العربية

Privacy Policy

Last Updated: March 9, 2026

Service Provider Information

Introduction

Mayadeen ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

Important: By using the Mayadeen App, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Personal Information

When you register and use the App or Services, we collect:

  • Account Information: Name, email address, phone number
  • Payment Information: Processed by Apple/Google (we don't store payment details)
  • Google Sign-In: When you choose to sign in using your Google account, we only receive your name and email address. We do not access any other private data in your Google account, nor do we gain access to other Google services.

1.2 Listing Information

  • Listing descriptions and features
  • Listing photographs
  • Property Location Data: Latitude/longitude coordinates and street addresses of real estate properties you manually enter when creating a listing. This refers to the location of the property itself, not your personal location or device GPS data.
  • Pricing information

1.2.1 Device Location (Optional)

When using Google Maps on Android/iOS devices, you may grant optional permission for the app to access your device's location. This helps you:

  • Center the map on your current location for easier navigation
  • Quickly find and select locations

Important: This permission is entirely optional. You can decline and manually search for locations on the map. If granted, your device location is only used temporarily to center the map and is not stored or transmitted to our servers. Only the coordinates you manually select are saved.

1.3 Automatically Collected Information

When you use our Service, we automatically collect:

  • IP Address: Collected for security monitoring, fraud detection, and consent logging. IP addresses may reveal your approximate geographic location (city or region level). This data is deleted when you delete your account.
  • Server Logs: Access times, browser type, and requested URLs for technical diagnostics and security. Logs are deleted within 12 months.
  • Device Information: Operating system, device model, and app version for compatibility and troubleshooting.

1.3.1 Consent Records

When you accept these Terms and Privacy Policy (both at the time of registration and when you accept a subsequent update), we record the following in a separate consent records table:

  • The version of the Terms and Privacy Policy you accepted
  • Your email address at the time of acceptance
  • Date and time of acceptance
  • Your IP address

Each acceptance event creates a new record — prior records are never overwritten. You can download your personal data, including your consent records, using the "Download My Personal Data" feature in your profile. See Section 5.2 for how long these records are retained after account deletion.

1.3.2 Content Moderation and Report Data

When you submit a report about a listing, we collect and store the following information to investigate the report and maintain platform safety:

  • Report description: The text you write when submitting a report
  • Your user identifier: Linked to your account to manage report history and detect abuse patterns
  • The reported listing identifier: To associate the report with the relevant listing
  • Timestamp: Date and time the report was submitted
  • IP address: Collected at the time of submission for fraud detection and anti-abuse purposes

When you use the "Download My Personal Data" feature, your report description, the listing identifier, and the submission date are included. Your IP address and the internal processing status of your report are withheld from data exports: the IP address under the anti-fraud exemption, and the processing status as it constitutes operational data rather than personal data you provided.

We also maintain an internal reporter activity record linked to your account. This record tracks the number of reports you have submitted and their outcomes, and is used solely to detect coordinated abuse of the reporting system. This activity record — including your trust score, false-report count, and block status — is deleted when your account is deleted.

The individual report records themselves (description, listing identifier, timestamp) are separate from this activity record and are retained after account deletion for up to 5 years for content moderation and legal evidence purposes. See Section 5 for full retention periods and legal bases.

Report data is used for content moderation purposes only and is not shared with other users.

1.3.3 Email Deliverability Records

When an email sent to your address results in a permanent delivery failure (bounce) or is marked as unwanted by your email provider (complaint), we add your email address to an internal suppression list. This prevents us from sending further emails to that address, which protects both you and the reliability of our communications. This record includes your email address, the reason for suppression, and an expiry date after which the suppression may be lifted. This processing is based on our legitimate interest in responsible email communications. If you believe your email address has been incorrectly added to this list, please contact support@mayadeen.app.

