Privacy Policy — Sorta

Last updated: 2025-11-04

This Privacy Policy explains how Sorta ("we", "us", or "our") collects, uses, discloses, and protects personal information when you use our app and services.

If you are a reseller using Sorta, you are the controller of the customer data you input. We act as a processor for that data where we host and operate the service on your behalf.

1. Information We Collect

a. Account & Owner Information

  • userId, name, email, payment & billing details (for paid plans) — collected when you register.

b. Order Data

  • Order metadata: orderId, status, createdAt/updatedAt, courier, order link, status history.

c. Customer Data (input by users)

  • Customer name, phone number, optional cart link, deposit, amountToPay, collected flag, and optional city (location).
  • Customer order references stored in the global customers collection for quick access & analytics.

d. Notification Logs

Records of messages sent or attempted, including:

  • notificationId, userId, orderId, customerId, phoneNumber, templateName, status (pending/sent/failed), timestamps and error messages if any.

e. Usage & Analytics

  • Aggregated usage metrics: message counts, active orders, feature usage. These are used to manage billing and improve the service.

2. How We Use Your Data

  • Provide & operate the service: store and retrieve orders, customers, and status history.
  • Send notifications: deliver WhatsApp template messages on your behalf.
  • Billing & quotas: count messages per user for pricing and limits.
  • Support & communication: respond to your inquiries and provide updates.
  • Improve the product: analyze usage patterns to enhance features.

3. Sharing & Disclosure

We do not sell personal data.

We may share information with:

  • Service providers (e.g., messaging providers, cloud hosting, analytics) who act as processors.
  • Law enforcement or legal requests where required by law.
  • Acquirers in the event of a business transfer — we will notify users where required.

When we share with service providers, we limit the data to what is needed to perform their services.

4. Notifications & WhatsApp

  • When you trigger an order status change, Sorta will attempt to send WhatsApp messages to your customers using the phone numbers provided.
  • Each attempt is logged in the notifications collection with its status (pending/sent/failed).
  • We may store message templates and a record of the content used for debugging and audit — you remain the owner of the message content you send.

5. Data Retention

  • Order and customer records are retained while your account is active.
  • Notification logs are retained for auditing and billing. Default retention is 12 months; contact us if you need longer or shorter retention.
  • You can request deletion of your account and associated data — see Your Rights.

6. Security

We implement administrative, technical, and physical safeguards to protect your data, including:

  • Encrypted connections (HTTPS/TLS) for data in transit.
  • Firestore and cloud provider best practices for storage and access controls.
  • Role-based access for Sorta staff and strict least-privilege access for service accounts.

However, no system is 100% secure. If a breach occurs, we will notify affected users and authorities as required by law.

7. Data Location & Transfers

Data is stored in the cloud provider regions selected for the app (configured in our backend). Transfers to other countries may occur as needed for operation; we will take appropriate safeguards.

8. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Delete your data (right to be forgotten).
  • Restrict processing or object to processing.
  • Port your data in a machine-readable format.

To exercise these rights, contact: privacy@sorta.example. We may require verification before action.

9. Children

Our service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided information to us, contact us to request deletion.

10. Changes to this Policy

We may update this policy from time to time. We will post changes on this page with a revised "Last updated" date. Major changes will be communicated via the app or email.

11. Contact

For support or privacy questions:

By using Sorta, you acknowledge that you have read and accept this Privacy Policy.