Skip to main content
← back to home

privacy policy

your privacy matters to us

introduction

Sufi Whispers ("we" or "us" or "our") operates the website. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our service and the choices you have associated with that data. This Privacy Policy is in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Last Updated: February 14, 2026

information collection and use

We collect several different types of information for various purposes to provide and improve our service to you.

personal data

While using our service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). This may include but is not limited to:

  • • Your questions and readings (stored locally on your device with your consent)
  • • Consent preferences

technical data

We automatically collect certain technical data for analytics and security purposes:

  • • IP address
  • • Browser type and version
  • • Pages visited and time spent
  • • Device information

managing your privacy and consent

We provide a comprehensive Privacy Settings page where you can:

  • Manage Consent Preferences: Control your cookie and data processing preferences for analytics and functional features
  • Export Your Data: Download all your personal data in a machine-readable format (JSON) at any time
  • Request Data Deletion: Permanently delete all your data including readings, questions, and consent history
  • View Your GDPR Rights: Access detailed information about your rights under the GDPR and how to exercise them

Visit your Privacy Settings page anytime to review or update these preferences.

local storage and data control

Your questions and reading history are stored locally on your device using browser storage (localStorage). We do not transmit this data to our servers unless you explicitly choose to share it. This data remains on your device and is under your control.

Legal Basis: Processing of your personal data is based on your explicit consent (Article 6(1)(a) GDPR). You can withdraw your consent at any time, which will not affect the lawfulness of processing prior to withdrawal.

Data Retention: Your data is stored locally on your device and will remain until you delete it. We automatically limit storage to the most recent 25 readings. You may delete your data at any time through the journal page or by clearing your browser storage.

legal basis for processing

We process your personal data on the following legal bases under GDPR:

  • Consent (Article 6(1)(a)): For storing your readings and questions locally on your device
  • Legitimate Interests (Article 6(1)(f)): For technical data used in analytics and security
  • Contractual Necessity (Article 6(1)(b)): To provide the core functionality of our service

use of data

Sufi Whispers uses the collected data for various purposes:

  • • to provide and maintain our service
  • • to allow you to save and access your readings with your consent
  • • to provide customer support
  • • to gather analysis or valuable information so that we can improve our service (with your consent)
  • • to detect, prevent and address technical and security issues

security of data

The security of your data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

changes to this privacy policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "effective date" at the top of this Privacy Policy.

contact us and data protection officer

If you have any questions about this Privacy Policy, wish to exercise your GDPR rights, or have concerns about how we process your personal data, please contact us:

  • Email: privacy@sufiwhispers.com
  • Website: https://sufiwhispers.com

You also have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, where you work, or where an alleged infringement of data protection laws occurred.

cookies and tracking technologies

We use cookies and similar tracking technologies to enhance your experience. We categorize cookies as follows:

  • Essential Cookies: Required for the website to function properly. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors use our website. These require your explicit consent.
  • Functional Cookies: Enable enhanced features like saving your readings. These require your explicit consent.

You can manage your cookie preferences through our consent banner, which appears when you first visit our website. You may withdraw consent at any time.

third-party services

Our service may contain links to third-party websites or services that are not operated by us. Please note that we have no control over the content, policies, or practices of third-party websites or services, and we cannot accept responsibility or liability for their respective privacy practices.

your rights under gdpr

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Article 15): Request access to your personal data we hold about you
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("Right to be Forgotten")
  • Right to Restrict Processing (Article 18): Request restriction of processing of your data
  • Right to Data Portability (Article 20): Receive your data in a structured, commonly used format
  • Right to Object (Article 21): Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent at any time without affecting lawfulness of prior processing

Since most of your data is stored locally, you have full control over it and can delete it at any time through the journal page or by clearing your browser storage. To exercise your rights regarding data we process on our servers, please contact us using the information below.

Manage Your Privacy Settings: Visit our Privacy Settings page to easily manage your consent preferences, export your data, or request complete data deletion (right to erasure).

international data transfers

Your personal data is primarily stored locally on your device. For data transferred to third-party services (such as Google Analytics), we ensure appropriate safeguards are in place, including standard contractual clauses as required by GDPR, to protect your personal data when transferred outside the European Economic Area (EEA).

data breach notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you without undue delay and, where feasible, not later than 72 hours after becoming aware of the breach, in accordance with GDPR Article 33.

← back to home