Privacy Policy

Farha ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Farha mobile application or visit sendfarha.com. By using our services, you consent to the data practices described in this policy. If you do not agree, please discontinue use of the App.

We only collect what is necessary to provide the service. Here is an exact breakdown by category: Contact Information • Name — Your first and last name, entered during account setup or received from your Google account when you sign in with Google. • Email Address — Used for authentication, transactional notifications (e.g. gift reserved, price drop alerts), and account recovery. User Content • Profile Photo — An optional avatar you choose to upload. We do not access your device camera roll without your permission. • Wishlist Items — Product names, URLs, prices, currencies, notes, quantities, and priority levels that you enter manually or via our auto-fill feature. • Customer Support Messages — If you contact our support team, we retain those messages to resolve your issue. Identifiers • User ID — An internal account identifier (Supabase UUID) used to link your data across sessions and devices. • Device Token — A push notification token issued by Apple (APNs) or Google (FCM) if you choose to enable notifications. This is a device-level identifier and is used solely to deliver notifications. Usage Data • Product Interaction — Information about how you interact with the App, such as features opened, items added, and navigation flows. Collected via anonymous analytics to improve the product. This data is not linked to your identity. Diagnostics • Crash and Performance Data — Error logs, crash reports, and performance metrics collected automatically to help us identify and fix bugs. This data is collected anonymously and is not linked to your identity. What we do NOT collect: • Phone numbers, physical addresses, or sensitive personal information • Health, fitness, or financial data • Your device contacts or address book • Precise or coarse location data • Browsing history outside the App • Advertising identifiers or advertising data • Payment card numbers or bank details (payments, if any, are processed by our third-party provider and never stored by us)

We use the information we collect to: • Provide, operate, and maintain the Farha service • Create and manage your account • Deliver push notifications you have opted into • Send transactional emails (e.g. gift reserved, price drop alerts) • Auto-fill product details from URLs you submit • Analyze usage trends to improve features and fix bugs • Respond to support inquiries • Comply with legal obligations We do not sell your personal information to third parties. We do not use your data for advertising or tracking purposes.

We may share your information only in the following limited circumstances: Service Providers — Trusted vendors who access data only to perform services on our behalf and are bound by confidentiality agreements: • Supabase — Database hosting and user authentication • Google Sign-In — Account authentication via your Google account • Resend — Transactional email delivery • Expo / Apple APNs / Google FCM — Push notification delivery Other Users — Wishlist items you share publicly or via a link are visible to anyone who has that link. Gift reservation details are visible to other contributors but hidden from the wishlist owner. Legal Requirements — We may disclose information if required by law, court order, or government authority. Business Transfers — In the event of a merger, acquisition, or sale of assets, user data may be transferred to the successor entity.

We retain your personal data for as long as your account is active or as needed to provide services. If you delete your account, we will delete or anonymize your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g. fraud prevention). You can request account deletion at any time through the App settings or by visiting sendfarha.com/delete-account. Upon deletion, all your wishlists, personal information, and associated data will be permanently removed from our systems within 30 days.

The Farha website uses cookies and similar technologies to remember your preferences and analyze traffic. You can control cookie settings through your browser preferences. The Farha mobile App does not use advertising identifiers or cross-app tracking.

Farha is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such data, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@sendfarha.com.

We implement industry-standard technical and organizational measures to protect your data, including TLS encryption in transit and AES-256 encryption at rest via Supabase. However, no system is 100% secure, and we cannot guarantee absolute security. We recommend using a strong, unique password and enabling two-factor authentication where available.

Depending on your location, you may have the following rights regarding your personal data: • Access — Request a copy of the data we hold about you • Correction — Ask us to correct inaccurate or incomplete data • Deletion — Request that we delete your data (subject to legal obligations) • Portability — Receive your data in a portable format • Objection — Object to certain processing activities • Restriction — Ask us to limit how we use your data To exercise any of these rights, email us at privacy@sendfarha.com. We will respond within 30 days.

Our App may contain links to third-party websites or integrate with external services (e.g. Amazon, Etsy, other retailers). We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies before providing any personal information.

Farha is operated from Morocco. If you are located outside Morocco, your information may be transferred to and processed in Morocco or other countries where our service providers operate, where data protection laws may differ from those in your country. By using the App, you consent to this transfer. For users in the European Economic Area (EEA), we ensure appropriate safeguards are in place for any international data transfers.

We may update this Privacy Policy periodically. When we make material changes, we will notify you via email or an in-app notice prior to the change taking effect. The "Last updated" date at the top of this page reflects the most recent revision.

If you have questions, concerns, or requests regarding this Privacy Policy, please contact: Farha Email: privacy@sendfarha.com