← Revisely
Privacy Policy for Revisely
Effective date: 2026-05-11 · Last updated: 2026-05-28
This Privacy Policy describes how Revisely (“we”, “us”, or “the app”) collects, uses, and protects information when you use the Revisely mobile application.
Revisely is operated by Majd Khawaldeh, a sole developer. You can reach us at privacy@revisely.app or by mail at 2670 SAW Grimes Blvd #2405, Round Rock, TX 78664.
1. What this app does
Revisely is a mobile application that helps users track and review their Quran memorization through scheduled revision sessions. The app records progress, page-level memorization strength, and revision history to suggest what to review next.
2. Information we collect
Information you provide
- Account information — your name, email address, and password when you create an account.
- Profile information received from Apple Sign-In or Google Sign-In if you choose to authenticate that way (typically your name, email address, and profile picture URL).
- Memorization data — the pages, surahs, or juz you mark as memorized; weakness ratings you assign to pages; revision sessions you complete.
- Voice input (future feature) — when you opt to use the voice-recitation feature, your voice is processed to generate text. Audio is not stored after processing.
Information collected automatically
- Device and app information — device model, operating system version, app version, language, time zone, and anonymous device identifiers (used by Firebase to manage your session).
- Push notification tokens — to send you the daily revision reminders you've enabled in Settings.
- Location (optional) — if you enable the fajr-aligned day boundary in Settings, we request your device location to calculate accurate local fajr (dawn) prayer times, so a late-night revision session can count toward the correct day. Your coordinates are stored on your account solely to recompute fajr times; they are never used for tracking or advertising. You can decline the permission or turn the feature off at any time.
- Crash and error reports — when the app encounters an error or crash, technical details (stack trace, device information, app state at the time) are sent to our error monitoring service so we can fix bugs.
- App Check tokens — small attestation tokens generated by Apple's App Attest service to verify requests come from a real, unmodified install of Revisely. These tokens contain no personal information.
Information from third parties
- When you sign in with Apple or Google, we receive the profile information you authorize them to share (typically name and email).
- When you choose to connect your Quran.com (Quran Foundation) account in Settings, we read your reading-streak information from Quran Foundation and send your Revisely revision activity (the surahs/pages you revise and time spent) back to Quran Foundation so your progress can count across the Quran.com ecosystem. This connection is optional; if you do not connect it, no data is exchanged with Quran Foundation.
- We do not buy data from data brokers, scrape it from public sources, or import contacts from your device.
3. How we use information
We use the information described above to:
- Operate the app — store your account, sync your revision data across devices, generate your daily revision schedule.
- Send you the revision reminders you've enabled.
- Respond to support requests you send us.
- Detect and fix bugs and crashes.
- Prevent abuse — rate-limit AI-assisted features to protect against automated misuse.
- Comply with legal obligations.
We do not:
- Sell your personal information.
- Share your personal information with advertisers.
- Use your data to train any AI model. Voice and text inputs you send to our AI parser are used only to return a result to you and are not retained for model training.
4. Legal bases (GDPR / UK GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your information on the following bases:
- Performance of a contract — to create and operate your account, sync your data, and provide the core memorization-tracking service.
- Consent — for push notifications, microphone access (when you enable voice features), and Apple/Google sign-in (you consent through the system permission prompts).
- Legitimate interests — to detect crashes, prevent abuse, and improve the app. We balance this against your right to privacy and have minimized what we collect.
- Legal obligation — to respond to lawful requests from authorities and retain records required by law.
5. Third-party services we use
We use the following processors to deliver Revisely. Each is bound by their own privacy policy and data processing terms:
| Service | Purpose | Location |
|---|
| Google LLC / Firebase | Authentication, cloud database (Firestore), push notifications | United States |
| Apple Inc. | App Store, Apple Push Notification service, Sign in with Apple, App Attest | United States |
| Anthropic, PBC | The Claude AI model used by our memorization-input parser | United States |
| Sentry / Functional Software, Inc. | Crash and error reporting | United States |
| Quran Foundation (Quran.com) | Optional: when you connect your Quran.com account, we read your reading streak and sync your revision activity so your progress counts across the Quran.com ecosystem | Global |
| Expo / 650 Industries, Inc. | Build infrastructure and over-the-air updates | United States |
We do not transfer your data to any party not listed above for any other purpose.
