Privacy Policy

Last updated: 5 June 2026

This Privacy Policy describes how Androxus (“we”, “us”) collects, uses, shares, and protects your personal information when you use Naseeho (the “Service”), accessible at naseeho.com. By using the Service, you agree to the practices described here. If you do not agree, do not use the Service.

1. Who we are

Naseeho is operated by Androxus, a software company based in India. Naseeho is a marketplace that connects Muslims seeking guidance with verified scholars for private consultations on faith, marriage, family, emotions, and related topics. You can contact us at support@androxus.com.

2. Information we collect

2.1 Information you provide directly

  • Account data: email address, name, and role (seeker or scholar). We use email-based one-time codes for sign-in, so we do not store passwords.
  • Seeker profile: display name, profile photo (optional), and any preferences you set for consultations.
  • Scholar profile: full name, photo, biography, credentials and educational background, areas of expertise, languages, availability slots, supporting documents you upload during verification, and payout details (e.g., UPI ID or bank account particulars) for receiving consultation earnings.
  • Consultation content: the topic or question you submit when booking, scholar acceptance notes, post-call reviews and ratings, and chat messages exchanged inside group classes.
  • Payments: when you pay for a consultation or class, our payment processor (Razorpay) collects your payment instrument details directly; we do not see or store full card or bank details. We receive only the resulting payment status, amount, transaction identifier, and method (e.g., UPI, card).
  • Communications: support requests, feedback, and any messages you send us.

2.2 Information collected automatically

  • Session cookies: we use authentication cookies (set by our auth provider, Better Auth) to keep you signed in. These are essential and not used for advertising.
  • Connection metadata: IP address (used to derive approximate country), browser type, and time of access for fraud prevention and abuse detection.
  • Call telemetry: for audio/video consultations we record technical signals such as session start time, duration, mute/unmute events, and reconnection attempts, so that we can operate the call timer, billing, and post-call review flow. We do not record or store the audio or video content of consultations.

2.3 Information from third parties

  • Razorpay: when you complete a payment, Razorpay returns transaction metadata to us (payment ID, order ID, signature, status, method). Razorpay also sends webhook events about the status of your payments and any refunds.

3. How we use your information

  • To operate the marketplace: matching seekers with available scholars, scheduling consultations, running the live call, and tracking the session timer.
  • To verify scholar credentials before allowing them to take consultations.
  • To process payments via Razorpay and to credit earnings to scholar accounts.
  • To send transactional emails such as sign-in codes, booking confirmations, scholar acceptance notifications, scheduled-session reminders, and refund notices.
  • To show ratings, reviews, and aggregate metrics on scholar profiles so seekers can make informed choices.
  • To detect and prevent fraud, abuse, payment chargebacks, and platform misuse.
  • To improve the Service through aggregated, anonymous analytics.
  • To comply with legal, tax, and regulatory obligations.

4. How we share your information

We do not sell your personal information. We share data only as follows:

  • With the other party to a consultation: seekers see the scholar's name, photo, biography, credentials, and reviews; scholars see the seeker's display name, profile photo, and the topic submitted with the booking. Reviews and ratings are visible on scholar profiles to all users of the Service.
  • With our service providers, who process data on our behalf under contractual obligations:
    • Cloudflare: hosting (Workers), database (D1), file storage (R2), real-time audio/video signaling (Realtime SFU), and matching coordination (Durable Objects).
    • Razorpay: payment processing, refunds, and scholar payouts.
    • Email delivery provider: sending transactional emails such as sign-in codes and booking notifications.
  • For legal reasons: if required by law, court order, tax authority, or government request, or to protect our rights, safety, or that of our users.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, your information may be transferred to the new owner subject to this Privacy Policy.

5. Scholar verification documents

Documents you upload during scholar verification (identity proof, educational certificates, ijazahs, and similar credentials) are stored in Cloudflare R2. Only authorised Androxus administrators can view them, and only for the purpose of reviewing your verification request. We retain these documents for as long as your scholar account is active, plus a reasonable period thereafter for legal and compliance purposes. You can request earlier deletion (see Section 10).

6. Payments and financial data

Payments on Naseeho are processed by Razorpay. When you enter card, UPI, netbanking, or wallet details, they go directly to Razorpay's PCI-DSS compliant systems. Naseeho never sees or stores those details. We retain a record of each transaction (amount, payment ID, status, method, and timestamps) for as long as required by Indian financial, tax, and consumer-protection laws. Scholar payout information (e.g., UPI ID, bank account particulars) is stored to enable scheduled payouts and is accessible only to authorised administrators and the scholar.

7. Data retention

We retain personal information for as long as you maintain an active account on the Service. After account deletion or extended inactivity (typically 12 months), we delete or anonymise your personal data, except where retention is required by law (e.g., financial and tax records, refund and dispute records, scholar payout records) or necessary for legitimate business interests (e.g., fraud prevention, audit logs of admin actions, ratings tied to scholar profiles).

8. Data security

We use industry-standard practices: TLS encryption in transit, encrypted storage at rest, scoped access tokens, and least-privilege access for our staff. Payments are handled by Razorpay, a PCI-DSS Level 1 certified processor. No system is perfectly secure, but we work to protect your information appropriately. If we become aware of a security incident affecting your data, we will notify you in accordance with applicable law.

9. Children

The Service is not directed to children under 18. We do not knowingly collect personal information from anyone under 18. If you believe we have collected such information, please contact us and we will delete it promptly.

10. Your rights

Depending on your jurisdiction (including under India's Digital Personal Data Protection Act, the EU GDPR, the UK GDPR, and similar laws), you may have the following rights regarding your personal information:

  • Access: request a copy of the personal data we hold about you.
  • Correction: ask us to correct inaccurate or incomplete information.
  • Deletion: request that we delete your personal information, subject to legal retention requirements.
  • Withdraw consent: where processing is based on consent, you can withdraw it at any time.
  • Data portability: request your data in a machine-readable format.
  • Object: object to certain processing activities.
  • Complain: lodge a complaint with the data protection authority in your jurisdiction.

To exercise any of these rights, email support@androxus.com with the subject line “Privacy Request”. We will respond within a reasonable timeframe, typically 30 days.

11. Data deletion

You can request deletion of your account and associated personal data at any time by emailing support@androxus.com with the subject line “Delete My Account” from the email address registered on your account. We will process the request and confirm deletion within a reasonable timeframe. Some data may be retained where required by law or for legitimate business interests (e.g., transaction records for tax compliance, refund and payout records, audit trails of administrative actions).

12. International data transfers

Naseeho's infrastructure is global. Our hosting provider (Cloudflare) processes data at edge locations worldwide. Payment processing is handled by Razorpay (India). By using the Service, you consent to your information being transferred to and processed in jurisdictions outside your own, including India.

13. Cookies

We use only essential cookies, primarily an authentication cookie set by our auth provider (Better Auth) to keep you signed in. We do not use third-party advertising cookies or cross-site tracking. If we add analytics in the future, we will update this policy and provide opt-out controls where applicable.

14. Third-party links

Some pages on the Service may link to third-party sites (e.g., scholar-provided references, external recordings, or partner organisations). We are not responsible for the privacy practices of those sites. Please read their privacy policies before providing information.

15. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top and, for material changes, notify users via email or an in-product notice. Continued use of the Service after changes constitutes acceptance.

16. Contact

Questions about this policy or our privacy practices? Email support@androxus.com or write to: Androxus, India.


This policy is provided for informational purposes and does not constitute legal advice. Androxus recommends consulting a qualified lawyer to ensure compliance with the laws applicable to your specific use case.