Arihna Biha logo

Arihna Biha

Prayer-aware calendar blocking for Muslims with moving schedules.

Trust

Personal Data Privacy Policy

This policy explains which personal data Arihna Biha processes, why we process it, how long we keep it, and which rights you can exercise.

Who is responsible for processing

JISRIFY publishes Arihna Biha and acts as data controller for the personal data processed through the service.

Controller

JISRIFY

SASU with a share capital of EUR 1,000

37 rue de la Republique, 92800 Puteaux, France

SIRET 100 701 705 00012

SIREN 100 701 705 - RCS Nanterre 100 701 705

Privacy contact

For any privacy request, contact support@arihna-biha.com.

Please use the email attached to your account whenever possible so we can verify the request safely.

What data we process

Arihna Biha keeps data processing narrow and tied to the product workflow.

Account and security data

  • Email address, password hash, role, and verification status
  • Session versioning and action tokens for verification and password reset
  • Security and anti-abuse signals used to protect authentication and sensitive account flows

Prayer setup and workspace data

  • Saved location, timezone, calculation method, school, selected prayers, and buffer settings
  • Preview drafts, managed calendar selection, sync history, undo history, and workspace job history
  • App-owned event references used to update, delete, or restore only events created by Arihna Biha

Connected provider data

  • Connected Google or Microsoft account email and display name
  • Provider account identifiers and selected calendar identifiers
  • OAuth access and refresh tokens stored encrypted at rest when a provider connection is active
  • When a provider connection is disconnected, stored tokens are removed locally; Google token revocation is requested where available, and Microsoft consent can be revoked from Microsoft account or organization permissions

Support and service operations

  • Emails you send to support
  • Operational email-delivery data needed to send account and security messages
  • Server, security, and application logs reasonably necessary to operate and defend the service

Why we process it

We process data only where it is needed to provide Arihna Biha or comply with legal obligations.

Contract and service delivery

  • Create and secure user accounts
  • Generate prayer previews and save workspace settings
  • Connect Google Calendar and Outlook calendars chosen by the user
  • Create, refresh, delete, and restore app-owned prayer blocks

Legitimate interests and legal obligations

  • Protect the service against abuse, fraud, and technical misuse
  • Respond to support, privacy, and legal enquiries
  • Maintain auditability for sync and delete actions
  • Comply with accounting, security, and legal retention duties

Retention

Retention follows the product lifecycle and the shorter security windows already built into the app.

Short-lived security items

  • Email verification tokens expire after 24 hours
  • Password-reset tokens expire after 1 hour

Account and workspace data

  • Account, prayer-profile, calendar-selection, preview, sync, and undo data is kept while the account remains active
  • Connected provider tokens are kept only while the calendar connection remains active, are stored encrypted at rest, and are deleted when the connection is disconnected
  • Support exchanges and technical logs may be retained for as long as reasonably needed to resolve issues, maintain security, or meet legal duties

Recipients and hosting

Arihna Biha relies on a small number of service providers that are directly tied to the product.

Named service providers

  • Hetzner Online GmbH for European hosting infrastructure
  • Stripe for payments, subscriptions, invoices, billing portal access, and payment events
  • Resend for transactional and service emails
  • Cloudflare Turnstile for anti-abuse checks on sensitive flows
  • Sentry for error monitoring and reliability diagnostics when enabled

Provider and location services

  • Google and Microsoft for calendar connection and calendar operations initiated by the user
  • OpenStreetMap Nominatim for location search when a user looks up a place
  • IP geolocation providers such as ipwho.is or ipapi.co when location detection is used

Google API data use and Limited Use

When a user connects Google Calendar, Arihna Biha uses Google user data only for the calendar features the user chooses in the product.

How Google data is used

  • Identify the connected Google account and show the account email in Arihna Biha
  • List Google calendars so the user can choose which calendars to read from or write to
  • Read calendar events only where needed to display connected agenda information or prepare user-requested calendar actions
  • Create, update, or delete only the prayer blocks the user asks Arihna Biha to manage
  • Request Google OAuth token revocation when the user disconnects a Google Calendar connection

Limited Use commitments

  • Google user data is not sold, transferred to advertising platforms, or used for retargeting, personalized ads, credit, or lending purposes
  • Google user data is not used to train generalized AI models or for unrelated analytics
  • Google user data is transferred only when necessary to provide or secure Arihna Biha, comply with law, or complete an action the user requested
  • Human access to Google user data is limited to support, security, legal, or operational needs and only where reasonably necessary

Arihna Biha's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Users can also review or remove Google provider authorization from Google Account permissions.

Microsoft Graph data use

When a user connects Outlook, Arihna Biha uses Microsoft Graph data only for the calendar features the user chooses in the product.

How Microsoft data is used

  • Identify the connected Microsoft account and show the account email in Arihna Biha
  • List Outlook calendars so the user can choose which calendars to read from or write to
  • Read calendar events only where needed to display connected agenda information or prepare user-requested calendar actions
  • Create, update, or delete only the prayer blocks the user asks Arihna Biha to manage
  • Use refresh tokens only to keep the user-selected calendar connection working until the user disconnects it

Microsoft data commitments

  • Microsoft calendar data is not sold, transferred to advertising platforms, or used for retargeting, personalized ads, credit, or lending purposes
  • Microsoft calendar data is not used to train generalized AI models or for unrelated analytics
  • Microsoft calendar data is transferred only when necessary to provide or secure Arihna Biha, comply with law, or complete an action the user requested
  • Human access to Microsoft calendar data is limited to support, security, legal, or operational needs and only where reasonably necessary

When a user disconnects Outlook inside Arihna Biha, stored local Microsoft tokens are removed. Users can also review or remove provider consent from their Microsoft account permissions or their organization's app permissions portal.

Your rights

Depending on the situation and applicable law, you may have rights of access, rectification, deletion, restriction, objection, and portability.

To exercise a privacy right, contact support@arihna-biha.com. We may ask for reasonable proof of identity before acting on a request. You may also lodge a complaint with the competent data protection authority, including the CNIL in France when applicable.