to use strong, unique passwords, enable multi-factor authentication, and keep your account credentials confidential. You are responsible for all activity that occurs under your account.

13. Data Retention

We retain Personal Information and Financial Information only for as long as reasonably necessary to fulfill the purposes for which it was collected, to provide the Service, to comply with our legal and regulatory obligations, to resolve disputes, to enforce our agreements, and to protect our legitimate business interests. Specific retention periods are as follows:

Account Data: Retained for the duration of your active account. Deleted upon receipt and processing of a verified account deletion request, subject to any legally required retention periods.
Financial Data (Manual Entry): Retained while your account is active and until you affirmatively delete individual records or your entire account.
Financial Data (Plaid-Synced): Retained while your account is active. Synced data is periodically refreshed and overwritten with current data from your financial institutions. Upon Plaid disconnection, previously synced data remains until you delete it or your account.
Zakat Calculations and Payment Records: Retained for historical reference until you delete individual records or your account.
AI Conversations: Retained until you delete individual conversations or your account.
Estate Plans and Will Documents: Retained until you delete individual estate plans or your account.
Support Chat Transcripts: Retained for up to twenty-four (24) months for quality assurance and dispute resolution purposes.
Server and Audit Logs: Retained for up to thirty-six (36) months for security monitoring, compliance, and incident investigation purposes.
Billing and Transaction Records: Retained for the period required by applicable tax, accounting, and financial reporting laws (typically up to seven (7) years).

When information is no longer required for any of the above purposes, it is deleted or irreversibly anonymized in accordance with our data retention procedures.

14. Your Rights and Choices

Depending on your jurisdiction and applicable law, you may have certain rights with respect to your Personal Information. These rights may include, but are not limited to:

The right to access and obtain a copy of the Personal Information we hold about you.
The right to correct or rectify inaccurate or incomplete Personal Information.
The right to request deletion or erasure of your Personal Information, subject to applicable legal exceptions and retention obligations.
The right to restrict or object to certain Processing of your Personal Information.
The right to data portability — to receive your Personal Information in a structured, commonly used, and machine-readable format.
The right to withdraw consent where Processing is based on consent, without affecting the lawfulness of Processing prior to withdrawal.
The right to opt out of analytics cookies via our cookie consent mechanism.
The right to disconnect linked financial accounts at any time through account settings.
The right to delete AI conversation history at any time through the assistant interface.
The right to delete estate plans and associated data at any time.
The right to opt out of non-essential marketing communications by following unsubscribe instructions in any such communication.
The right to lodge a complaint with a data protection supervisory authority in your jurisdiction (for EEA/UK users).

To exercise any of the foregoing rights, please contact us. We may verify your identity before processing certain requests to protect against unauthorized access or fraudulent requests. We will respond to verified requests within thirty (30) days, or such shorter period as may be required by applicable law. If we require additional time, we will inform you of the reason and extension period.

15. Jurisdiction-Specific Privacy Rights

15.1 European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)

If you are located in the EEA, UK, or Switzerland, you have the rights described in Section 14 above, as well as the following additional rights under the General Data Protection Regulation ("GDPR") and the UK GDPR:

The right not to be subject to a decision based solely on automated Processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (see Section 17 below).
The right to lodge a complaint with a supervisory authority in the EU/EEA member state or UK territory of your habitual residence, place of work, or place of the alleged infringement.
For cross-border data transfers outside the EEA/UK, we rely on European Commission-approved Standard Contractual Clauses ("SCCs"), the UK International Data Transfer Agreement, or other approved transfer mechanisms as required by applicable law.

15.2 California, United States (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"):

Right to Know: You have the right to request that we disclose to you the categories and specific pieces of Personal Information we have collected about you, the categories of sources from which such information was collected, the business or commercial purpose for collecting such information, and the categories of third parties to whom we have disclosed such information.
Right to Delete: You have the right to request deletion of your Personal Information, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate Personal Information.
Right to Opt Out of Sale or Sharing: We do not sell your Personal Information. We do not "share" your Personal Information for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information: To the extent we process sensitive Personal Information (such as religious preferences), we do so only for purposes permitted under the CCPA/CPRA.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise your California privacy rights, contact us with "California Privacy Request" in the subject line. We will verify your identity before processing your request. You may also designate an authorized agent to submit requests on your behalf, subject to verification of both the agent's authorization and your identity.

