Privacy Policy

Last updated February 9, 2026

Please review our privacy practices carefully before using Hala Ride.

PRIVACY POLICY
Last updated February 9, 2026

We are Naser Issa, doing business as Hala Ride ("Hala Ride," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use the Hala Ride mobile application and related services (the "App" and collectively, the "Services").

Contact: halarideapp@gmail.com 

By using the Services, you agree to the practices described here. If you do not agree, do not use the Services.

WHAT WE COLLECT
Riders: phone number, email, profile photo, date of birth (to confirm age), gender (for matching preferences), device identifiers, push notification token, current GPS location, trip start/end points, route/location during trips, trip history, ratings/reviews, messages/support interactions, and Stripe customer ID (if any).
Drivers: phone number, email, profile photo, date of birth (to confirm age), gender (for matching preferences), vehicle details (make, model, colour, plate), Stripe connected account ID, bank/payments info (handled by Stripe), real-time GPS location during availability and trips, trip history, ratings/reviews, messages/support interactions.
Automatic data: device information, app usage logs, diagnostics, IP address, coarse location signals used for security, fraud prevention, and performance, and advertising identifiers (where available) for ad delivery and measurement.

HOW WE USE PERSONAL INFORMATION
- Provide and operate the Services, including matching riders and drivers, navigation, trip coordination, and receipts.
- Verify age eligibility (18+) and meet legal and regulatory requirements.
- Respect rider and driver matching preferences, including same-gender matching for religious and community considerations.
- Process payments and payouts through Stripe; calculate and collect cost-share and platform fees.
- Facilitate safety features (showing current location to counterparties during a trip, trip status updates, and support).
- Send trip updates, messages, and push notifications.
- Maintain trip history, ratings, and user profiles.
- Prevent fraud, secure the platform, and enforce our terms.
- Improve and troubleshoot the App, including diagnostics, crash reporting, analytics, and performance monitoring.
- Comply with legal, regulatory, and accounting obligations.
- Deliver and measure in-app advertisements and manage subscription features when applicable.

LOCATION DATA
We treat real-time geolocation as sensitive. We collect location when the App is running for trip discovery, pickup/drop-off coordination, navigation, safety, and fraud prevention. Location sharing stops when you end or cancel a trip and close the App, subject to short retention for security and support. During a trip, your driver/rider counterparties may see your location and trip progress. You can disable location at the device level, but the Services will not function without it.

PUSH NOTIFICATIONS
We collect device push tokens to send trip updates and service messages. Push tokens are shared with Apple or Google to deliver notifications. You can disable notifications in your device settings; certain critical service messages may still be delivered in-app.

STRIPE CONNECT (PAYMENTS AND ID VERIFICATION)
We use Stripe to process payments and driver payouts. Stripe may collect and store drivers’ legal name, address, date of birth, bank details, government ID data, and other information needed to verify identity, meet financial compliance requirements, and process payouts. Stripe is an independent data controller for this information. We cannot provide payouts without sharing required information with Stripe. Stripe may also create customer or connected account IDs associated with your account.

FIREBASE (AUTH, DATA, STORAGE, MESSAGING, ANALYTICS, CRASHLYTICS)
We use Firebase Authentication, Cloud Firestore, Firebase Storage, Firebase Cloud Messaging (including Expo push notifications), Firebase Analytics, and Firebase Crashlytics. These services process account data, trip data, messages, media uploads, device and usage data, diagnostics, crash reports, and push delivery data. Firebase may store and process information in the United States or other countries, resulting in cross-border data transfers.

WHY WE ASK FOR DATE OF BIRTH AND MATCHING PREFERENCES
We collect the minimum information needed to operate a mosque-based carpooling service safely and in line with community expectations.

Age eligibility (18+): We use date of birth only to confirm you are 18 or older and to comply with safety and legal requirements.

Matching preferences: Users set ride-matching preferences (for example, men-only or women-only matching) for comfort and religious considerations. These preferences are used only to filter and enable matches and are not used for advertising.

SHARING AND DISCLOSURE
- Counterparties: During a trip, riders and drivers may see each other’s name, photo, vehicle details, and live/near-real-time location relevant to the trip. Trip history and ratings may be shared with counterparties as displayed in the App.
- Service providers: Stripe, Firebase/Google, cloud hosting, analytics, crash reporting, messaging, advertising, and support tools that process data on our behalf under agreements.
- Legal and safety: To comply with law, respond to valid legal requests, enforce terms, protect rights, prevent fraud, and address safety incidents.
- Business transfers: As part of a merger, acquisition, or other corporate transaction, subject to this Privacy Policy.

DATA RETENTION
- Trip history and receipts: Retained to operate the service, provide records, and meet legal/accounting needs.
- Location logs: Detailed location records retained for approximately 7 days for safety and support, then minimized or deleted; aggregated data may persist.
- Account data: Kept while your account is active; deleted upon verified request, subject to retention needed for legal, accounting, fraud prevention, and safety. Trip history and transactional records may be retained even after account deletion.
- Messages/support and ratings: Retained as part of account and trip records.
- Push tokens: Retained until you disable notifications, log out, or delete the app/account.

CHILDREN AND MINORS
The Services are for users 18+. We do not knowingly collect personal information from minors. If we learn we have collected information from a minor, we will delete it.

YOUR CHOICES AND RIGHTS (CANADA/PIPEDA)
You may request access to or correction of your personal information, request deletion (subject to our legitimate interests and legal obligations), and ask questions about our privacy practices. Contact: halarideapp@gmail.com or by mail at 406-9939 Jasper Ave NW, Edmonton, AB T5J 2W8, Canada. We will respond in accordance with applicable Canadian privacy laws, including PIPEDA and Alberta law. You may also withdraw consent to optional processing (e.g., push notifications) via device or app settings.

DATA TRANSFERS
We store and process data in Canada and the United States (including via Stripe and Firebase). When information is outside your province or Canada, it may be subject to the laws of the foreign jurisdiction and accessible to law enforcement and regulators there. We use contractual and technical measures to protect data during transfers.

SECURITY
We use technical and organizational measures (encryption in transit, access controls, monitoring) to protect personal information. No system is perfectly secure; please use strong credentials and keep them confidential.

CHANGES
We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date and, where required, provide additional notice. Continued use after changes means you accept the updated policy.

COMPLAINTS
If you have a privacy complaint, contact us first at halarideapp@gmail.com. You may also contact the Office of the Information and Privacy Commissioner of Alberta or the Office of the Privacy Commissioner of Canada regarding unresolved concerns.