← Back to Shelfie

Privacy Policy

Last updated 2026-07-02.

What we collect

Account details (name, phone, email), business information, product catalogs, stock scan photos and the counts extracted from them, staff attendance selfies and location at clock-in/out, and payment records via Paystack. We never see your card details — Paystack handles those directly.

Biometric data (face data)

Face descriptors and reference/attendance selfies are biometric personal data under Nigeria's Data Protection Act (NDPA/NDPR). We only collect this after a staff member explicitly consents through an in-app consent screen, and it is used solely to verify attendance clock-in/clock-out for the business that enrolled them — never shared across businesses, never used for any other purpose. Any staff member can request deletion of their face data at any time from their team settings, which deactivates the record immediately.

How long we keep things

Raw scan photos and videos are kept for 60 days as evidence, then deleted. The count data extracted from them is kept indefinitely as part of your stock records. Face data is kept until you delete it or leave the business.

WhatsApp messaging

We use the WhatsApp Business Platform (Meta) to send business owners same-day alerts about stock discrepancies detected at their shop — for example, a mismatch between an overnight closing count and the next morning's opening count. Only the phone number the business owner provides is used, solely to deliver these alerts, and it is never shared with Meta or anyone else for advertising or any purpose beyond sending that business's own alerts.

Who can see your data

Only members of your business, scoped by role — attendants see their own scans and attendance; owners and managers see everything for businesses they belong to. Nothing is shared between unrelated businesses.

Contact

Questions or a data deletion request: hello@shelfie.africa.