Nazra · Legal · Privacy Policy
Legal · Privacy
Privacy Policy
Last Updated: April 2026 · Version 1.0 · Effective: April 2026
Also read: Terms & Conditions
Legal Jurisdiction & Compliance Scope
This document governs the use of the Nazra mobile application. It has been prepared in accordance with Egyptian Personal Data Protection Law No. 151 of 2020, Consumer Protection Law No. 181 of 2018, and aligns with internationally accepted standards including GDPR principles, where applicable. Nazra is a product intelligence platform serving the Egyptian market.
1. Introduction
Nazra (“we,” “our,” or “us”) is a product intelligence application designed to help consumers in Egypt make informed purchasing decisions across food, skincare, and fashion categories. We take your privacy seriously and are committed to protecting your personal data in compliance with Egyptian Personal Data Protection Law No. 151 of 2020 and aligned international standards.
This Privacy Policy explains what data we collect, how we use it, your rights regarding that data, and how to contact us with any privacy-related concerns. By using the Nazra app, you agree to the practices described in this policy.
2. Data Controller Information
| App Name | Nazra — نظرة |
| Platform | Mobile Application (iOS & Android) |
| Contact Email | info@nazra.info |
| Governing Law | Arab Republic of Egypt |
| Legal Framework | Law No. 151 of 2020 (Personal Data Protection) |
3. Data We Collect
We collect only the minimum data necessary to provide and improve the Nazra service. We do not sell your personal data to third parties.
3.1 Account Data
When you create an account:
- Email address (required for authentication)
- Display name (optional)
- Password (stored in hashed, encrypted form — never in plaintext)
3.2 Behavioral Data
While you use the app, we collect:
- Products you search for, view, or scan
- Products you save to your personal list
- Reviews, ratings, and tags you submit
- Buy-again votes you record
3.3 Technical Data
Automatically collected when you use the app:
- Device type and operating system
- App version
- IP address (used for fraud prevention only)
- Session timestamps
- Crash reports and error logs (anonymized)
3.4 Barcode Scan Data
When you use the barcode scanner:
- The barcode number is transmitted to our server
- If the product is not in our database, it may be looked up via Open Food Facts (an open public database)
- We do not store images captured by your camera
4. How We Use Your Data
| Purpose | Data Used | Legal Basis |
| Provide product scores and analysis | Behavioral + product data | Contract / Legitimate interest |
| Authenticate your account | Email, password hash | Contract |
| Process and display reviews | Ratings, tags, buy-again votes | Contract |
| Improve scoring accuracy | Aggregated behavioral data | Legitimate interest |
| Prevent fraud and abuse | IP address, session data | Legitimate interest |
| Send product updates (opt-in) | Email address | Consent |
| Comply with legal obligations | Account data | Legal obligation |
5. Data Sharing and Third Parties
We do not sell, rent, or trade your personal data. We share limited data only with the following third-party service providers, strictly to operate the Nazra platform:
| Provider | Purpose | Location & Notes |
| Supabase | Database hosting, authentication, and backend infrastructure | EU (Frankfurt) — SOC 2 Type II compliant |
| Open Food Facts | Barcode and ingredient lookup (public database) | Queries only — no personal data transmitted |
| App Stores (Apple / Google) | App distribution and update delivery | Standard platform policies apply |
| Analytics (anonymized) | Crash reporting and usage analytics | No personally identifiable data |
6. International Data Transfer
Nazra's database is hosted on Supabase infrastructure located in Frankfurt, Germany (European Union). Your data may therefore be stored and processed outside Egypt.
We apply appropriate safeguards for cross-border data transfers, including:
- Standard contractual clauses with our data processors
- Use of providers that maintain EU adequacy standards (GDPR-aligned)
- Encrypted transmission (HTTPS/TLS 1.2+) at all times
In accordance with Egyptian Personal Data Protection Law No. 151 of 2020, we ensure that any cross-border transfer of personal data is subject to adequate levels of protection consistent with Egyptian and international standards.
7. Data Retention
| Account data | Retained for the lifetime of your account, deleted within 30 days of account deletion request |
| Reviews and ratings | Retained indefinitely in anonymized, aggregated form to maintain product score integrity; personal attribution removed on deletion request |
| Behavioral data | Retained for 24 months from last activity, then automatically purged |
| Technical logs | Retained for 90 days for security and debugging purposes |
| Deleted accounts | All personally identifiable data purged within 30 days; anonymized aggregates may remain |
8. Your Rights Under Egyptian Law No. 151/2020
| Your Right | What It Means |
| Right of Access | Request a copy of the personal data we hold about you |
| Right of Correction | Request correction of any inaccurate or incomplete data |
| Right of Deletion | Request deletion of your account and personal data |
| Right to Restrict Processing | Request that we limit how we process your data in certain circumstances |
| Right to Withdraw Consent | Withdraw consent for data processing at any time (where processing is consent-based) |
| Right to Object | Object to processing based on legitimate interest |
| Right of Data Portability | Request your data in a structured, machine-readable format |
To exercise any of these rights, contact us at info@nazra.info. We will respond to your request within 30 days.
9. Security Measures
We implement industry-standard technical and organizational security measures to protect your data:
Technical Safeguards
- HTTPS / TLS 1.2+ encryption for all data in transit
- AES-256 encryption for data at rest via Supabase
- Passwords stored using bcrypt hashing — never in plaintext
- Row-Level Security (RLS) enforced at the database level — users can only access their own data
- API rate limiting to prevent brute-force attacks
- Regular automated security patches via Supabase managed infrastructure
Organizational Safeguards
- Principle of least privilege: only authorized personnel can access production data
- No shared administrative credentials
- Access logging on all administrative operations
10. Cookies and Tracking
The Nazra mobile app uses minimal local storage for session management and authentication tokens. We do not use advertising cookies, third-party tracking pixels, or cross-site behavioral profiling.
| Authentication token | Stores your login session securely on your device. Required for app functionality. |
| User preferences | Stores language preferences and display settings locally. |
| Analytics (if enabled) | Anonymized crash reports and usage statistics. No personal identification. |
You can clear all stored app data at any time via your device settings.
11. Minors and Children's Privacy
Nazra is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected data from a child, please contact us at info@nazra.info.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Notify you via in-app notification
- Display the updated effective date at the top of this policy
- For significant changes, request your renewed consent where required by law
13. Contact and Privacy Requests
Email: info@nazra.info
Response time: 30 days from receipt of request. Please include your account email address in all privacy requests to facilitate identity verification.