Privacy Policy

Last updated: 11 October 2025

1. Introduction

Welcome to Arabic Typing 101. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our website and services.

2. Data Controller

The data controller responsible for your personal data is:

Arabic Typing 101

Independent educational project

Email: [email protected]

If you have any questions about this privacy policy or our data practices, please contact us at the email above.

3. Information We Collect

We collect the following types of information:

3.1 Account Information

Email address (required for account creation)
Password (encrypted and never stored in plain text)
Account creation date
Marketing email preference (optional)

3.2 Learning Progress Data

Lesson completion status
Typing speed (words per minute)
Accuracy scores
Time spent on lessons
Progress through the curriculum

3.3 User Preferences

Font size preference
Timer visibility setting
On-screen keyboard visibility setting

3.4 Payment Information

Subscription status and billing cycle
Payment information is processed and stored securely by Stripe (our payment processor)
We do not store your full credit card details on our servers

3.5 Analytics Data (with your consent)

Pages visited and features used
Time spent on different pages
Device type and browser information
Approximate location (country/city level)

3.6 Cookies and Similar Technologies

We use cookies and similar tracking technologies to:

Essential cookies: Keep you logged in and remember your preferences
Analytics cookies: Understand how you use our service (requires consent)
Marketing cookies: Deliver personalised content (requires consent)

See our Cookie Policy for more details.

4. How We Use Your Information

We use your information for the following purposes:

4.1 Service Provision (Legal basis: Contract)

Create and manage your account
Track your learning progress across lessons
Provide personalised learning experiences
Process your subscription payments

4.2 Communication (Legal basis: Consent or Legitimate Interest)

Send you account-related notifications (e.g., password resets, subscription confirmations)
Send marketing emails about new features (only if you opted in)
Respond to your support requests

4.3 Improvement and Analytics (Legal basis: Consent)

Analyse how users interact with our service
Identify and fix technical issues
Improve our lessons and curriculum
Develop new features based on user behaviour

4.4 Legal Compliance (Legal basis: Legal Obligation)

Comply with legal requirements
Prevent fraud and abuse
Enforce our Terms of Service

5. Third-Party Services

We use the following trusted third-party services:

Supabase (Database & Authentication)

Stores your account information and learning progress securely.

Supabase Privacy Policy →

Stripe (Payment Processing)

Handles all payment transactions securely.

Stripe Privacy Policy →

Google Analytics & Google Ads (Analytics & Marketing)

Tracks website usage and helps us improve our service (only with your consent).

Enhanced Conversions: When you sign up or start a trial, we send a hashed (encrypted) version of your email to Google for improved conversion tracking. Your email is hashed using SHA-256 (one-way encryption) before being sent, so Google never receives your actual email address.

Google Privacy Policy →

We do not sell, trade, or rent your personal information to third parties.

6. Data Retention

We retain your information for as long as:

Your account is active, or
Needed to provide you with our services, or
Required by law or for legitimate business purposes

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or regulatory reasons.

7. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or UK, you have the following rights:

Right to Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing of your data for marketing purposes.

Right to Withdraw Consent

Withdraw consent for analytics and marketing cookies at any time.

To exercise any of these rights, please contact us at [email protected]

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

All data transmitted between your browser and our servers is encrypted using SSL/TLS
Passwords are hashed and never stored in plain text
Access to personal data is restricted to authorised personnel only
Regular security audits and updates to our systems
Payment processing is handled by PCI-DSS compliant Stripe

9. Children's Privacy

Our service is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA/UK. When we do so, we ensure appropriate safeguards are in place:

Standard contractual clauses approved by the European Commission
Services certified under privacy frameworks equivalent to GDPR

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by email or through a prominent notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact Us

If you have questions about this privacy policy or our data practices, please contact us:

Email:

[email protected]

← Back to Home