Last updated: March 2026
Dar ("we," "our," or "us") operates the Dar website (dar-kuwait.com), the Dar Platform (platform.dar-kuwait.com), and the Dar Android and iOS mobile applications (collectively, the "Services"). This Privacy Policy explains how we collect, use, and share your personal information when you use our Services, and your rights over that information.
By using our Services, you agree to the terms of this Privacy Policy.
Overview of all data types we collect, why, and whether they are shared with third parties.
| Data Type | Purpose | Shared With |
|---|---|---|
| Name | Account & appointments | Not shared |
| Email address | Account, login, payment receipts | Tap Payments (optional) |
| Phone number | Account, appointments, SMS confirmations | Tap Payments |
| Password (hashed) | Account authentication | Not shared |
| Preferred language | App experience personalisation | Not shared |
| Appointment details | Booking management | Not shared |
| Address (optional) | Appointment context | Not shared |
| Design & measurement data | Design & quotation services | Not shared |
| Payment status & transaction ID | Payment processing | Tap Payments |
| JWT auth token (cookie) | Secure authentication session | Not shared |
| Language preference (cookie) | Personalised language display | Not shared |
| Device & browser info | Security & analytics | Meta Pixel (website only) |
When you create an account, we collect your name, email address, phone number, password (stored in hashed/encrypted form — never in plain text), and preferred language (English or Arabic).
A unique user ID is also generated automatically (e.g., prefixed with your phone number).
You may log in using your email or phone number and password, or via Google Sign-In (OAuth 2.0). When you use Google Sign-In, we receive your name, email address, and Google profile information from Google. We do not receive your Google password.
When booking an appointment — including as a guest (no account required) — we collect your first and last name, phone number, email address (optional), appointment type (DAR Crew or Book Measurement), preferred date and time, address (optional), and any remarks or project details you provide.
When using our design and measurement services, we collect design configurations, room measurements, selected items and materials, and project notes or comments.
Payment processing is handled entirely by Tap Payments. We receive and store only the payment status (e.g., CAPTURED, DECLINED) and a transaction/charge ID. We do not store card numbers, CVVs, or full payment credentials. Your phone and email may be passed to Tap for payment receipts and SMS notifications.
We automatically collect certain technical data including your IP address, device type, operating system, browser type, and pages visited. An authentication session token (JWT) is stored in an HTTP-only cookie for security. Your language preference is also stored in a cookie.
Our login page offers sign-in via Google OAuth 2.0. By choosing this option, you authorise Google to share your basic profile information (name and email) with us to create or access your account. We do not receive your Google password. Your use of Google Sign-In is also subject to Google's Privacy Policy.
We work with the following third parties who may receive or process your data:
Tap Payments
Processes all payment transactions. May receive your name, phone, and email for payment confirmation. View their Privacy Policy.
Meta (Facebook) Pixel
Used on our website for analytics and advertising. Collects device and browser data and page view events. Not active in the mobile app. View Meta's Privacy Policy.
Google (OAuth)
Used for optional Google Sign-In authentication. View Google's Privacy Policy.
Cloud and Hosting Providers
Our backend and application are hosted on cloud infrastructure. Your data may reside on servers operated by our hosting providers.
We use your phone number to send appointment confirmations, status updates, and payment links via SMS. You agree to receive these operational messages by providing your phone number during booking or account registration. These are not marketing messages — they are necessary for service delivery.
Authentication cookie (jwt): Stores your secure session token. Required for login and protected pages.
Language cookie: Stores your preferred language (English or Arabic). Required for the localised experience.
Analytics (Meta Pixel): Only on the website. Collects anonymous page view data for advertising purposes.
You can manage or delete cookies in your browser settings. Disabling the authentication cookie will log you out.
All data is transmitted over HTTPS. Authentication is managed with JWT tokens stored in HTTP-only, Secure, SameSite cookies to prevent cross-site attacks. Passwords are stored using industry-standard hashing. We take reasonable technical and organisational measures to protect your information from unauthorised access, disclosure, or loss.
No method of transmission or storage is 100% secure. If you have reason to believe your data has been compromised, please contact us immediately.
We retain your data for as long as your account is active or as required to provide Services. Appointment and design data may be retained for legal, financial, and operational purposes. Technical log data is retained for a limited period for security purposes. You may request deletion of your data at any time (see Section 9).
You have the right to:
To request account deletion or exercise any of the above rights, please contact us at support@dar.com. We will process your request within a reasonable timeframe and confirm when it is complete.
Note: Some data (such as completed transaction records) may be retained for legal or financial compliance even after account deletion.
Our Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
The Dar Android and iOS applications may request the following device permissions:
We do not request access to your camera, microphone, precise location (GPS), contacts, or storage beyond what is necessary for the core Service. Any permission requests will be explained in-app at the time they are requested.
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top. For significant changes, we may notify you via the app or by email. Continued use of our Services after changes constitutes acceptance of the updated policy.
For questions, requests, or concerns about this Privacy Policy or your personal data:
This Privacy Policy is governed by the laws of the State of Kuwait. Any disputes will be resolved in the competent courts of Kuwait.
