Privacy Policy

Last updated: April 2026

This Privacy Policy explains how Mizaanly ("we", "our", "us") collects, uses, and protects your personal data when you use our Service at mizaanly.com. We comply with the UK GDPR and the Data Protection Act 2018.

1. Data Controller

Mizaanly is the data controller for personal data processed through this Service. Contact us via our contact form.

2. Data We Collect

Account data: Your email address, collected when you sign up or sign in via email OTP or Google OAuth.

Case data: Inheritance calculation inputs you enter — deceased's details, heir types and counts, estate value, and madhab selection. This data is stored against your account so you can return to and re-download your documents.

Payment data: We do not store payment card details. Payments are processed by Stripe, who act as a separate data controller. We store a record of which cases have been paid for.

Usage data: Anonymised event data (e.g. which steps of the calculator you complete) collected via PostHog for product improvement. We use identified_only person profiles — you are not profiled until you sign in.

Error data: Anonymised technical errors reported to Sentry to help us fix bugs.

3. Legal Basis for Processing

• Contract performance: Processing your account and case data to provide the Service you have requested.
• Legitimate interests: Anonymised analytics and error monitoring to improve the Service.
• Legal obligation: Retaining transaction records as required by law.

4. Third-Party Processors

• Supabase — database and authentication (EU data region)
• Stripe — payment processing
• PostHog — product analytics (EU cloud, data stored in EU)
• Sentry — error monitoring

5. Data Retention

Account and case data is retained for as long as your account is active. You may delete your account and associated data by contacting us. Transaction records are retained for 7 years as required by UK financial record-keeping obligations.

6. Your Rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to processing based on legitimate interests
• Data portability

To exercise any of these rights, use our contact form and select "Privacy or data request". We will respond within 30 days.

7. Cookies and Local Storage

We use browser localStorage to maintain your session and remember draft calculations between visits. PostHog sets an analytics cookie to track product usage. We do not use advertising or tracking cookies.

8. Transfers Outside the UK

PostHog analytics data is stored within the EU (Frankfurt). Other processors may transfer data outside the UK under appropriate safeguards (Standard Contractual Clauses or UK Adequacy decisions).

9. Changes to This Policy

We may update this policy. Material changes will be notified via the Service. Continued use after changes constitutes acceptance.

10. Complaints

If you have concerns about how we handle your data, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.

11. Contact

Privacy questions: contact form.