1.4 Tracking Technologies and SDK Usage

Our mobile application uses the following technologies to collect information automatically:

Technology Purpose Data Collected Provider
Session Tokens Maintain your login session Authentication tokens stored on your device Mayadeen servers
Local Storage / Cache Improve app performance and offline functionality App preferences, cached map tiles and content Your device's local storage
Third-Party Sign-In Sign in using an existing account from a supported provider (optional) The selected provider returns your name and email address to us upon successful authentication. Each provider may log this event per their own privacy policy. One or more of: Google LLC, Apple Inc., Meta (Facebook), X Corp. (Twitter) — depending on which option you choose

Not all sign-in providers listed above may be available at any given time. We do not currently use a third-party crash reporting SDK in the mobile application. Your device's operating system (iOS or Android) may collect crash information independently according to your device settings. Our backend infrastructure uses New Relic for server-side performance monitoring; we do not intentionally send personal data to New Relic.

What We Do NOT Use:

  • We do not use advertising tracking SDKs or behavioral analytics SDKs
  • We do not participate in cross-app tracking or targeted advertising networks
  • We do not track your activity outside the Mayadeen app

Managing Your Data:

  • Clear App Data: Use your device settings to clear cached data and local storage
  • Log Out: Ends your session and clears authentication tokens
  • Revoke Third-Party Sign-In: You can revoke Mayadeen's access through your respective provider's account settings at any time
  • Uninstall: Removes all locally stored data from your device

2. How We Use Your Information

We use collected information for:

Purpose Description
Account Management Create and manage your account, authenticate users
Listings Display and manage listings
Communications Send notifications, updates, and support messages
Payments Process subscription and listing fees via App Store/Google Play
Analytics Understand usage patterns and improve the App
Security Detect and prevent fraud, abuse, and security issues
Legal Compliance Comply with applicable laws and regulations

2.1 Legal Bases for Processing

We process your personal data based on the following legal bases:

Processing Activity Legal Basis
Account creation and management Performance of contract — necessary to provide the services you registered for
Publishing and displaying your listings Performance of contract
Processing payments via App Store / Google Play Performance of contract
Sending transactional notifications and emails Performance of contract
Security monitoring and fraud detection Legitimate interest — protecting the Platform and its users from abuse
IP address and server log collection Legitimate interest — security monitoring and diagnosing technical issues
Crash reporting and diagnostics Legitimate interest — identifying and fixing issues that affect users
Content moderation and report handling Legitimate interest — platform safety and integrity
Consent record keeping Legal obligation — demonstrating compliance with applicable regulations
Audit log retention Legitimate interest and legal obligation — evidence preservation
Disclosure to competent authorities Legal obligation

Where we rely on legitimate interest as our legal basis, you have the right to object to that processing. See Section 6 for how to exercise your rights.

3. How We Share Your Information

We do not sell your personal data to third parties. We do not share your information for third-party advertising purposes. Sharing is limited to the circumstances described below.

3.1 Public Information

The following information is publicly visible to App users:

  • Your name (as property owner/agent)
  • Phone number (for property inquiries)
  • Listings and photos
  • Property location and address

3.2 Third-Party Services

We work with trusted third-party service providers to operate our platform. These providers may process or store your data on our behalf for the following purposes:

Service Category Purpose Data Shared
Authentication Services User authentication and login (e.g., Google Sign-In) Name, email address, authentication credentials
Infrastructure Providers Server hosting, data storage, and backups All user data, listings, images, account information
Performance Monitoring Application performance and error tracking Technical logs, error reports, performance metrics, device information
Payment Processors In-app purchases and subscriptions Transaction IDs, purchase history (handled by Apple App Store and Google Play Store)
Map Services Display property locations on maps Property coordinates (publicly visible in listings); see Section 3.2.1

Data Protection: We select service providers based on their security standards and data protection capabilities. Our primary infrastructure is located in the European Union, which provides strong data protection standards.

Your Rights: You can request information about our current service providers by contacting support@mayadeen.app.

3.2.1 Map Services

Mayadeen displays maps using:

  • Self-hosted map data sourced from open datasets including OpenStreetMap (© OpenStreetMap contributors) and public satellite imagery
  • Google Maps Platform on Android/iOS devices for enhanced map features

Google Maps Usage (Android/iOS):

  • When Google Maps is active, map tiles are loaded from Google's servers
  • If you grant location permission, your device location is shared with Google Maps to center the map on your current position
  • Google may collect usage data according to their Privacy Policy
  • Only the coordinates you manually select are sent to our servers and saved

Self-hosted Maps: For map displays using our self-hosted infrastructure, we do not share your location or search data with any third-party map providers. All map rendering occurs on our own servers.

