Privacy Policy
1. Introduction
Basar Wealth operates basarwealth.com, a halal retirement planning platform for Muslim investors in the United States. This Privacy Policy explains what data we collect, how we use it, who we share it with, and what rights you have over your data.
By creating an account, you agree to the collection and use of your data as described here.
2. Data We Collect
Account data
- Email address
- Password
Financial profile data
- Date of birth, annual income, risk tolerance, monthly expenses, tax filing status
- Financial assets (retirement accounts, real estate, savings, gold, business interests)
- Financial liabilities (mortgages, loans)
- Investment holdings (ticker symbols, share quantities, prices)
- Retirement goals (target age, target wealth, target income)
- Dividend records
Bank account data (via Plaid)
When you connect a bank account, Plaid retrieves on your behalf: account balances, institution names, account types, and transaction data where applicable. We do not store your bank login credentials.
Usage data
- Session tokens (temporary, expire on logout or after 24 hours)
3. How We Use Your Data
We use your data exclusively to provide Basar Wealth platform features:
- Calculating your Zakat obligation per AAOIFI Standard SS-35
- Projecting your net worth and retirement readiness
- Screening your holdings for halal compliance
- Tracking dividend purification obligations
- Generating personalized financial advisory recommendations
We do not sell your data, use it for advertising, or share it beyond what is described in Section 4.
4. Third-Party Data Processors
| Processor | Purpose |
|---|---|
| Plaid Inc. | Bank account aggregation — connects your bank and retrieves account data on your behalf. plaid.com/legal |
| Amazon Web Services | Cloud infrastructure — all data is stored and processed on AWS servers in the United States. |
| OpenAI | AI features — financial data is sent to OpenAI to power Zakat, projection, and advisory AI. Under our API agreement, your data is not used to train OpenAI models. |
5. Data Storage and Security
- All data is stored on AWS infrastructure in the United States
- Data in transit is encrypted using TLS 1.2 or higher
- Data at rest is stored on encrypted storage
- Access to production systems requires multi-factor authentication
- Plaid API credentials are stored in AWS Secrets Manager
6. Your Rights
Access — You may request a copy of your data by contacting us at support@basarwealth.com.
Correction — You can update your financial profile, assets, liabilities, and holdings at any time through the application.
Deletion — You can permanently delete your account and all associated data from the Settings page. Upon deletion, all your data is immediately removed from our systems and all connected bank accounts are disconnected from Plaid.
7. Data Retention
We retain your data for as long as your account is active. Upon account deletion, all personal and financial data is permanently deleted. Session tokens expire after 24 hours of inactivity.
8. Children's Privacy
Basar Wealth is intended for adults. We do not knowingly collect data from anyone under the age of 18.
9. Changes to This Policy
If we make material changes, we will update the effective date and notify you by email. Continued use after the effective date constitutes acceptance of the updated policy.
10. Contact
For privacy-related questions: support@basarwealth.com