Privacy Policy
Last updated: 6 April 2026
1. Who we are
Halal Meetups is an online community platform operating under the trading name Halal Meetups. We are not a registered company.
We are the data controller for the personal information processed through this platform. This means we decide what personal data is collected, why it is collected, and how it is used.
For any data protection enquiries, contact us at privacy@halalmeetups.com.
2. Scope of this policy
This policy applies to personal data we process when you visit our website at www.halalmeetups.com, create an account, use community features such as groups, events, and discussions, or contact us by any means.
It does not apply to third-party services that group organisers may link to from their profiles — for example, external WhatsApp groups or Telegram channels. Those services have their own privacy policies and we are not responsible for how they handle your data.
3. Our platform and your religious identity
A note on religious identity
Halal Meetups is a community platform designed for Muslim individuals. By joining the platform, you are voluntarily identifying yourself as part of a Muslim community.
Under UK data protection law, information that reveals a person's religious beliefs is special category data and receives a higher level of legal protection. Your membership of this platform is an indicator of your Muslim identity, and we treat it as such.
We process this information only to provide the service you have signed up for, on the basis of your explicit consent given at registration. We never sell it. We never use it for advertising. We do not share it with any third party in a way that identifies you as Muslim beyond what you choose to make visible yourself.
You can withdraw this consent at any time by deleting your account or contacting us at privacy@halalmeetups.com. Withdrawal means we can no longer provide the service to you.
4. The information we collect
4.1 Information you provide when registering
The following information is required to create an account:
| Information | Why we collect it |
|---|---|
| First and last name | Account creation and display on your profile |
| Email address | Authentication and service communications |
| Password | Account security — stored as a one-way hash, never readable |
| Date of birth | We are an 18+ platform. We verify your age at sign-up. |
| Gender community (brothers or sisters) | Determines which gender community you join. Your content is filtered accordingly. This cannot be changed after registration. |
4.2 Information you can add to your profile (all optional)
- City — shown on your public profile
- Phone number — for group communication if needed; never shown publicly
- Bio — a short introduction (up to 280 characters); shown on your profile
- Profile photo — shown in group member lists and on your profile page
4.3 Information generated when you use community features
- Group membership records — when you joined, your role (member or organiser)
- Answers to join questions — when you request to join a group that requires approval
- Event registrations — your registration status and check-in record
- Answers to event registration questions — set by the event organiser
- Discussion posts and replies in group boards
- Reviews and ratings you leave for events and groups
- Photos you upload to group galleries
- Bookmarks (events or groups you save)
- Reports you file about content or other users
Please note that some registration questions — such as dietary requirements or accessibility needs — may touch on sensitive information. We encourage you to only answer what you are comfortable sharing. Organisers are bound by our Terms of Service in how they use that information.
4.4 Contact form submissions
Our contact form is publicly accessible and does not require you to be logged in. When you submit it, we collect your name, email address, the subject of your enquiry, and your message. This information is accessible to our administrative team only.
4.5 Information collected automatically
Analytics and performance. We use Vercel Analytics and Vercel Speed Insights to understand how the platform is used. These tools collect information including pages visited, approximate geographic region, browser and device type, and performance metrics. They do not use tracking cookies and do not create individual user profiles. This data is processed by Vercel Inc. (see Section 8).
Authentication cookies. We set a small number of secure, HttpOnly cookies to keep you signed in and remember your browsing preferences. See our Cookies Policy for details.
Email delivery logs. We log all transactional emails we send, including the recipient address, send status, delivery confirmation, and email content. These records are used for system reliability and compliance purposes and are accessible to our administrative team only. They are retained for 12 months.
4.6 Information about others entered by group organisers
Organisers can manually add walk-in attendees to their events — people who attended without registering on the platform. In that case, the organiser enters your name, email address, and phone number. If this applies to you, you can contact us at privacy@halalmeetups.com to ask about or request deletion of any information held about you.
5. How we use your information
We use your personal data to:
- Create and manage your account
- Show you groups, events, and community content relevant to your gender community and location
- Process group membership requests and event registrations
- Send you service notifications — event reminders, join request decisions, event updates, role changes, and similar communications directly related to your use of the platform
- Process subscription payments and manage your subscription status
- Verify that users are 18 or over at the point of registration
- Enforce our community guidelines and respond to reports of inappropriate content or behaviour
- Maintain platform security and prevent fraud or abuse
- Analyse how the platform is used in aggregate to identify improvements
- Monitor technical performance and resolve errors
- Respond to support enquiries and data protection requests
- Comply with our legal obligations
We do not sell your personal data. We do not use it for advertising.
6. Lawful bases for processing
UK data protection law requires us to have a valid legal basis for every processing activity. We rely on the following:
Contract (Article 6(1)(b)). The majority of our processing is necessary to deliver the service you have signed up for. This includes creating and managing your account, providing group and event features, sending service notifications, and processing payments.
