Privacy Policy
Last Updated: April 2025
This Privacy Policy explains how Afokato ('we', 'us', 'our') collects, uses, stores, and protects your personal data when you use the Afokato platform. By using our services, you agree to the practices described here.
1. Who We Are
Afokato is an Egyptian electronic legal services directory operating at afokato.com. We connect clients with verified, independently licensed lawyers. We are not a law firm and do not provide legal advice. Our registered address is in Cairo, Egypt. For privacy matters, contact: [email protected].
2. Data We Collect
Information You Provide
When you register or use our services, we may collect: full name, email address, phone number, professional biography and credentials (for lawyers), profile photo, legal specialties and practice locations, and consultation request details.
Automatically Collected Information
When you visit Afokato, we automatically collect: IP address, browser type and version, pages visited and time spent, referring URL, device type, and cookies (see Section 5).
Data from External Services
If you sign in via Google, we receive your name, email address, and Google account ID from Google's OAuth service. We do not receive or store your Google password.
3. How We Use Your Data
- Creating and managing your account
- Displaying lawyer profiles to clients searching for legal help
- Routing consultation requests to the appropriate lawyers
- Sending service-related notifications (new consultation requests, replies, account alerts)
- Detecting and preventing fraud, spam, and abuse
- Complying with applicable Egyptian law and Bar Association regulations
4. Data Sharing
We do not sell, rent, or trade your personal data to any third party for commercial purposes.
We share data only in the following limited cases: with lawyers you choose to contact (they see the details you submit in a consultation request); with trusted service providers (hosting, analytics, email delivery) who are contractually bound to process data only on our behalf; with legal authorities where required by Egyptian law or a valid court order.
5. Cookies
We use the following types of cookies to operate and improve the platform:
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| af_token | Session / Auth | Authenticates your logged-in session | 30 days (remember me) or session |
| XSRF-TOKEN | Security | CSRF attack prevention | Session |
| af_locale | Preference | Stores your language preference (AR/EN) | 1 year |
| _ga / _gid | Analytics | Google Analytics — anonymous usage statistics | 2 years |
6. Social Login
We support Google Sign-In via OAuth 2.0. When you use this option, Google shares your name, email address, and Google account ID with us. We do not access your contacts, Google Drive, or any other Google service data. Your Google password is never transmitted to or stored by Afokato.
7. Data Retention
8. Data Security
We implement industry-standard security measures to protect your data: all data is transmitted over HTTPS (TLS encryption); passwords are hashed using bcrypt and never stored in plain text; OTP verification codes expire after 10 minutes; we apply rate limiting to prevent brute-force attacks. No system is 100% secure — if you suspect unauthorized access, contact [email protected] immediately.
9. Your Rights
Under Egyptian Personal Data Protection Law No. 151 of 2020, you have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you.
Right of Correction
Request correction of inaccurate or incomplete personal data.
Right of Deletion
Request deletion of your personal data, subject to legal retention requirements.
Right of Restriction
Request that we restrict processing of your data in certain circumstances.
Right of Portability
Request your data in a structured, machine-readable format.
Right of Objection
Object to processing of your data for direct marketing purposes.
10. Children's Privacy
The Afokato platform is intended for users aged 18 and over. We do not knowingly collect personal data from individuals under 18. If we become aware that a minor has registered, we will delete their account and associated data promptly.
11. Third-Party Links
Our platform may contain links to external websites (such as a lawyer's personal website or LinkedIn profile). We are not responsible for the privacy practices of those external sites. We encourage you to review their privacy policies before sharing personal information.
12. Legal Basis
We process your personal data on the following legal bases: performance of a contract (providing the platform services you requested); legitimate interests (improving our service, preventing fraud, operating the platform); legal obligation (compliance with Egyptian law); and consent (for optional features such as marketing communications, which you can withdraw at any time).
13. Policy Changes
We may update this Privacy Policy from time to time. When we make significant changes, we will notify registered users by email at least 30 days before the changes take effect, and we will update the 'Last Updated' date at the top of this page. Your continued use of the platform after the effective date constitutes acceptance of the updated policy.
14. Contact Us
For any privacy-related requests or questions, please contact our Data Protection team:
We aim to respond to all privacy requests within 30 working days as required by Egyptian Law 151/2020.