Privacy Policy
Sissakili Global Limited Company ("Sisakili", "we", "us") operates Safoa, a rental management platform for landlords and tenants in Ghana and the wider region. This policy describes the personal data we process when you use the platform, why we process it, who we share it with, how long we keep it, and the rights you have under Ghana's Data Protection Act 2012 (Act 843) and — where applicable — the EU General Data Protection Regulation. If you only read one section, read "Your rights" and "Contact us".
1. Who we are
Sissakili Global Limited Company is a Ghanaian company (registration CS123456789) headquartered in Accra. We are registered as a data controller with the Data Protection Commission of Ghana (registration number forthcoming). For privacy queries, write to privacy@mysafoa.com or to Sissakili Global Limited Company, Accra, Ghana. Our Data Protection Officer can be reached at the same address.
2. Key terms
"Landlord" — the account holder who signs up for Safoa to manage properties. "Tenant" — a person renting from a landlord; tenant data is entered into Safoa by the landlord. "Personal data" — information that identifies a living individual. "Processing" — any operation on personal data (collection, storage, use, sharing, deletion). "Controller" — the entity that decides why and how personal data is processed; for landlord data and platform data, that's Sisakili. "Processor" — an entity that processes data on a controller's instructions; for tenant data entered by a landlord, Sisakili acts as a processor for the landlord.
3. What data we collect
We collect only what we need to operate the service. We do not collect or process special-category data (health, religion, political views, biometrics). Landlord data: first name, last name, business name (optional), email, phone, country code, password (hashed), language preference, role, account creation date, last sign-in, IP address at sign-in, onboarding progress, payment-method details supplied to our payment processor (we do not store card numbers), subscription plan, billing history, audit logs of admin actions. Tenant data (entered by a landlord, with the landlord as controller): first name, last name, phone, email (optional), national ID number (optional), address, lease terms, rent amount, payment history, maintenance request history, communication preferences. Property data: address, property type, number of units, photos (when uploaded), property notes. Financial data: invoice records, payment records (date, amount, currency, channel — never card numbers), late fee history. Device and connection data: IP address, user agent, request paths and timestamps (in our application logs and Cloudflare logs). Diagnostic data: error reports captured by Sentry with all known PII fields scrubbed before transmission (see section 6). Aggregate analytics (authenticated app): pseudonymous interaction events captured by PostHog (page views, click events, feature usage). PostHog is configured to mask form inputs and cannot see passwords, emails, or phone numbers. Marketing-site analytics (mysafoa.com, unauthenticated pages only): Google Analytics 4 records pseudonymous traffic data (page views, referrers, country-level location, anonymised IP) so we can understand which pages drive sign-ups. Microsoft Clarity records heatmaps and session recordings of how visitors interact with marketing pages (mouse movements, scroll depth, clicks). Clarity does not capture password or other sensitive form inputs, and we honour Do Not Track — when your browser sends a DNT signal Clarity is not loaded at all. Neither tool runs inside the authenticated app.
4. Why we collect it — lawful basis
Each processing activity has a specific lawful basis: • Operating the platform (signing you in, storing your properties and tenants, processing rent invoices): contract performance — without this data we cannot deliver the service you signed up for. • Subscription billing (charging you for Safoa): contract performance. • Sending account-related emails and SMS (welcome, OTP, payment confirmations, system notices): contract performance and our legitimate interest in keeping you informed about your account. • Sending marketing emails: consent, which you can withdraw at any time from the email footer or your account settings. • Fraud prevention, abuse detection, and security: legitimate interest in protecting the platform and other users. • Compliance with Ghanaian tax and financial-reporting laws: legal obligation. Financial records are retained for 7 years per Ghana's Companies Act and applicable tax legislation regardless of account closure. • Diagnostics and product improvement: legitimate interest, limited to pseudonymous data with PII scrubbing.
5. Who we share data with
We share data with the following categories of recipients and only the minimum needed for each purpose. Every recipient is bound by a written data-processing agreement with confidentiality and security obligations. Subprocessors: • Supabase Inc. (USA, with EU hosting): primary database, authentication, file storage. Hosted in West Europe (London region) for Safoa staging and West EU (Ireland) for production. • Vercel Inc. (USA): hosting of the web application. Edge functions execute in regions closest to the request; data at rest stays in Supabase. • Paystack (Nigeria/Ghana): subscription payment processing. Receives your name, email, and the transaction amount. Card details are entered directly on Paystack and never touch our servers. • Mobile money operators (via Paystack): MTN MoMo, Telecel Cash, AirtelTigo Money for tenant rent collection. Receives the transaction amount and a payment reference. • Resend (USA): transactional email delivery. Receives the recipient email address and message contents. • Arkesel (Ghana) and Africa's Talking (Kenya): SMS delivery for OTP codes and rent reminders. Receives the recipient phone number, the message body, and a callback URL. • Sentry (USA): error monitoring. Receives stack traces and surrounding state with PII fields redacted before transmission. • PostHog (USA): pseudonymous product analytics inside the authenticated app. Form inputs are masked at source. • Google (USA / global): Google Analytics 4 traffic analytics for the marketing site only. IP anonymisation is enabled. • Microsoft (USA / global): Microsoft Clarity heatmaps + session recordings for the marketing site only. Sensitive form inputs are masked at source; Do Not Track browser signals are honoured. • Cloudflare (USA): DDoS protection, WAF, and DNS. Receives the IP address and request metadata of every page request. We do not sell or rent personal data to anyone. We do not share data with advertising networks. We do not use data subjects' personal data for any purpose other than those listed in section 4.
