Privacy Policy
Last updated: April 03, 2026
AbjadPro ("we", "us", or "our") operates the abjadpro.com website. This page informs you of our policies regarding the collection, use, and disclosure of personal information when you use our service.
Information We Collect
Account Information
When you create an account, we collect:
- Email address
- Username
- Password (stored securely as a hash — we never store your actual password)
Payment and Billing Information
When you subscribe to a paid plan, your payment is processed by Stripe. We do not store your credit card number or full payment details on our servers. Stripe handles all payment processing securely in accordance with PCI-DSS standards. We store only:
- A Stripe customer ID
- Subscription status and plan type
- Billing cycle dates
- Transaction history (amounts and dates of charges)
For details on how Stripe handles your payment data, see Stripe's Privacy Policy.
Usage Data
As you use AbjadPro, we collect data about your learning activity, including:
- Lesson and alphabet section progress
- Video watch time
- Flashcard review history and scheduling data
- Story completion status
Cookies
We use cookies and similar technologies on our site. These fall into the following categories:
- Essential cookies — Required for core functionality such as keeping you signed in and protecting forms from cross-site request forgery. These cannot be disabled.
- Analytics cookies — Used by Google Analytics to help us understand how visitors use the site. These are only set after you give consent via our cookie banner.
- Marketing cookies — Used by Meta Pixel to measure advertising effectiveness. These are only set after you give consent via our cookie banner.
You can manage your cookie preferences at any time using the cookie banner at the bottom of the page. You can also instruct your browser to refuse all cookies, though some features of AbjadPro may not function properly without essential cookies.
Analytics
We use Google Analytics to understand how visitors interact with our site. Google Analytics is only activated after you consent via our cookie banner. It collects information such as how often users visit the site, what pages they visit, and what other sites they visited prior. We use this information solely to improve our service. Google Analytics collects the IP address assigned to you on the date you visit the site, but we do not combine this with other data to identify you personally. You can withdraw your consent at any time by clearing your browser's local storage or by using the Google Analytics Opt-out Browser Add-on.
Third-Party Services
We use the following third-party services that may process your data:
- Google Analytics — website analytics (loaded only with your consent)
- Meta Pixel — advertising measurement (loaded only with your consent)
- Cloudinary — image hosting and delivery
- Rollbar — error tracking to help us fix bugs
- Stripe — payment processing for subscriptions
Each of these services has their own privacy policy governing their use of your data. Some of these services are based in the United States. Where data is transferred outside the European Economic Area, we rely on the provider's Standard Contractual Clauses or other appropriate safeguards to ensure your data is protected.
How We Use Your Information
We use the information we collect to:
- Provide and maintain the AbjadPro learning platform
- Process subscription payments and manage your billing
- Track your learning progress and schedule flashcard reviews
- Send you password reset emails when requested
- Monitor and fix errors in the application
- Understand how the site is used so we can improve it
Lawful Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
| Processing Activity | Legal Basis (GDPR Article 6) |
|---|---|
| Account creation (email, username, password) | Contract performance — necessary to provide you with the service you signed up for |
| Subscription billing via Stripe | Contract performance — necessary to process your paid subscription |
| Learning progress tracking (lessons, flashcards, videos, stories) | Contract performance — core to the learning service we provide |
| Essential cookies (session, CSRF protection) | Legitimate interest — necessary for site security and functionality |
| Google Analytics | Consent — only activated after you opt in via the cookie banner |
| Meta Pixel (advertising measurement) | Consent — only activated after you opt in via the cookie banner |
| Error tracking (Rollbar) | Legitimate interest — necessary to identify and fix bugs that affect the service |
| Password reset emails | Contract performance — requested by you to regain access to your account |
| Contact form messages | Legitimate interest — necessary to respond to your enquiries |
| Transaction history retention after account deletion | Legal obligation — required for accounting and tax compliance |
Where processing is based on consent, you may withdraw your consent at any time. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
Data Sharing
We do not sell your personal information for monetary consideration. We share data with the third-party services listed above only as necessary to operate the platform. When you consent to analytics and marketing cookies, certain usage data may be shared with Google and Meta for analytics and advertising measurement purposes — see "Your California Privacy Rights" for details and opt-out options.
