Privacy Policy

1. Introduction

This Privacy Policy explains how the United Michigan Muslim Association (“UMMA”, “we”, “our”) collects, uses, and protects information when users sign in to our applications using Google OAuth.

Our goal is to provide secure access to UMMA digital services while respecting user privacy and maintaining full transparency.

By using Google Sign-In on any UMMA platform, you agree to the practices described in this Privacy Policy.

2. Information We Collect

When you authenticate with Google OAuth, we may request access to the following information:

2.1 Basic Profile Information

• Full name
• Email address
• Profile photo (if available)

2.2 Google Account Identifiers

• Google user ID
• Authentication tokens necessary to verify your identity

2.3 Optional Information (Only if explicitly requested)

• Calendar access
• Drive file metadata
• Additional profile fields

(UMMA currently does not request these permissions unless a specific service requires them.)

We do not collect your password or access your Gmail contents.

3. How We Use Your Information

UMMA uses your Google OAuth information solely for:

• Identity verification and authentication
• Creating or linking your UMMA account
• Secure access to UMMA services (e.g., volunteer platforms, event sign-ins, building kiosks, and internal tools)
• Personalizing your experience (e.g., displaying your name or profile picture)
• Maintaining account security and preventing unauthorized access

We do not sell, rent, or trade your information.

4. Data Sharing and Disclosure

UMMA will never share your personal information with third parties except in the following limited cases:

• Service Providers: Trusted vendors who help operate UMMA digital infrastructure (e.g., authentication, hosting, analytics).
• Legal Requirements: If required by law, subpoena, or court order.
• Security Purposes: To investigate, prevent, or respond to suspicious or harmful activity.

We do not share OAuth information with advertisers or data brokers.

5. Data Storage and Security

We take technical and organizational measures to protect your data, including:

• Encrypted data transmission
• Role-based access controls
• Secure cloud environments
• Audit logging and monitoring
• Limited access by authorized UMMA personnel only

If you revoke access through your Google Account > Security > Third-Party Access, our systems will no longer be able to authenticate your identity.

6. Data Retention

We retain OAuth-related data only as long as needed to:

• Maintain your UMMA account
• Provide UMMA services
• Comply with legal or operational requirements

You may request account deletion at any time (see Section 8).

7. Children’s Privacy

UMMA’s online tools are not intended for children under the age of 13. We do not knowingly collect personal information from children without parental consent.

8. Your Rights and Choices

You have the right to:

• Revoke Google access at any time through your Google account
• Request a copy of the information UMMA has about you
• Request correction of your data
• Request deletion of your UMMA account

For any of these actions, contact: it@miumma.org

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in our services or legal obligations. Updates will be posted on our website with a revised “Last Updated” date.

10. Contact Information

If you have questions about this Privacy Policy or UMMA’s Google OAuth usage, please contact:

United Michigan Muslim Association (UMMA)
Email: admin@miumma.org
Website: https://miumma.org