Privacy Policy

Last updated: March 2026 · GDPR compliant

1. Who We Are

Halalem is a community-run, non-profit, open-source platform. We are the data controller for personal data processed through this website. Contact: privacy@Halalem.com

2. Data We Collect

  • Account data: Your name and email address when you register.
  • Activity data: Ratings, reviews, halal votes, and content submissions you make.
  • Technical data: IP address, browser type, and timestamps — collected automatically for security and fraud prevention purposes.
  • Cookies: Session cookies to keep you logged in. No advertising or tracking cookies.

3. How We Use Your Data

  • To provide and maintain your account
  • To display your reviews and ratings publicly (your name is shown)
  • To detect and prevent abuse, fraud, and security threats
  • To send you important service notifications (not marketing)

We never sell your data. We never use your data for advertising. We are ad-free by principle.

4. Your GDPR Rights

If you are in the European Economic Area (EEA) or United Kingdom, you have the following rights:

  • Right of access — request a copy of your personal data
  • Right to rectification — correct inaccurate data
  • Right to erasure — request deletion of your account and data ("right to be forgotten")
  • Right to restriction — ask us to limit how we process your data
  • Right to data portability — receive your data in a machine-readable format
  • Right to object — object to processing based on legitimate interests

To exercise any of these rights, email privacy@Halalem.com. We will respond within 30 days.

5. Data Retention

We keep your account data as long as your account is active. If you delete your account, we remove your personal data within 30 days. Some anonymised activity data (aggregated ratings) may be retained indefinitely as it no longer identifies you.

6. Security

We implement industry-standard security measures including password hashing (bcrypt), HTTPS encryption, CSRF protection, rate limiting, and input validation. However, no system is 100% secure. Please use a strong, unique password for your account.

7. Cookies

We use only essential cookies: a session cookie to keep you logged in and a CSRF token cookie for security. These are strictly necessary and cannot be disabled without breaking login functionality. We do not use Google Analytics, Facebook Pixel, or any third-party tracking.

8. Third Parties

We do not share your personal data with third parties except where legally required (e.g. court order). Donation processing through Buy Me a Coffee or PayPal is handled by those third parties under their own privacy policies — we do not receive or store your payment details.