Trust & Privacy
This page is maintained by Dar Al Dahab to summarize the security and privacy practices in place on this website. It is editable project content and not an independent certification.
Access & Authentication
All admin dashboards (news, staff profiles, serial uploads, database backup) are protected by individual admin tokens stored as server-side secrets. The central Admin Hub adds a separate master token. No admin function is reachable from the public site without a valid server-validated token.
Data Protection
Our database uses Row Level Security. Public tables only expose data intended to be public (e.g. published news, verified serial numbers). Staff contact details and subscriber emails are never readable from the public site — they are only accessed through authenticated server endpoints.
Hosting & Transport
The site is served over HTTPS. Secrets such as API keys, database credentials, and admin tokens are stored server-side and are never exposed to the browser.
Data We Collect
We collect newsletter subscription emails (only when you opt in) and serial numbers you submit for verification. We do not sell personal data. For details on AML obligations, see our AML Policy page.
Product Authenticity
Every bullion product carries a unique serial number that customers can verify on our website. Verification queries are read-only and do not require an account.
Privacy Requests & Contact
For privacy questions, data deletion requests, or to report a security concern, contact us at info@daraldahab.com.
Last updated June 2026. This page describes current practices and may change as the website evolves.