Legitimate interests (Article 6(1)(f)). We rely on legitimate interests for platform security, fraud prevention, email delivery logging, age verification record-keeping, operating our moderation system, processing analytics data, and maintaining the contact form. In each case we have assessed that our interests are proportionate and do not override your privacy rights.
Legal obligation (Article 6(1)(c)). We may process data where we are required to do so by law — for example, retaining financial records or responding to a court order.
Explicit consent (Articles 6(1)(a) and 9(2)(a)). We rely on your explicit consent, given at the point of registration, for processing data that reveals your Muslim identity (see Section 3). You may withdraw this consent at any time, though this will require us to close your account.
7. Who we share your information with
We do not sell your data. We do not share it with advertisers. We share it in the following circumstances:
Other members
Depending on your privacy settings, your display name, city, gender community, bio, and profile photo may be visible to other authenticated members of the same gender community. Your email address and phone number are never visible to other members. Reviews you write are publicly visible within your gender community. Discussion posts are visible to members of the same group.
Group organisers
When you join a group or register for an event, the group organiser can see your display name and profile. If you answer join questions or event registration questions, the organiser can see those answers. Organisers cannot see your email address or phone number. Organisers are bound by our Terms of Service and are not permitted to use your information for purposes outside the platform.
Our administrative and moderation team
Our administrative staff and moderators have access to all user accounts and platform data. This access is restricted to a small team and is used only for operating the platform, resolving disputes, moderating content, and maintaining security.
Service providers
We use third-party companies to help operate the platform. They process personal data on our behalf, under our instructions, and are not permitted to use it for their own purposes. See Section 8 for details.
Law enforcement and regulatory bodies
We will share personal data if required to do so by law, court order, or at the direction of a competent authority. Where legally permitted, we will notify you of such a request.
8. Our service providers
We use the following companies to provide core parts of the platform. All are subject to data processing agreements with us.
| Provider | Purpose | Personal data involved | Country |
|---|---|---|---|
| Supabase (Supabase Inc.) | Database, authentication, file storage, automated functions | All account, profile, and community data; file uploads; authentication tokens | EU (Ireland) — eu-west-1 |
| Resend (Resend Inc.) | Transactional email delivery | Recipient email address, name, email content | USA |
| Vercel (Vercel Inc.) | Platform hosting, content delivery, analytics, performance monitoring | Web traffic data, analytics data, performance metrics | USA |
| Stripe (Stripe Inc.) | Subscription payment processing | Payment method details (handled directly by Stripe), billing information, subscription status | USA |
| Unsplash (Unsplash Inc.) | Default and placeholder images displayed on the platform | Image request metadata (IP address, browser); no account data is shared | USA |
9. International data transfers
All of our core service providers are based in the United States. The United States does not have a UK adequacy decision, meaning transfers of personal data there are “restricted transfers” under UK GDPR Chapter V.
We ensure all such transfers are protected by appropriate safeguards. Our contracts with each provider include standard data transfer clauses — specifically the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses — which are recognised mechanisms approved by the ICO for this purpose.
You can request further information about the specific transfer safeguards we use by contacting privacy@halalmeetups.com.
10. How long we keep your data
We keep personal data only for as long as it is needed for the purpose it was collected.
| Data | Kept until | Notes |
|---|---|---|
| Account profile data (name, email, date of birth, gender, city) | Account deletion + 30 days | Unless legal retention obligations apply |
| Phone number, bio, profile photo | You remove it, or account deletion + 30 days | Optional; removed immediately when you delete it yourself |
| Group membership and event registration records | 12 months after membership ends or event date | For dispute resolution and platform integrity |
| Join request answers (for approved memberships) | 12 months after membership ends | |
| Join request answers (for declined requests) | 30 days after the decision | No ongoing purpose after decline |
| Discussion posts and replies | Duration of the group, or account deletion | Content is removed when a group is permanently deleted |
| Reviews | Account deletion; anonymised thereafter | Name removed on account deletion; rating and text may be retained anonymously for community integrity |
| Group photos | Removed by you, organiser, or admin; or account deletion + 30 days | |
| Subscription and payment records | 7 years from the transaction | Required by HMRC record-keeping rules |
| Email delivery logs | 12 months | For system reliability and audit |
| Contact form submissions | 24 months after the matter is resolved | |
| Moderation and report records | 3 years | For platform safety and in case of disputes |
| Walk-in attendee records | 6 months after the event date | |
| Authentication session tokens | Approximately 1 week, refreshed on activity | Strictly necessary; auto-expired |
| Analytics data | Subject to Vercel's retention policies | Aggregated; no individual profiles retained by us |
Where data is deleted, we may retain anonymised or aggregated records that cannot identify you.
11. Security
We implement appropriate technical and organisational measures to protect your personal data. These include:
- Encrypted connections (HTTPS/TLS) for all data in transit
- Passwords stored as one-way cryptographic hashes — never accessible in plaintext
- Authentication tokens stored in HttpOnly, Secure cookies that cannot be accessed by browser scripts
- Row-level security policies that enforce strict access controls at the database layer, including complete separation between gender communities
- Time-limited signed URLs for all private file storage (profile photos, group images)
- Administrative access restricted to a small, authorised team
- Email delivery audit logs for all transactional communications
- Support for multi-factor authentication on your account
No security system is infallible. If you discover a security concern, please contact us immediately at privacy@halalmeetups.com.
