Privacy Policy for A Ween Rayeh
Last Updated: November 2025
Introduction
A Ween Rayeh is a community-driven mobility application that helps users navigate road conditions and checkpoint status in Palestine. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.
By using A Ween Rayeh, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Personal Information
There is no need to create an account to use our Service, but if you do, then we may collect:
- Email address (optional, for account creation)
- Display name (optional, chosen by you)
- Phone number (optional, for account verification)
1.2 Location Data
Our app requires location permissions to provide core functionality:
Foreground Location:
Used when the app is active to:
- Display nearby checkpoints on the map
- Filter relevant checkpoint information based on your area
- Show accurate route planning between cities
Background Location (Optional):
If you enable proximity notifications, we collect location data in the background to:
- Send notifications when you approach checkpoints with outdated information
- Alert you about nearby traffic conditions
You can disable background location at any time in your device settings
Important: Location data is processed locally on your device and only checkpoint proximity events are logged (not continuous location tracking). We do not sell or share your precise location with third parties.
1.3 Usage Data
We automatically collect:
- Device information: Device type, operating system version, unique device identifier (for push notifications)
- App usage: Features used, screens visited, time spent in app
- Interaction data: Checkpoint reports submitted, favorite checkpoints saved
- Error logs: Crash reports and error diagnostics (via Sentry)
1.4 User-Generated Content
When you submit checkpoint reports or community contributions:
- Checkpoint status updates
- Alternative route suggestions
- Working hours information
- General feedback and important updates
All user-generated content is moderated by AI and human reviewers before publication to ensure accuracy and prevent abuse.
2. How We Use Your Information
2.1 Service Provision
- Provide real-time checkpoint status updates
- Send personalized proximity notifications
- Display nearby checkpoints based on your location
- Enable route planning between cities
- Store your favorite checkpoints for quick access
2.2 Content Moderation
We use a dual-layer moderation system:
- AI Moderation: Automated analysis of user submissions for inappropriate content, spam, or fraudulent information
- Human Review: Manual verification by our moderation team for flagged content
This ensures the quality and reliability of community-contributed information while protecting users from harmful or misleading data.
2.3 Analytics and Improvement
We use PostHog for product analytics to:
- Understand which features are most useful
- Identify and fix usability issues
- Measure app performance and stability
You can opt out of analytics in Settings → Data & Privacy
2.4 Error Tracking
We use Sentry to monitor app stability:
- Automatic crash reporting
- Error diagnostics
- Session replays (screenshots and interaction logs during crashes)
No personally identifiable information is included in error reports
2.5 Push Notifications
We use Firebase Cloud Messaging (FCM) to deliver:
- Proximity alerts when near checkpoints
- Daily summaries of checkpoint status (if enabled)
- Urgent traffic alerts
- Important app updates
3. Data Storage and Backend Infrastructure
3.1 Dual Backend Architecture
We use two backend systems to ensure reliability and prevent fraud:
1. Supabase (Primary Database):
- Stores checkpoint data, user accounts, favorites, and notifications
- Hosted in secure cloud infrastructure with encryption
- Provides real-time data synchronization
2. MongoDB (Fraud Detection & Vote Validation):
- Validates user votes and reports for authenticity
- Detects suspicious patterns and fraudulent behavior
- Prevents manipulation of checkpoint status
Why two backends? This architecture protects against bad actors attempting to manipulate checkpoint information while maintaining fast, reliable service.
3.2 Data Retention
- Checkpoint data: Retained for 90 days, then automatically deleted
- User accounts: Retained until you request deletion
- Notification logs: Retained for 30 days for troubleshooting
- Analytics data: Aggregated and anonymized, retained indefinitely for trend analysis
- Error logs: Retained for 90 days
4. Third-Party Services
We integrate the following third-party services:
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Supabase | Database, authentication, real-time updates | Email, device ID, checkpoint interactions | Supabase Privacy |
| MongoDB | Fraud detection, vote validation | Anonymized device fingerprints, voting patterns | MongoDB Privacy |
| PostHog | Product analytics | Device type, app usage patterns, feature interactions | PostHog Privacy |
| Sentry | Error tracking, crash reporting | Device info, error logs, session replays | Sentry Privacy |
| Firebase (FCM) | Push notifications | Device push token, notification preferences | Google Privacy |
| Expo | App framework, push notification delivery | Device info, app version | Expo Privacy |
5. User-Generated Content and Moderation
5.1 Content Submission
When you submit checkpoint reports or feedback:
- Your submission is marked as "pending" until reviewed
- AI systems check for spam, profanity, and suspicious patterns
- Human moderators verify accuracy and appropriateness
- Approved content is published anonymously (no attribution to your account)
5.2 Reporting Inappropriate Content
Every checkpoint card includes a "Report Error" button. Use this to:
- Report incorrect checkpoint status
- Flag inappropriate user submissions
- Suggest corrections to checkpoint information
All reports are reviewed by our moderation team within 24-48 hours.
5.3 Enforcement
Repeated violations of community guidelines may result in:
- Content removal
- Temporary submission restrictions
- Account suspension (in severe cases)
6. Data Security
We implement industry-standard security measures:
- Encryption in transit: All data transmitted between your device and our servers uses HTTPS/TLS
- Encryption at rest: Database encryption for stored personal information
- Access controls: Role-based access limits who can view sensitive data
- Regular audits: Security assessments and vulnerability testing
- Anonymous submissions: User-generated content is not linked to your account publicly
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
7. Your Privacy Rights
7.1 Access and Control
You have the right to:
- Access your data: Request a copy of personal information we store
- Update your data: Modify your profile information in the app
- Delete your data: Request complete account deletion (Settings → Account → Delete Account)
- Opt out of analytics: Disable PostHog tracking in Settings → Data & Privacy
- Control notifications: Manage notification preferences in Settings → Notifications
- Disable location: Turn off location services in your device settings
7.2 How to Exercise Your Rights
To access, modify, or delete your data:
- In-app: Go to Settings → Account → Data & Privacy
- Email us: musabnuirat@gmail.com
- Visit: https://www.aweenrayeh.com/privacy
We will respond to requests within 30 days.
8. Children's Privacy
A Ween Rayeh is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will delete such information from our servers.
9. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in our data practices
- New features or services
- Legal or regulatory requirements
We will notify you of significant changes via:
- Email (if you have an account)
- Prominent notice on our website
The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of the app after changes constitutes acceptance of the updated policy.
10. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your data based on:
- Consent: Location data, analytics, push notifications (you can withdraw consent at any time)
- Contractual necessity: Providing core app functionality (checkpoint status, routing)
- Legitimate interests: Fraud prevention, service improvement, content moderation
11. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence, including:
- United States (Supabase, MongoDB, Sentry, Firebase)
- European Union (Supabase regions)
We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your data during international transfers.
12. Contact Us
If you have questions about this Privacy Policy or our data practices:
Email: musabnuirat@gmail.com
Website: https://www.aweenrayeh.com
Privacy Page: https://www.aweenrayeh.com/privacy
13. Compliance and Transparency
We are committed to:
- Google Play Developer Policies: Full compliance with UGC moderation requirements (Section 4.6)
- GDPR: Respecting data subject rights for EEA users
- CCPA: Honoring California consumer privacy rights (do-not-sell requests)
- Transparency: Clear disclosure of all data collection, storage, and third-party services
This privacy policy is written in plain language to ensure you understand how your data is used. If anything is unclear, please contact us.
Thank you for using A Ween Rayeh!
Together, we're making travel safer and more informed for everyone in Palestine. 🇵🇸