BROUILLON — texte provisoire en attente de revue juridique.

Privacy Policy

Dernière mise à jour: 2026-05-07

1. What this covers

This policy describes how Ridone Technologies (operating the GetSoko platform) collects, uses, and shares personal data when you use the merchant console at app.getsoko.xyz, the SokoSell API, and the storefronts at *.getsoko.xyz.

2. Roles

  • Merchant data (your name, email, phone, account settings): we are the controller.
  • Your customers' data (their names, phones, addresses, orders): we are the processor; you (the merchant) are the controller. Your relationship with us for that data is governed by the Data Processing Agreement.

3. What we collect about merchants

  • Account: name, email, optional phone number, password (hashed).
  • Consent timestamps: when you accepted the Terms, this Privacy Policy, and the DPA at signup. Stored on the user record.
  • Operational telemetry: IP address, user-agent, and timestamps of authentication events (kept for 90 days for security).
  • Communications: support emails and any messages you send us.

4. Why we use it

  • To run your account and the Service (contractual basis).
  • To prevent fraud and abuse (legitimate interest).
  • To send essential service messages (billing, security, legal updates). We don't send marketing without separate opt-in.

5. Subprocessors

We use the following infrastructure providers to run the Service. Each handles personal data on our behalf under their own terms.

  • Neon (database hosting; eu-central-1).
  • Deno Deploy (application hosting).
  • Cloudflare (edge proxy, DNS, custom-domain routing).
  • NabooPay (payment processing for digital methods).
  • SMS provider (one-time codes for phone-OTP login). Provider TBD — see the live list at /legal/subprocessors.

6. Retention

Account data: until you close the account + 90 days. Order and payment records: 7 years (Senegalese accounting requirements). Logs and security telemetry: 90 days unless required for an active investigation.

7. Your rights

You can request access, correction, deletion, or export of your merchant data by emailing privacy@getsoko.xyz. Requests about your customers' data should go through you (the controller) — see the DPA.

8. International transfers

Data is stored in EU (Neon eu-central-1). Where a subprocessor processes data outside the EU we rely on Standard Contractual Clauses as the transfer mechanism.

9. Contact

Privacy questions: privacy@getsoko.xyz.

GetSoko utilise uniquement des cookies nécessaires au fonctionnement (session, langue, panier). En savoir plus