12. Your rights
Under UK GDPR, you have the following rights in relation to your personal data. We will respond to all requests within one calendar month. We will not charge a fee for reasonable requests. We may ask you to verify your identity before acting on a request.
Right of access
You can request a copy of the personal data we hold about you (a Subject Access Request). Email privacy@halalmeetups.com with the subject line “Access Request”.
Right to rectification
You can correct inaccurate or incomplete information. Most profile data can be updated directly in your account settings. Date of birth and gender community cannot be changed after registration — if you believe there is a genuine error, contact us.
Right to erasure
You can request deletion of your personal data. To delete your account, go to Settings › Danger Zone and follow the on-screen steps. See Section 17 for details of what is deleted and what may be retained. You can also email us at privacy@halalmeetups.com.
Right to restrict processing
You can ask us to pause processing of your data in certain circumstances — for example, while a dispute about accuracy is being resolved.
Right to data portability
For data processed on the basis of contract or consent by automated means, you can ask for a copy in a structured, machine-readable format. Contact us to request an export of your account data.
Right to object
You can object to processing based on our legitimate interests. Tell us what processing you are objecting to and why. We will stop unless we can demonstrate compelling legitimate grounds that override your interests.
Right to withdraw consent
Where we rely on consent (including for the processing of your religious identity data), you can withdraw it at any time by contacting privacy@halalmeetups.com. Withdrawal will not affect the lawfulness of processing that took place before you withdrew consent.
Right to complain
If you believe we have not handled your data lawfully, you have the right to complain to the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Phone: 0303 123 1113
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We would appreciate the opportunity to address your concern before you contact the ICO, so please reach out to us first.
13. Email and notifications
We send transactional emails as part of delivering the platform. These include account confirmation, password reset and security alerts, event reminders, join request decisions, event updates, membership role changes, and similar service communications. The lawful basis for these is contract performance (they are necessary to provide the service).
You can manage which service notifications you receive — and whether they are delivered in-app, by email, or both — in your Notification Settings. The exception is security-critical emails (such as password reset and email change confirmation), which cannot be disabled.
We do not currently send promotional or marketing emails. If we introduce any in the future, we will ask for your explicit consent before sending them, and every marketing email will include a clear and easy way to unsubscribe.
14. Cookies and tracking technologies
We use a small number of cookies that are necessary to operate the platform. We do not use advertising cookies, third-party tracking pixels, or analytics cookies that follow you across the web. Our analytics (Vercel) operate server-side without placing cookies in your browser.
For a full description of every cookie we set, see our Cookies Policy.
15. Children's privacy
Our platform is strictly for users aged 18 and over. We verify age at the point of registration using your date of birth and will not create an account for anyone under 18. We do not knowingly collect personal data from children.
If you believe a child has created an account, please contact privacy@halalmeetups.com and we will investigate and close the account promptly.
16. Profile and content visibility
Your profile. By default, your display name, city, gender community, and bio are visible to authenticated members of the same gender community. You can make your profile private in Settings › Profile, in which case other members will see a private profile page instead of your details. Even with a private profile, your name will continue to appear in the member list of groups you belong to.
Gender community isolation. The platform operates entirely separate communities for brothers (male) and sisters (female). Members of one community cannot see the profiles, groups, events, discussions, or photos of the other. Platform administrators have access to both communities for operational purposes.
Reviews. Reviews you write are visible to all authenticated members of the same gender community. They appear alongside your display name.
Discussions. Posts and replies in group discussion boards are visible to all members of that group. They are not accessible to the general public.
Photos. Photos you upload to group galleries are visible to authenticated members of the same gender community who have access to that group.
Your email address and phone number are never visible to other members, including group organisers.
17. Account deletion
To delete your account, go to Settings › Danger Zone and follow the on-screen steps. You can also email privacy@halalmeetups.com with the subject line “Account deletion request”.
When your account is deleted:
- Your profile data (name, email address, date of birth, gender, city, phone number, bio, and photo) will be deleted within 30 days
- Your group memberships will end and you will be removed from all group member lists
- Your discussion posts will be removed
- Your event registrations will be cancelled
- Reviews you have written may be retained in anonymised form (your name is removed; the rating and text may remain to preserve community integrity)
- Subscription and payment records will be retained for 7 years as required by financial regulation
- Moderation records relating to any bans or serious violations may be retained for up to 3 years
- If you have an active paid subscription, cancelling your account will cancel your subscription. We do not offer refunds for unused periods of a billing cycle.
18. Changes to this policy
We may update this policy from time to time. Where we make material changes, we will notify you by email or by a prominent notice on the platform before the changes take effect, and we will update the date at the top of this page. Your continued use of the platform after changes are published constitutes acceptance of the updated policy.
Previous versions of this policy are available on request by emailing privacy@halalmeetups.com.