Minbar

Legal

Cookies & Storage Notice

Effective April 16, 2026

A short, plain-English description of the storage that Minbar uses in your browser and on your device.

Minbar uses a small amount of browser and device storage to make the Service work. We do not use advertising cookies or cross-site trackers, and we do not sell personal data.

What we store on our websites

minbar.one and per-masjid websites (for example, yourmasjid.minbar.one):

  • thread_session_* (localStorage). A short-lived token that lets you return to a conversation you started through a masjid’s contact form without creating a Minbar account. Cleared automatically when the conversation is closed or the token expires.
  • No other first-party cookies or trackers are set by us.

Third-party storage you may encounter

  • Supabase Auth. If you sign in to the admin area from a browser, Supabase stores an authentication token in localStorage and/or sets a session cookie so you stay signed in. This is required for signed-in pages to work.
  • Stripe Checkout. If you upgrade to a paid tier from a browser, Stripe sets cookies for fraud prevention and payment processing. See stripe.com/privacy.

What the mobile apps store on your device

  • Session tokens are stored in platform-standard secure storage (Keychain on iOS, Keystore on Android) via Supabase and flutter_secure_storage.
  • Basic preferences (for example, the active masjid you last opened) are stored in SharedPreferences on your device.
  • Push notification tokens are sent to our server and to Firebase Cloud Messaging so we can deliver notifications to your device.
  • No advertising identifiers or third-party SDK trackers are used.

How to control it

  • Clear site data for a Minbar website at any time from your browser’s settings. You may need to sign in again.
  • Disable third-party cookies in your browser — public websites will still work; the admin dashboard may not, because authentication relies on them.
  • Uninstall the mobile app to remove all data it stored locally.
  • Revoke push-notification permission in the app or in your device’s OS settings at any time.

Changes

We will update this notice if we change our storage practices. If we ever add anything that requires consent in your region (for example, analytics cookies that track identifiable users), we will ask for consent first where the law requires it.

Questions

Email support@minbar.one.