Skip to main content
SP
English
Calculate Zakat

Privacy Policy

Last updated: 2026-05-06 · Effective date: 2026-05-06

Stability Protocol ("we", "us", "our") operates the website stabilityprotocol.space (the "Service"). This Privacy Policy explains what information we collect, how we use it, with whom we share it, how long we keep it, and the rights you have over it. By using the Service you acknowledge that you have read this Privacy Policy.

1. Data Controller

For the purposes of the EU General Data Protection Regulation (GDPR), the UK GDPR, and similar laws, the data controller is Stability Protocol. Privacy questions and rights requests should be directed to [email protected].

2. Information We Collect

We are a free, no-signup Zakat calculator. We collect the minimum amount of data needed to deliver and improve the Service.

2.1 Information you actively provide

None by default. The Zakat calculator runs entirely in your browser. The amounts, weights, and asset values you enter are processed locally on your device and are never transmitted to our servers.

2.2 Information collected automatically

  • Server and security logs processed by Cloudflare on our behalf: IP address, request timestamp, user-agent, page requested, referrer, and approximate country derived from IP. Used solely to deliver content, prevent abuse, and detect attacks.
  • Aggregated analytics (page views, country, browser, device class) collected via Cloudflare Web Analytics — privacy-first, cookie-less, no personal data.
  • Optional advertising and analytics signals — only when you give consent via our cookie banner (see Section 7). These may include cookies and identifiers used by Google Analytics 4 and Google AdSense.

3. How We Use Your Information

  • To operate, secure, and improve the Service.
  • To produce aggregated, non-identifying usage statistics.
  • To display advertising and measure its performance, only if you consent.
  • To comply with legal obligations and respond to lawful requests.

We do not sell your personal information. We do not use the financial values you enter into the calculator for any purpose — they never leave your device.

4. Legal Basis for Processing (GDPR / UK GDPR)

  • Legitimate interests (Article 6(1)(f)) — for security logs, fraud prevention, and aggregated, privacy-preserving analytics.
  • Consent (Article 6(1)(a)) — for advertising cookies, personalized advertising, and Google Analytics. You can withdraw consent at any time via the "Cookie preferences" link in the footer.
  • Legal obligation (Article 6(1)(c)) — when we must retain or disclose information to comply with applicable law.

5. Third-Party Services and Recipients

We share limited information with the following processors, each governed by its own privacy policy:

  • Cloudflare, Inc. — hosting (Cloudflare Pages), CDN, DDoS protection, and privacy-first Web Analytics. Processes IP addresses for routing and security. Cloudflare Privacy Policy.
  • Google LLC — Google Analytics 4 (GA4). Loaded only after consent. May set first-party cookies (e.g. _ga, _ga_*) and process pseudonymous identifiers, page paths, and approximate location (IP-based, anonymized). Google Privacy Policy.
  • Google LLC — Google AdSense. Loaded only after consent. AdSense and its partners may use cookies and similar technologies (including the DoubleClick DART cookie) to serve ads, measure performance, and prevent fraud. Where you do not consent to personalized ads, AdSense will serve non-personalized ads ("NPA") based on contextual signals only. How Google uses advertising cookies.
  • Metal price data is fetched from a Stability Protocol-operated Cloudflare Worker (metal-prices.stachboo.workers.dev) that proxies public gold/silver price feeds. The request contains no identifying data beyond your IP.

6. International Data Transfers

Cloudflare and Google process data in the United States and other countries outside the European Economic Area (EEA), the United Kingdom, and Switzerland. Where required, these transfers rely on appropriate safeguards including the European Commission's Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework (DPF) for participating recipients.

7. Cookies and Consent Management

Strictly necessary cookies (used for security and to remember your cookie choices) are set without consent, in line with ePrivacy / PECR requirements. All other cookies — including Google Analytics and Google AdSense — are loaded only after you grant consent through our cookie banner. We implement Google Consent Mode v2 so that, if you decline, no advertising or analytics cookies are written and no personalized signals are sent.

You can change or withdraw your choices at any time via the "Cookie preferences" link in the footer. You can also opt out of personalized advertising directly through Google Ads Settings or YourOnlineChoices.eu.

8. Data Retention

  • Cloudflare server logs: up to 30 days for security purposes.
  • Cloudflare Web Analytics: up to 6 months in aggregated form.
  • Google Analytics 4: data retention configured at the GA4 maximum allowed for our property (default 14 months).
  • Google AdSense cookies: per Google's published retention windows.
  • Consent records: kept as long as necessary to demonstrate compliance, typically 24 months.

9. Your Rights (GDPR / UK GDPR)

Where we process your personal data, you have the right to: access, rectify, erase, restrict processing, object to processing, request portability, and withdraw consent at any time. To exercise any right, contact [email protected]. We will respond within one month.

You also have the right to lodge a complaint with a supervisory authority — for example the CNIL in France (cnil.fr) — or the data protection authority in your country of residence.

10. California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA") gives you the right to know what personal information we collect, to request deletion, to correct inaccurate information, and to limit the use of "sensitive personal information". You also have the right to opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising.

We do not knowingly sell personal information for money. However, the use of advertising cookies by Google AdSense may constitute "sharing" under the CPRA. To opt out, click the "Do Not Sell or Share My Personal Information" link in our footer, or decline advertising cookies in the consent banner.

11. Children's Privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, please contact us and we will delete it.

12. Security

We rely on Cloudflare's enterprise-grade infrastructure, enforce HTTPS everywhere, apply a strict Content Security Policy, and minimise data collection by design (the calculator is client-side). No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be highlighted on the homepage or through the cookie banner.

14. Language Versions

This Privacy Policy is published in English, French, Arabic, and Urdu. In case of any discrepancy or conflict between language versions, the English version prevails.

15. Contact

For privacy questions, rights requests, or concerns about this policy: [email protected]