For detailed map data attribution and licenses, see the "About Maps" section in the application.

3.3 Legal Requirements

We may disclose your information if required by law or to:

  • Comply with legal processes and government requests under applicable Syrian law
  • Protect our rights and property
  • Prevent fraud or security threats
  • Protect user safety

3.4 Business Transfers

If Mayadeen is involved in a merger, acquisition, restructuring, or sale of all or a portion of its assets, your personal data may be transferred as part of that transaction. In such cases, the acquiring party will be subject to its own privacy policy, which may differ from this one.

4. Data Security

We implement security measures to protect your information:

  • Encryption: Data transmitted using SSL/TLS encryption
  • Access Controls: Limited employee access to personal data
  • Regular Audits: Security reviews and updates
  • Secure Storage: Data stored on protected servers
Note: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

4.2 Security Incidents

Our Security Measures:

  • Password Security: Passwords are protected using industry-standard cryptographic hashing
  • Data Encryption: Data in transit is protected with encryption
  • Session Management: Authentication sessions can be terminated if unauthorized access is suspected
  • Access Controls: Restricted employee access to user data
  • Security Monitoring: Regular security reviews and monitoring

Incident Response:

In the event of a security incident that we become aware of, we will investigate, contain, and remediate the issue. Since most data held by Mayadeen is either publicly visible or technically protected (passwords are cryptographically hashed and cannot be reversed), the practical risk of a breach to users is limited. If we become aware of an incident and determine that it poses a meaningful risk to users' interests, we will notify affected users via in-app notification or email. We will also comply with any mandatory notification obligations under applicable law.

5. Data Retention

We retain your information only for as long as necessary to provide our services and comply with legal obligations:

Data Type Retention Period Notes
Account Data Until you delete your account Immediately removed from production; may remain in encrypted backups for up to 90 days until naturally replaced during routine backup rotation
Listings Duration of listing period Expired listings are deleted from active systems
Listing Images Duration of listing Deleted immediately upon removal (not included in database backups)
Server Logs Retained for security monitoring and diagnostics Deleted within 12 months
Crash Reports Retained for app stability improvements, if a crash reporting service is in use Deleted within 90 days of collection
Payment Records Not stored by us Handled exclusively by Apple App Store and Google Play Store
Analytics Data Indefinitely Aggregated and anonymized; cannot identify individuals
Content Moderation Reports Up to 5 years from the date of submission, regardless of outcome Retained after the reporting user's account is deleted. The reporter activity record (trust score, false-report count, block status) is deleted with the account, but individual report records are preserved as moderation and legal evidence. Legal basis: legitimate interest in platform safety and legal obligation for evidence preservation.
Consent Records (Update Acceptances) 6 years from when the accepted version was superseded by a newer version, or 6 years from account deletion — whichever is later. Then permanently deleted. Each acceptance event is recorded with version, email address, timestamp, and IP address. Records are append-only. Retained to demonstrate informed consent and defend against legal claims.
Email Suppression Records Until the per-entry expiry date is reached Records are added only when delivery failures or complaints occur. Contact support@mayadeen.app to request review of a suppression entry.

5.1 Backups and Disaster Recovery

We maintain encrypted database backups to protect against data loss and ensure service continuity. These backups:

  • Are stored on secure infrastructure with redundancy measures
  • Contain database records only (listing images are NOT included in backups)
  • Are encrypted and not accessible for normal operations
  • Are automatically replaced as part of routine backup rotation cycles

5.2 Account Deletion

You can delete your account at any time directly in the App settings. Account deletion is immediate and self-service; no request to support is required. An administrator may also delete an account via the admin panel. When an account is deleted, the following occurs:

  • Registration Data: Your email address, full name, and phone number are deleted from the production database
  • Listings: All your listings and the images attached to them are deleted from the production database and from storage
  • Reporter Activity Record: Your internal reporter activity record (trust score, false-report count, block status) is deleted
  • Backup Copies: Data may remain in encrypted backup copies for up to 90 days until naturally replaced during routine rotation. These backups are encrypted and not used for operational purposes.