6. International data transfers
Our processors are located in the United States. If you are in the European Economic Area, the United Kingdom, Switzerland, or Canada, your information is transferred to and processed in the United States. We rely on Google Cloud's Standard Contractual Clauses and the EU-US Data Privacy Framework (Google LLC is DPF-certified) for these transfers. Apple, Anthropic, Sentry, and Quran Foundation maintain comparable safeguards.
7. Data retention
- Account data — kept for the life of your account, plus 30 days after account deletion.
- Memorization and revision history — kept for the life of your account, plus 30 days after account deletion.
- Push notification tokens — kept until you uninstall the app or revoke notification permission.
- Crash logs — kept for 90 days.
- Support email correspondence — kept for 2 years.
- Aggregated, de-identified usage statistics may be retained indefinitely; these cannot be linked back to you.
If you delete your account, we will delete or de-identify your personal information within 30 days, except where we are required to retain it to comply with legal obligations, resolve disputes, or enforce our agreements.
8. Your rights
Depending on where you live, you have some or all of the following rights:
- Access the personal information we hold about you.
- Correct information that's inaccurate or incomplete.
- Delete your account and associated data. You can do this from inside the app at Settings → Delete account, or by emailing us at privacy@revisely.app.
- Export your data in a portable format.
- Withdraw consent for processing based on consent (e.g., push notifications, microphone access).
- Object to processing based on legitimate interests.
- Lodge a complaint with your local data-protection authority.
We will respond to verifiable requests within 30 days. We do not discriminate against users who exercise their rights.
California, Virginia, Colorado, Connecticut, Utah, Texas, and other US state residents
You have additional rights under your state's privacy law, including the right to know what categories of personal information we collect, to opt out of any “sale” or “sharing” (we do neither), and to limit the use of sensitive personal information. To exercise these rights, contact privacy@revisely.app.
Quebec residents (Law 25)
You have the right to access, correct, and request deletion of your personal information. You may also withdraw consent for any consent-based processing. Contact privacy@revisely.app.
9. Children
Revisely is intended for users 18 years and older. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under the applicable age of digital consent in their jurisdiction (13 in the US, 16 in most of the EU), we will delete that information promptly. If you believe a child has provided us with personal data, please contact us at privacy@revisely.app.
10. Security
We protect your information using:
- TLS encryption for data in transit between your device and our servers.
- Firestore encryption at rest (managed by Google Cloud).
- Firebase Authentication for password hashing and session management.
- Firebase Security Rules that restrict each user's data to their own account.
- Sentry monitoring for unexpected errors.
No method of transmission over the Internet or electronic storage is 100% secure. While we use industry-standard measures, we cannot guarantee absolute security. If we learn of a security breach affecting your data, we will notify you and the relevant authorities as required by law.
11. Cookies and tracking technologies
Revisely is a mobile app and does not use browser cookies. Our backend services (Firebase) use device identifiers, installation IDs, and similar technologies to manage your session, deliver push notifications, and detect abuse. We do not use any advertising or behavioral-tracking technologies.
12. Do-Not-Track signals
Do-Not-Track is a browser setting and does not apply to mobile apps. We do not currently respond to Do-Not-Track signals.
13. Changes to this policy
We may update this Privacy Policy from time to time. The updated version will be indicated by a new “Last updated” date at the top. For material changes, we will notify you either by prominently posting a notice in the app or by sending you an email. Your continued use of Revisely after a change becomes effective constitutes acceptance of the updated policy.
14. Contact
For privacy questions, data requests, or to report a concern, contact:
If you are in the EU or UK and we have not designated a local representative, you may contact us directly at the email above. We will respond to your request within 30 days.