Back to Home

Privacy Policy

Privacy Policy for Forsah

Last Updated: May 10, 2025

1. Introduction

Welcome to Forsah's Privacy Policy. This policy explains how we collect, use, disclose, and safeguard your information when you use our website and services. We are committed to protecting your privacy and complying with applicable data protection laws, including the Egyptian Personal Data Protection Law (Law No. 151 of 2020).

Please read this privacy policy carefully. By accessing or using our service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

2. Data Controller

Forsah ("we," "us," or "our") is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us at mhndcorp@gmail.com.

3. Information We Collect

3.1 Personal Data

We may collect the following categories of personal data:

  • Account Information: When you register for an account, we collect your name, email address, and profile image if you sign in with Google, or just your email address if you use a magic link to sign in.
  • Authentication Data: We collect authentication tokens when you sign in to our service.
  • Transaction Data: If you make purchases through our service, we collect payment information, transaction history, and billing details.
  • Usage Data: We collect information about how you interact with our service, including access times, pages viewed, and features used.
  • Device Information: We collect information about your device, including IP address, browser type, operating system, and device identifiers.

3.2 Cookies and Similar Technologies

Our website uses cookies and similar tracking technologies to collect information about your browsing activities. These technologies help us improve your experience, understand usage patterns, and optimize our service.

The following cookies may be used when you visit our site:

  • Authentication Cookies: These cookies (__Host-authjs.csrf-token, __Secure-authjs.callback-url, and __Secure-authjs.session-token) are essential for the functioning of our authentication system.
  • Analytics Cookies: We use Vercel Analytics, which collects anonymized data about website traffic and user behavior. This service respects user privacy and does not use cookies for tracking purposes.

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our service.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our services
  • To process and complete transactions
  • To send you technical notices, updates, and support messages
  • To respond to your comments, questions, and requests
  • To monitor usage patterns and analyze trends
  • To detect, prevent, and address technical issues
  • To comply with legal obligations

5. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: We process your data based on your explicit consent when you sign up for our service.
  • Contract: We process your data to fulfill our contractual obligations to you when you use our services.
  • Legitimate Interests: We process your data when it is in our legitimate interests to do so, such as for analytics, service improvement, and security purposes.
  • Legal Obligation: We process your data to comply with applicable laws and regulations.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Specifically:

  • Account Information: We retain your account information for the duration of your account plus 14 months after account deletion.
  • Transaction Data: We retain payment information and transaction history for 14 months after the last transaction.
  • Usage Data: We retain usage data for 14 months from collection.
  • Authentication Data: We retain authentication data until you log out or your session expires.

After the retention period expires, we will securely delete or anonymize your personal data unless we are legally required to retain it longer.

7. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

7.1 Service Providers

We use third-party service providers to help us operate our business and provide our services. These providers have access to your personal data only to perform specific tasks on our behalf and are obligated to protect your data. Our service providers include:

  • Authentication Providers: We use NextAuth for authentication services.
  • Payment Processors: We use Stripe to process payments. When you make a payment, your payment information is transmitted directly to Stripe and is not stored on our servers.
  • Analytics Providers: We use Vercel Analytics to analyze usage patterns and improve our service.

7.2 Legal Requirements

We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

7.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal data.

7.4 With Your Consent

We may share your personal data with third parties when we have your consent to do so.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Our security measures include:

  • Encryption of sensitive data
  • Regular security assessments
  • Access controls and authentication procedures
  • Staff training on data protection

9. Your Data Protection Rights

Under the Egyptian Personal Data Protection Law (Law No. 151 of 2020) and other applicable laws, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request copies of your personal data.
  • Right to Rectification: You have the right to request that we correct any inaccurate information or complete any incomplete information.
  • Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service or organization.
  • Right to Object: You have the right to object to our processing of your personal data in certain circumstances.
  • Right to Be Notified: You have the right to be notified of any breach affecting your personal data.

To exercise any of these rights, please contact us at mhndcorp@gmail.com. We will respond to your request within 30 days.

10. International Data Transfers

We primarily store and process your data within Egypt. However, some of our service providers may be located in other countries. When we transfer your personal data outside of Egypt, we ensure that appropriate safeguards are in place to protect your data, as required by the Egyptian Personal Data Protection Law.

11. Children's Privacy

Our service is not directed to individuals under the age of 15. We do not knowingly collect personal data from children under 15. If we become aware that we have collected personal data from a child under 15 without verification of parental consent, we will take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time at our sole discretion. When we make changes, we will update the "Last Updated" date at the top of this Privacy Policy and may notify you through the website, by email, or through a notification when you access our Service for significant changes.

By continuing to use our Service after the revised Privacy Policy has been posted, you acknowledge and agree to be bound by the current version of this Privacy Policy as well as any future revisions when they come into effect. It is your responsibility to check this Privacy Policy periodically for changes. If you do not agree to the new Privacy Policy, you must stop using the Service.

Your continued use of the Service following the posting of changes constitutes your acceptance of such changes and your consent to be bound by the updated Privacy Policy as well as any future revisions.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

  • Email: mhndcorp@gmail.com

14. Data Protection Authority

If you have concerns about our processing of your personal data, you have the right to make a complaint to the Egyptian Data Protection Authority once it is established. However, we would appreciate the opportunity to address your concerns before you approach the authority, so please contact us first.

15. Third-Party Links and Services

Our service may contain links to third-party websites or services that are not owned or controlled by us. This Privacy Policy only applies to our service. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

By using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.