Privacy Policy

1. Who We Are

Timeless Hadith ("we", "us", or "our") operates the website at timelesshadith.com. We are committed to protecting your privacy in accordance with the Saudi Arabian Personal Data Protection Law (PDPL), issued by Royal Decree No. M/19 dated 9/2/1443H (corresponding to 16 September 2021), and its implementing regulations.

This Privacy Policy explains what data, if any, is collected when you visit our site and how we handle it.

2. Data We Collect

2.1 Data we do NOT collect

Timeless Hadith does not have a backend, database, or user accounts. We do not collect:

• Your name, email address, or any personal identifiers
• IP addresses (we do not run server-side analytics)
• Device identifiers or fingerprints
• Browsing history or behavioural profiles
• Payment or financial information

2.2 Data stored on your device (localStorage)

When you interact with our site, your browser may store the following values locally on your own device only:

• th_theme — your chosen display mode (light or dark)
• th_cookie_consent — your consent choice (accepted or declined)
• th_cookie_consent_date — the date you made that choice
• th_bookmarks — hadith IDs you have bookmarked (if signed in)

These values never leave your device and are never transmitted to us or any third party.

2.3 Hosting provider data

Our hosting provider (Cloudflare Pages / GitHub Pages) may log standard server access logs including IP addresses and request paths. These logs are governed by the hosting provider's own privacy policy and are used solely for security and infrastructure purposes. We do not access or process individual user records from these logs.

3. Why We Collect It

The local storage values described above are collected for the following purposes:

• Theme preference — to restore your display preference on repeat visits, improving usability
• Cookie consent — to record your consent decision as required by the PDPL, ensuring we do not prompt you repeatedly
• Bookmarks — to save hadiths you have marked for personal reference, stored entirely on your own device

4. Legal Basis Under PDPL

Under the PDPL (Articles 5 and 6), personal data must not be processed without a valid legal basis. Because Timeless Hadith does not process personal data on any server, the PDPL's consent requirements for personal data processing do not apply to our core functionality.

For the limited use of localStorage on your device:

• We seek your explicit consent via the cookie banner before storing non-essential preference data
• If you decline, no preference data is stored (the site remains fully functional with default settings)
• You may withdraw consent at any time by clearing your browser's local storage

5. Cookies & Local Storage

We do not use tracking cookies, advertising cookies, or third-party cookies of any kind.

We use browser localStorage (not HTTP cookies) to store the preference values listed in Section 2.2. Unlike cookies, localStorage data is not transmitted with HTTP requests and cannot be accessed by any server or third party.

How to clear your data

You can delete all locally stored data at any time:

• Chrome/Edge: DevTools → Application → Local Storage → timelesshadith.com → Delete all
• Firefox: DevTools → Storage → Local Storage → Right-click → Delete all
• Safari: Preferences → Privacy → Manage Website Data → timelesshadith.com → Remove
• All browsers: Clear browsing data (site data / cookies & storage)

6. Data Sharing

We do not sell, rent, trade, or share any personal data with third parties. Because we collect no personal data on our servers, there is nothing to share.

If you use the Share as Text feature, the hadith text is copied to your clipboard using your browser's native clipboard API. We do not send this text to any server. If you use the Share as Image feature, the image is generated locally in your browser using the Canvas API and downloaded directly to your device — no data is transmitted to us.

7. Data Retention

Data stored in localStorage persists on your device until you clear it. We have no ability to delete it remotely, as it resides solely on your device.

No personal data is retained on our servers at any time.

8. Your Rights Under PDPL

Under Saudi Arabia's Personal Data Protection Law, you have the following rights:

• Right to be informed — this policy fulfils that right
• Right of access — you can view your stored data by opening your browser's DevTools → Local Storage
• Right to rectification — stored values are auto-generated preferences; you can reset them by clearing local storage
• Right to erasure — clear your browser's local storage at any time (see Section 5)
• Right to restrict processing — decline cookies via our consent banner or clear local storage
• Right to data portability — not applicable (no personal data held by us)
• Right to object — contact us at the address below

To exercise any of these rights, please contact us at privacy@timelesshadith.com. We will respond within 30 days.

9. Security

Although we collect minimal data, we take security seriously:

• All traffic is served over HTTPS (TLS 1.2+)
• HTTP security headers are enforced: X-Frame-Options: DENY, X-Content-Type-Options: nosniff, Strict-Transport-Security, Permissions-Policy
• A Content Security Policy is applied to prevent cross-site scripting (XSS)
• No third-party scripts or CDNs are loaded beyond Google Fonts for Arabic text rendering

10. Minors

Timeless Hadith is an educational and spiritual resource suitable for all ages. We do not knowingly collect data from children under the age of 13. Because we collect no personal data whatsoever, this site is safe for users of all ages.

11. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the site after changes constitutes acceptance of the updated policy.

For material changes, we will display a notice on the site.

12. Contact Us