The following data is retained after account deletion:

  • Content Moderation Reports You Submitted: Individual report records are retained for up to 5 years as moderation and legal evidence records. Legal basis: legitimate interest in platform safety and legal obligation for evidence preservation.
  • Audit Log Entries: Entries in which your account was an actor or a target of an administrative action are retained for 3 to 5 years depending on action type. Legal basis: legal obligation and legitimate interest.
  • Consent Records: Records of which version of the Terms of Service and Privacy Policy you accepted, your email address at the time of acceptance, the date of acceptance, and the IP address used are retained for 6 years from the date the relevant version was superseded by a newer version, or 6 years from the date your account was permanently deleted, whichever is later. After this period, consent records are permanently deleted. We retain these records solely to demonstrate compliance with our legal obligations and to defend against legal claims. Legal basis: legal obligation.
  • Email Suppression Records: If your email address is on an email suppression list, that entry is retained until its per-entry expiry date. Legal basis: legitimate interest in responsible email communications.

Important: We cannot control data cached by your device, other users' devices, or third-party services (such as search engines that may have indexed public listings before deletion).

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

  • Access: Download your personal data at any time using the "Download My Personal Data" button in your profile — no request to support is required
  • Correction: Update or correct your profile information (name, phone number) directly in the profile screen in the App at any time
  • Deletion: Delete your account directly in the App settings at any time — no request to support is required
  • Data Portability: Receive your data in a portable format using the "Download My Personal Data" feature in your profile
  • Restriction: You may request that we temporarily restrict processing of your personal data if you believe it is inaccurate, pending your correction of it in the App. In practice, since you can correct your data immediately yourself in the App, this right is typically resolved by making the correction directly. To request restriction in other circumstances, contact privacy@mayadeen.app.
  • Objection: You may object to processing of your personal data where we rely on legitimate interest as our legal basis. However, we will continue processing where we have compelling legitimate grounds that override your objection — including but not limited to: fraud detection and prevention, platform security, legal evidence preservation, compliance with applicable law, content moderation obligations, and audit log retention. Processing that is necessary for the performance of your contract with us (such as running your account and displaying your listings) is not subject to objection. To submit an objection, contact privacy@mayadeen.app.

Note: We only send essential transactional emails to registered users (verification codes, account notifications). We do not send marketing communications. Unregistered users do not receive any emails as they have not provided an email address.

6.2 Push Notifications

You can disable notifications in the App settings or device settings.

6.3 Automated Decision-Making

The Platform uses automated processing in the following limited circumstance:

Report abuse detection: Our system automatically tracks the ratio of reports you submit that are found to be false or submitted in bad faith. If this ratio reaches a defined threshold, the system may automatically restrict your ability to submit further reports. If you believe this restriction has been applied incorrectly, you may contact support@mayadeen.app to request a human review of your report history. We will respond within 5 business days.

We do not use automated decision-making for any other purpose that produces significant effects on you, including pricing, content visibility, or account standing.

7. Children's Privacy

While browsing listings does not require an account, users must be at least 18 years old to create an account and publish listings. We do not knowingly collect personal information from users under the age of 18. If you believe a minor has created an account or provided us with personal information, please contact us immediately so we can delete their information.

8. International Data Transfers and Governing Law

Your information may be transferred to and stored on servers located outside your country of residence, including in the European Union. By using the App, you consent to such transfers.

8.1 Governing Law

This Privacy Policy is governed by the laws of the Syrian Arab Republic. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of Syrian courts.

8.2 Your Rights

Nothing in this Privacy Policy limits your statutory data protection rights under applicable laws in your jurisdiction.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time by posting the updated version on this page. For material changes that significantly affect your rights or how we handle your personal data, all users will be shown an in-app prompt requiring them to review and accept the updated policy before continuing to use the App. Your continued use of the App after any changes have been posted constitutes acceptance of the updated Privacy Policy.

10. Contact Us

For questions, concerns, or requests regarding your privacy or this policy, please contact us at the addresses below.

11. Language

This Privacy Policy is provided in Arabic and English for your convenience. In case of any conflict or inconsistency between the Arabic and English versions, the Arabic version shall prevail and be the legally binding version.

12. Your Consent

By using the Mayadeen App or Services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.