Privacy policy

Effective Date: 9th of April, 2025

This Privacy Policy (the "Policy") outlines, in legally binding terms, how Najda ("we," "us," or "the Company") collects, uses, stores, and protects the personal data of its users ("You" or "Users") in connection with the provision of its services through the website and mobile application. By accessing and/or using our services, You expressly accept the terms set out in this Policy.

Article 1 - Collection of Personal Data

  1. Data collected during registration and use of the service:In the course of using our services, we collect the following personal information provided directly by the User through the form available on our website and via the onboarding process within the app:
    • First name
    • Email address
    • Photo (optional)
    • Information relating to the User's mental health [For users under 13 years of age in the United States, we collect personal data only with verifiable parental consent in compliance with the Children's Online Privacy Protection Act (COPPA).]
  2. Additional collection methods:
  3. In addition to direct collection via form, we may obtain supplementary data through the use of cookies and similar technologies related to browsing activity and interactions with our services.

Article 2 - Use of Personal Data

  1. Purposes for using the data:The data collected is used exclusively for the following purposes:
    • Managing user accounts and enabling personalized interaction with the assigned therapist, thereby facilitating the communication process.
    • Identifying users in the event of a support or assistance request, or for technical issue resolution.
    • Enhancing the website's performance and user experience through analytical tools.The processing of personal data is based on the necessity for the performance of the contract between Najda and the User, as well as the User's consent where applicable, in accordance with applicable data protection laws.
  2. Use by third parties:
  3. We do not share personal data with third parties, except in cases where access is strictly limited to authorized personnel such as the therapist assigned to the specific client.

Article 3 - Data Storage and Security

  1. Storage details:
    • Personal data is stored in the development database of our application. Only the data controller, who is the founder of the Company, has access to this database.
  1. Security measures:
    • Appropriate technical and organizational measures have been implemented to guarantee the confidentiality and integrity of the data. No other team member has access to the database unless strictly necessary for maintenance or issue resolution, and even then, under supervision.
  1. Encryption and anonymization:
    • Whenever applicable, sensitive data is encrypted and, when required, anonymized to prevent unauthorized identification.
  1. Data breach notification:
    • In the event of a data breach that affects your personal data and poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities without undue delay, as required by applicable laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Article 4 - Access to and Sharing of Data

  1. Restricted access:Access to personal data is strictly limited to:
    • The founder, acting as the data controller.
    • The therapist responsible for the client's care, within the scope of their professional duties.
  2. No third-party disclosure:
  3. Personal information is not shared with any third parties, except in response to a legal obligation or with the User's explicit consent.

Article 5 - Data Retention and Deletion

  1. Retention period:
    1. Personal data is retained for as long as the User actively uses our services. In the absence of an explicit deletion request, the data will be automatically deleted after 12 months of inactivity.
    2. The retention period is based on the necessity to provide the services and comply with legal obligations. After 12 months of inactivity, data is deleted to minimize data storage, in line with data protection principles.
  2. Deletion and modification procedure:
    1. Any User wishing to delete or modify their personal data may do so by sending an email request to: inquiry@najda.io. The request will be handled promptly and in accordance with applicable legal requirements.

Article 6 - User Rights

In accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and UAE Federal Law No. 2 of 2019, users have the following rights over their personal data:

  • The right to access their data.
  • The right to rectify inaccurate or incomplete data.
  • The right to erase their data under certain circumstances.
  • The right to restrict processing under certain conditions.
  • The right to data portability, allowing users to receive their data in a structured, commonly used, and machine-readable format.
  • The right to object to processing, including for direct marketing purposes.
  • For users in California, the right to opt-out of the sale of personal information.

These rights can be exercised by contacting us at inquiry@najda.io. Requests must be clear and explicit, and we will respond promptly in accordance with legal requirements.

Article 7 - International Data Transfer

Under no circumstances will personal data be transferred outside the national territory. We are fully committed to ensuring that all collected information remains stored and processed exclusively within the country of operation, thus guaranteeing optimal protection.

Should international data transfers become necessary in the future, we will implement appropriate safeguards, such as standard contractual clauses or other mechanisms approved by the relevant authorities, to ensure the protection of your data in compliance with applicable laws, including the GDPR.

Article 8 - Legal Compliance

Najda is committed to complying with all applicable data protection laws in the jurisdictions where we operate. This includes, but is not limited to:

  • For users in the United Arab Emirates: Federal Law No. 2 of 2019 on the Protection of Personal Data.
  • For users in the United Kingdom and the European Economic Area (EEA): the General Data Protection Regulation (GDPR).
  • For users in California, United States: the California Consumer Privacy Act (CCPA).
  • For users under the age of 13 in the United States: the Children's Online Privacy Protection Act (COPPA).

This Privacy Policy may evolve over time to reflect any changes in our data protection practices or in response to legal obligations. Users are encouraged to consult this document periodically to remain informed of any updates.

By using our services, You expressly agree to the terms of this Privacy Policy.

This Privacy Policy is available in English. Translations into other languages can be provided upon request to accommodate our diverse user base.

Legal
Privacy Policy
Terms of Service
Teleconsultation Consent Notice
Financial Responsibility Agreement
Therapist Service Agreement
Medical Disclaimer
Data Processing Agreement (DPA)
Contact
Najda offers emotional and spiritual support rooted in faith, not clinical therapy. For medical or psychological conditions, consult a licensed professional.
Najda © 2025