This Privacy Policy explains how SHIRAH collects, uses, stores, shares, protects, retains, and deletes user information.
SHIRAH is a Bangladesh-focused business, community, telecom, reselling, wallet, and digital-services mobile app.
This Privacy Policy applies to the SHIRAH mobile application, package com.shirahsoft.app, the SHIRAH website, and related support and account-deletion resources operated for SHIRAH users.
For this Privacy Policy, “SHIRAH,” “we,” “us,” and “our” refer to the SHIRAH service operated by Labib UR Rahman.
SHIRAH provides account-based mobile services, community features, wallet and reward records, mobile recharge and telecom offers, shop and reselling features, micro jobs, blood-donation support, fundraising-related records, notifications, and account-security tools.
SHIRAH is not an investment app, banking service, lending service, passive-income product, or guaranteed-earnings platform.
SHIRAH collects information only when it is needed to provide, secure, support, or improve the features you use. The categories below may apply depending on your activity and the features enabled in your version of the app.
SHIRAH requests device permissions only when needed for a user-requested feature. You can deny or later revoke optional permissions through your device settings, although the related feature may stop working.
With your permission, SHIRAH may read contacts locally so that you can select a phone number for recharge, top-up, or drive-offer services. Only the number selected by you is intended to be used for the requested transaction. SHIRAH does not upload or use your contact list for unrelated marketing.
Camera and photo or media access may be used when you choose to capture or upload a profile image, community image, product image, micro-job proof, screenshot, or other feature-related media.
Notification permission may be used to send account, security, wallet, payment, recharge, order, community, micro-job, support, and service messages. You can manage notification permission through your device settings.
Biometric authentication may be used for a local app-lock feature. Authentication is performed through the device operating system. SHIRAH does not receive or store raw fingerprint, face, or other biometric templates on its servers.
SHIRAH uses information for the following purposes:
SHIRAH supports Bangladesh-focused payment, wallet, reward, cashback, recharge, reselling, and withdrawal-related workflows in Bangladeshi Taka (BDT).
Depending on the transaction and the rules applicable to the distributed version of the app, a payment may be processed through Google Play Billing, UddoktaPay, a supported MFS provider, or another disclosed payment provider.
UddoktaPay and local MFS methods may be used for eligible local transactions such as telecom services, physical-product or reselling orders, cash-on-delivery-related operations, payouts, and other flows permitted by applicable Google Play policies and law.
Payment and payout providers may receive the information required to complete or verify a transaction, such as amount, currency, purpose, invoice or reference ID, sender or payout number, transaction status, and provider response.
SHIRAH does not intentionally collect or store MFS PINs, OTPs, card CVV numbers, or complete card or bank-account credentials. Never share a payment PIN, OTP, password, or secret credential with SHIRAH staff or any other person.
Reward points are app-based records and are not legal tender, a bank deposit, or guaranteed cash. Eligible reward conversion, cashback, wallet credit, and earning-related records may be subject to published eligibility rules, limits, fees, transaction success, manual review, security checks, and fraud-prevention controls.
SHIRAH does not currently award reward points, wallet credit, withdrawable balance, or cash-equivalent value for viewing advertisements.
Withdrawal requests require a minimum eligible wallet balance of 100 BDT. Requests are manually reviewed. Approved withdrawals may be manually processed through supported local MFS methods such as bKash, Nagad, Rocket, or Upay.
SHIRAH does not guarantee approval, a specific payout amount, or a fixed completion time. Approved requests are generally attempted within 24–48 hours where operationally possible, but verification, provider delay, holidays, incorrect details, technical issues, disputes, or fraud checks may require additional time.
When you request recharge, top-up, or a drive offer, SHIRAH may send the selected phone number, operator, amount, package or offer, transaction reference, and related request details to Success TopUp or another configured telecom service provider.
Provider responses, operator availability, package details, price, cashback eligibility, success status, failure status, pending status, refund status, and service timing may be stored for transaction processing, user history, support, reconciliation, dispute handling, and fraud prevention.
SHIRAH uses third-party services to provide app functionality. Depending on the features enabled and used, these providers may process information on SHIRAH’s behalf or as independent service providers under their own terms and privacy practices.
SHIRAH reviews the data practices of third-party SDKs and services included in the app and updates this Privacy Policy and Google Play disclosures when those practices or integrations materially change.
SHIRAH does not sell personal or sensitive user information.
SHIRAH shares or allows processing of information only when reasonably necessary to:
Posts, profile information, comments, replies, reactions, follow relationships, product listings, donor information, or other content may be visible to other users depending on the feature and visibility setting. Do not publish information that you do not want others to see.
