How Safira.id manages user and transaction data
This policy explains the types of data collected, purposes of use, processing basis, storage, access, security, and user rights.
1. Data collected
Safira may collect data provided directly, generated during platform use, or required for verification and transactions.
- Company identity, PIC, address, email, phone, and account data.
- Products, buyer requirements, quotations, legal documents, certificates, and commercial documents.
- Messages, activity, status, audit logs, IP address, browser, and security events.
2. Use of data
- Creating and managing accounts, profiles, listings, and submissions.
- Performing verification, moderation, matching, quotation, and transaction support.
- Maintaining security, preventing misuse, performing audits, and improving services.
- Sending relevant operational notifications, status updates, and communications.
3. Data access and sharing
Data is not freely exposed. Access follows roles, permissions, process need, and confidentiality. Safira may use technical service providers required for hosting, email, security, or operational support under appropriate restrictions.
4. Storage and retention
Data is stored for as long as needed for accounts, verification, transactions, security, audit, compliance, or dispute resolution. Duration may vary according to data type and applicable obligations.
5. Data security
Safira applies access controls, activity logging, credential protection, file restrictions, and reasonable system safeguards. No system is completely risk-free, so users must also protect their accounts and devices.
6. User rights and requests
Users may request data correction, profile updates, explanations of data use, or account closure subject to legal, security, audit, and ongoing transaction limitations.