Data Security
We take reasonable measures to protect your personal information, including:
- Enforcing HTTPS across the entire site
- Hashing passwords with industry-standard algorithms
- Using CSRF protection on all forms
However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
Data Retention
We retain your account and learning data for as long as your account is active. If you cancel your subscription, we retain your data so that your progress is preserved should you choose to resubscribe. If you request account deletion, we will delete your personal data within 30 days, except where we are required to retain certain records (such as transaction history) for legal or accounting purposes.
Your Rights
If you are located in the European Economic Area (EEA), you have the following rights under the GDPR. You can exercise these rights from your account settings or by contacting us:
- Access — View the personal data we hold about you from your account settings
- Rectification — Update your email, username, or password through your account settings
- Erasure ("right to be forgotten") — Delete your account and associated data from your account settings
- Data portability — Export a machine-readable copy of your personal data from your account settings
- Restriction of processing — Request that we limit how we use your data by contacting us
- Objection — Object to processing based on legitimate interest by contacting us
- Withdraw consent — Withdraw cookie consent at any time by clearing your browser's local storage, which will re-display the cookie banner on your next visit
If you believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection authority.
Your California Privacy Rights (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights regarding your personal information.
Categories of Personal Information We Collect
In the preceding 12 months, we have collected the following categories of personal information:
- Identifiers — email address, username, IP address, Stripe customer ID
- Commercial information — subscription status, transaction history, billing cycle dates
- Internet or electronic network activity — browsing history on our site, interactions with our platform, video watch time, lesson progress
- Geolocation data — timezone (provided by user), approximate location inferred from IP address by third-party analytics (when consented)
How We Use Personal Information
We use the categories of personal information listed above for the business purposes described in the "How We Use Your Information" section of this policy.
Sale and Sharing of Personal Information
We do not sell your personal information in exchange for monetary consideration. However, under the CCPA's broad definition of "sale" and "sharing," our use of third-party analytics and advertising tools (Google Analytics and Meta Pixel) may constitute "sharing" of personal information for cross-context behavioral advertising purposes when you consent to these cookies. You can opt out of this sharing at any time by:
- Clicking "Do Not Sell or Share My Personal Information" in our website footer
- Rejecting analytics and marketing cookies via our cookie banner
- Updating your cookie preferences at any time using the "Cookie Settings" link in the footer
We do not knowingly sell or share the personal information of consumers under 16 years of age.
Your Rights Under the CCPA
As a California resident, you have the right to:
- Know — Request what personal information we have collected, used, disclosed, and sold about you in the past 12 months
- Delete — Request deletion of your personal information, subject to certain exceptions
- Correct — Request correction of inaccurate personal information
- Opt out of sale/sharing — Direct us not to sell or share your personal information for cross-context behavioral advertising
- Non-discrimination — Exercise your rights without receiving discriminatory treatment
Exercising Your CCPA Rights
You can exercise these rights by:
- Using the tools in your account settings (to access, correct, export, or delete your data)
- Contacting us with your request
We will verify your identity before processing your request by matching the information you provide with the information we have on file. We will respond to verifiable consumer requests within 45 days. If we need more time, we will notify you of the reason and extension period (up to an additional 45 days). You may designate an authorized agent to submit a request on your behalf by providing written authorization.
California "Shine the Light" Law
Under California Civil Code Section 1798.83, California residents may request information about personal data we have shared with third parties for direct marketing purposes. We do not share personal information with third parties for their own direct marketing purposes.
Children's Privacy
AbjadPro is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us so we can delete it.
Data Breach Notification
In the event of a data breach that compromises your personal information, we will take the following steps:
- Containment — We will act immediately to contain the breach, secure affected systems, and prevent further unauthorized access.
- Assessment — We will investigate the scope of the breach to determine what data was affected, how many users were impacted, and the likely risk of harm.
- Notification — If the breach is likely to result in a risk to your rights or privacy, we will notify affected users by email without unreasonable delay and no later than 60 days after discovering the breach. Our notification will include:
- A description of what happened and when
- The types of personal information involved
- Steps we have taken in response
- Steps you can take to protect yourself
- How to contact us for more information
- Regulatory reporting — Where required by applicable state or federal law, we will notify the relevant authorities (such as state Attorneys General) within the required timeframe.
- Remediation — We will take steps to prevent similar incidents in the future, which may include security audits, infrastructure changes, and updated access controls.
If you believe your account or personal data has been compromised, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
Contact Us
If you have any questions about this Privacy Policy, please contact us.