6. International data transfers
Primary databases and storage are hosted in the European Union (Ireland) for production. Some subprocessors (Vercel, Sentry, PostHog, Resend) are headquartered in the United States and may receive data there. Where transfers leave Ghana or the EEA, we rely on the EU Commission's Standard Contractual Clauses or — where applicable — recipient companies' Data Privacy Framework certification. We do not transfer landlord or tenant personal data to any country listed on the Ghana DPC's restricted-transfers list without prior consent.
7. How long we keep data
Active accounts: data retained for the life of the account, plus 90 days after cancellation, then permanently deleted from primary storage. Backups containing residual data are rotated out within 35 days. Financial records (invoices, payments, subscription history): 7 years from the relevant tax year, as required by Ghana's Companies Act and tax legislation, regardless of account closure. After 7 years, financial records are anonymised (the link to a specific person is broken but aggregate totals remain). Audit logs of admin actions: 2 years. Diagnostic data in Sentry: 30 days. Product analytics in PostHog: 12 months. Application logs: 30 days on Vercel; 7 days minimum on edge functions. You can request earlier deletion under section 9 ("Your rights"); we will honour the request except where law obliges us to keep specific records longer.
8. How we protect data
Technical measures: TLS 1.2+ in transit, encryption at rest for all databases and storage buckets, row-level security policies that prevent any landlord from seeing another landlord's data, role-based access control for Sisakili staff, mandatory MFA on all admin accounts, audit logging of all admin actions, automated dependency security scanning in CI, content security policy headers on every page, strict cookie attributes (HttpOnly, Secure, SameSite=Lax). Organisational measures: documented onboarding and offboarding for staff with access to production, secret rotation procedures, incident response runbook, regular backup restore tests. Breach notification: in the event of a personal data breach likely to result in risk to your rights and freedoms, we will notify the Data Protection Commission of Ghana within 72 hours and you (the affected data subject) without undue delay, where required.
9. Your rights
Under Ghana's Data Protection Act 2012 and (where applicable) the EU GDPR, you have the right to: • Access — request a copy of the personal data we hold about you. • Rectification — correct inaccurate or incomplete data. • Erasure — request deletion of your data (subject to retention obligations in section 7). • Restriction — ask us to pause processing while a dispute is resolved. • Portability — receive your data in a structured machine-readable format. • Objection — object to processing based on legitimate interest, including direct marketing. • Withdraw consent — for any processing based on consent, at any time. • Complain — lodge a complaint with the Data Protection Commission of Ghana (https://www.dataprotection.org.gh) or your local supervisory authority. To exercise any of these rights, email privacy@mysafoa.com from the email address associated with your account. We respond within 7 working days, or — for complex requests — up to 30 days with an explanation.
10. Cookies and similar technologies
Strictly necessary cookies: session authentication, CSRF tokens, an "about you confirmed" cookie that speeds up the onboarding gate, and a few accessibility preferences. These cookies are essential to the service and cannot be disabled without breaking sign-in. Analytics cookies (authenticated app): a single PostHog cookie records pseudonymous interaction events. You can opt out from the in-app settings or by setting your browser's Do-Not-Track preference, which we honour. Analytics cookies (marketing site only — mysafoa.com): Google Analytics 4 sets a `_ga` cookie (and related `_ga_*`) for traffic reporting. Microsoft Clarity sets `_clck` and `_clsk` cookies for heatmap + session-recording correlation. Both are disabled by setting Do-Not-Track in your browser (Clarity is not loaded at all when DNT is on), or by installing any standard tracker-blocking extension. We do not use these tools inside the authenticated app. We do not use third-party advertising cookies. We do not set cookies for cross-site tracking.
11. Marketing communications
When you sign up we may send transactional emails about your account (mandatory) and product update emails (optional — you can opt out from the email footer). We never send marketing SMS without specific opt-in. We do not share contact details with third-party marketers.
12. Children's data
Safoa is intended for adult landlords and tenants. We do not knowingly collect personal data of children under 18. If you become aware that a child has provided personal data to us through a landlord's account, please contact privacy@mysafoa.com and we will delete it.
13. Tenants — how landlords use your data on Safoa
If you are a tenant whose landlord uses Safoa, your landlord is the controller of your personal data on this platform. Sisakili processes that data on the landlord's instructions. You should direct access, correction, or deletion requests to your landlord first. If your landlord is unresponsive or you believe Sisakili is mishandling your data, you can write to privacy@mysafoa.com and we will act as an escalation point.
14. Closing your account
You can request account closure from Settings → Account → Delete account or by emailing privacy@mysafoa.com. We will: (a) immediately remove your account from the active sign-in flow; (b) within 90 days, permanently delete all personal data not covered by mandatory retention obligations; (c) retain financial records for the legally-required period in an isolated, access-restricted store; (d) confirm completion by email.
15. Automated decision-making
We do not make automated decisions with legal or significant effects on you. The WhatsApp AI Assistant (when used) operates within strictly defined tool-call boundaries and never makes binding decisions on rent, eviction, or financial outcomes.
16. Changes to this policy
We will notify all account holders by email at least 14 days before any material change to this policy takes effect. The "Last updated" date at the top of this page always reflects the current version. Historical versions are available on request.
17. Contact us
Data Protection Officer / Privacy enquiries: privacy@mysafoa.com. General support: hello@mysafoa.com. Post: Sissakili Global Limited Company, Accra, Ghana. Data Protection Commission of Ghana: https://www.dataprotection.org.gh P. O. Box CT 11017, Cantonments, Accra.