SHIRAH staff, moderators, and support personnel may access content and related records when needed for moderation, support, fraud prevention, dispute handling, order processing, or policy enforcement.
A reseller who submits a customer’s name, phone number, address, or order note must have a lawful and appropriate basis to provide that information for order fulfilment. SHIRAH uses such information only for order processing, delivery, support, return or dispute handling, fraud prevention, and settlement.
Reported or removed content and related moderation records may be retained when necessary to investigate abuse, protect users, handle disputes, or meet legal obligations.
Financial information, authentication information, contacts, blood-group or donor information, customer-delivery information, and uploaded proof images may be personal or sensitive.
SHIRAH limits the use of this information to the feature requested by the user, account and transaction security, support, legal compliance, and the other purposes described in this Privacy Policy.
SHIRAH does not use contact-list information, payment credentials, blood-group information, donor information, or customer-delivery details for unrelated targeted advertising.
SHIRAH uses reasonable technical, administrative, and platform-supported safeguards, including authentication controls, role-based access controls, restricted backend operations, secure transmission using HTTPS/TLS where applicable, device-session management, audit records, and manual review for sensitive wallet, payment, recharge, order, and withdrawal workflows.
Access to personal information is limited to authorized users, administrators, support personnel, or service providers who need it for an approved operational purpose.
No mobile app, cloud service, payment provider, telecom provider, or security system can guarantee absolute security. Users are responsible for protecting their device, email, phone number, login credentials, PIN, OTP, payment information, and app access.
SHIRAH retains active account and profile information while the account remains active and for as long as reasonably necessary to provide the requested services.
Transaction, wallet, reward, payment, withdrawal, recharge, top-up, drive-offer, order, delivery, settlement, refund, dispute, audit, moderation, support, and fraud-prevention records may be retained after account deletion when reasonably necessary for legal, financial, accounting, tax, security, fraud-prevention, dispute-handling, provider-reconciliation, or regulatory purposes.
Notification tokens and active device-session records are retained only while needed to provide notifications or account-security functions and are removed, replaced, or invalidated when no longer needed or when the associated account is deleted, subject to technical and security requirements.
User-generated content may be deleted, hidden, de-identified, or retained depending on user action, account deletion, moderation status, dispute needs, safety requirements, and system integrity.
SHIRAH limits retained information to what is reasonably necessary for the relevant purpose.
Users can request deletion of their SHIRAH account and associated personal data from inside the app. Users who cannot access the app can use the public deletion resource to request support-assisted deletion after reasonable account-ownership verification.
Sign in to SHIRAH, open the app menu or account-management area, select the Delete Account option, review the warning, and confirm the request.
Account deletion instructions and support-assisted deletion information are available at:
In-app deletion requests are initiated after user confirmation. Support-assisted requests are processed after reasonable ownership verification and without undue delay, although pending transactions, disputes, security reviews, fraud checks, or legal-retention requirements may require additional time.
Logging out, uninstalling the app, or temporarily stopping app use does not delete the account.
Subject to applicable law and the nature of the service, you may:
Withdrawing permission does not affect processing already completed lawfully, and some features may not function without the information required for that feature.
SHIRAH is intended only for users who are 18 years of age or older. It is not designed for, directed to, or knowingly made available to individuals under 18.
SHIRAH does not knowingly permit individuals under 18 to create or operate an account. If we learn that an underage individual has provided personal information, we may restrict or close the account and take reasonable steps to delete or anonymize the information, subject to legitimate security, fraud-prevention, transaction-retention, safety, and legal requirements.
Concerns involving child safety or suspected child exploitation may be reported to support@shirah.top.
SHIRAH is intended primarily for users in Bangladesh. Some service providers may process or store information outside Bangladesh where required for authentication, hosting, storage, messaging, analytics, diagnostics, advertising, payment, recharge, security, support, or other technical operations.
Where information is processed outside Bangladesh, SHIRAH relies on the safeguards and contractual or technical protections made available by the relevant service provider and applicable law.
SHIRAH may update this Privacy Policy to reflect changes in app features, data practices, service providers, legal requirements, security measures, or Google Play disclosures.
When a material change is made, the “Last Updated” date will be changed and notice may be provided through the app, website, or another appropriate channel where required.
The latest version will be published at:
For privacy questions, account-deletion requests, security concerns, or complaints about SHIRAH’s data practices, contact:
SHIRAH
Service Operator / CEO / Founder: Labib UR Rahman
Website: https://shirah.top
Support and Privacy Email: support@shirah.top
Child Safety Contact: support@shirah.top
Developer/Admin Email: contact.labibur@gmail.com
Address: Section-6, Mirpur, Dhaka-1216, Bangladesh