Privacy Policy
Last updated: April 2026
Overview
This Privacy Policy describes how Muhammad Umair ("I", "me") collects, uses, and protects information when you visit omairdev.co (the "Website") or use any applications I publish, including meetlyNow and Meetly (the "Apps").
I respect your privacy and am committed to handling personal information responsibly. I do not sell your data to third parties.
Information Collected via the Website
The Website is a static portfolio site. It does not use cookies, tracking pixels, or third-party analytics by default. Standard server logs may record your IP address, browser type, and referring URL for security and operational purposes.
If you contact me via email, phone, or LinkedIn, I will receive the information you voluntarily provide such as your name, email address, and message content.
Information Collected via the Apps
meetlyNow and Meetly are iOS apps that rely on location intelligence to function. When you use these apps, the following data may be collected:
Location data: The apps use CoreLocation to access your real-time geographic position. This is required for live ETA calculation, equitable meeting-point routing, geofencing, and group coordination. Location data is processed in real time and is not stored beyond what is necessary for the active session.
Bluetooth data: The apps may use CoreBluetooth and iBeacon ranging for BLE proximity detection and indoor positioning. This data is processed locally on your device.
Device information: Basic device identifiers, operating system version, and crash reports may be collected through Apple frameworks or Sentry for debugging and product stability.
You will always be prompted by iOS before location or Bluetooth permissions are granted, and you can revoke them at any time in Settings.
How Information Is Used
Website server logs: To maintain security, prevent abuse, and understand general traffic patterns.
Contact information: To respond to your enquiries, discuss potential projects or consulting work, and communicate about services.
App location data: To power core features including live ETA tracking, equitable meetup point calculation using spatial algorithms (A*, BFS), group coordination via SignalR, and proximity-based handoff through BLE.
Crash and performance data: To diagnose bugs, improve app reliability, and prioritise development work.
Data Sharing and Third Parties
I do not sell, rent, or trade personal information. Data may be shared only in these limited circumstances:
Apple: App crash reports and basic analytics may be processed through standard iOS frameworks.
Sentry: If integrated, anonymised crash reports and performance traces are sent to Sentry for observability.
Azure AD B2C: If enterprise authentication is used in a specific project, identity tokens are managed through Microsoft Azure Active Directory B2C in compliance with their privacy policies.
Legal obligations: Information may be disclosed if required by law or to protect rights and safety.
Data Retention
Server logs are retained for a reasonable period for security purposes and then deleted.
Contact correspondence (emails, messages) is retained as long as the business relationship requires.
App session data such as live location coordinates is transient and is not persisted after the session ends.
Crash reports may be retained for up to 90 days for debugging purposes.
Your Rights (GDPR)
Under applicable data protection laws, including the GDPR (as I am based in Lisbon, Portugal, within the EU), you have the right to:
Access: Request a copy of the personal data I hold about you.
Correction: Request correction of inaccurate personal information.
Deletion: Request deletion of your personal data where there is no legitimate reason for continued processing.
Objection: Object to processing of your personal data in certain circumstances.
To exercise any of these rights, contact me at the email address listed below.
Security
I take reasonable technical and organisational measures to protect personal data. The Website is served over HTTPS. The admin panel uses session-based authentication with password hashing (bcrypt), CSRF protection, and rate-limited login attempts. App data transmitted over the network uses TLS encryption.
Children
The Website and Apps are not directed at children under the age of 16. I do not knowingly collect personal information from children. If you believe a child has provided personal data, contact me and I will promptly delete it.
Changes to This Policy
I may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Website or Apps after changes constitutes acceptance of the updated policy.