15.3 Other United States State Privacy Laws

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), or another U.S. state with an applicable consumer privacy law, you may have similar rights to access, correct, delete, and obtain a copy of your Personal Information, as well as the right to opt out of targeted advertising, the sale of Personal Information, and certain profiling. To exercise such rights, please contact us using the information provided in Section 21 of this Policy. If we decline your request, you may have the right to appeal our decision by contacting us.

15.4 Canada (PIPEDA)

If you are a resident of Canada, the Personal Information Protection and Electronic Documents Act ("PIPEDA") and substantially similar provincial legislation may apply to our collection, use, and disclosure of your Personal Information. You have the right to access and request correction of your Personal Information, and to withdraw consent to certain Processing activities. To exercise your rights, contact us using the information provided in Section 21 of this Policy.

16. Children's Privacy

The Service is not directed to, and is not intended for use by, children under the age of thirteen (13), or under the age of sixteen (16) in jurisdictions where a higher minimum age applies. We do not knowingly collect Personal Information from children without verifiable parental or guardian consent. If you are a parent or guardian and you believe that a child under the applicable minimum age has provided us with Personal Information without your consent, please contact us immediately, and we will take steps to delete such information promptly.

17. Automated Decision-Making and Profiling

The Service does not engage in automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you, as contemplated by Article 22 of the GDPR. Zakat calculations, investment screening classifications, and Faraid inheritance share computations are generated algorithmically based on data and parameters you provide, but these outputs are informational tools intended to assist your own decision-making and do not constitute binding determinations. You are not subject to any decision based solely on automated Processing that has legal or similarly significant effects.

18. International Data Transfers

Your Personal Information may be transferred to, stored in, and processed in jurisdictions outside your home country, including the United States, where our servers and principal business operations are located. Our third-party service providers may also process your data in various jurisdictions around the world.

Where such transfers are made from the EEA, UK, or Switzerland to a country that has not received an adequacy decision from the European Commission or the UK Secretary of State (as applicable), we implement appropriate safeguards to ensure an adequate level of data protection, including entering into Standard Contractual Clauses approved by the European Commission (Decision 2021/914) or the UK International Data Transfer Agreement, as applicable, with the receiving party. You may obtain a copy of the relevant transfer safeguards by contacting us at the address provided in Section 21.

19. Data Breach Notification

In the event of a confirmed security breach involving the unauthorized access, acquisition, use, or disclosure of your unencrypted Personal Information that is reasonably likely to cause material harm, we will notify affected users and relevant supervisory authorities as required by applicable data protection law. Such notification will be provided without undue delay and, where feasible, within seventy-two (72) hours of becoming aware of the breach (or such other timeframe as required by applicable law), and will include a description of the nature of the breach, the categories and approximate number of data subjects and records concerned, the likely consequences of the breach, and the measures taken or proposed to be taken to address the breach and mitigate its effects.

20. Marketing and Communications

We may send you transactional and service-related communications (e.g., account confirmations, billing receipts, security alerts, and material changes to our Terms or this Policy), which are necessary for the operation of the Service and are not subject to opt-out.

If you have opted in to receive marketing or promotional communications from us, you may opt out at any time by: (a) following the "unsubscribe" link included in any marketing email, or (b) contacting us. Please allow up to ten (10) business days for your opt-out request to be processed. Opting out of marketing communications will not affect transactional or service-related communications.

21. Changes to This Policy

We reserve the right to modify or update this Policy at any time in our sole discretion. When we make material changes, we will update the "Last Updated" date at the top of this Policy and, where required by applicable law, provide additional notice via email to the address associated with your account or through a prominent notice within the Service. Material changes will not apply retroactively to Personal Information collected before the effective date of such changes, except as required by applicable law. Your continued use of the Service following the posting of any changes to this Policy shall constitute your acknowledgment and acceptance of such changes. If you do not agree to any updated Policy, you must discontinue use of the Service.

22. Contact Information

For privacy-related questions, inquiries, data rights requests, or complaints regarding this Policy or our data practices, please contact:

Summer Slice LLC

Contact: Send us a message

Products: OurBarakah (ourbarakah.com) & Zaqat (zaqat.org)

If you are located in the EEA or the UK and are not satisfied with our response to your privacy inquiry or complaint, you have the right to lodge a complaint with your local data protection supervisory authority.