Privacy Policy for Sabthings

Last Updated: June 3, 2026

Welcome to Sabthings ("we", "our", "us"). We operate a multi-business ecommerce platform — accessible via the Sabthings.com website and the Sabthings mobile application ("the app") — that enables users to browse, buy, and interact with various sellers and service providers. Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our website, mobile app, and related services.

1. Information We Collect

1.1 Information You Provide

When you register or interact with our platform, you may provide us with the following information:

Full name
Email address (including email obtained via Google/Gmail login)
Username
Phone number — used for account authentication and order communication (see Section 1.4)
Delivery or billing address (optional, may be recorded)
Approximate or precise location captured at signup (see Section 1.5)
Profile images, parchi (invoice) photographs, product images, or other uploaded media captured via your device camera or gallery
Messages or communications with sellers

1.2 Information Collected Automatically

When you use Sabthings (website or mobile app) we automatically collect certain information, including:

IP address and approximate location
Device, browser, and operating-system information
Push-notification device identifiers (FCM tokens) issued by Google Firebase Cloud Messaging, stored to deliver order updates and alerts to your device
Pages and features you interact with
Cookies, local storage and similar tracking technologies

1.3 Google Login Information

If you sign in using Google/Gmail we receive basic profile information such as your Google account name and email address. We do not access your Google password or other sensitive Google account data.

1.4 Phone Number & OTP Authentication (SMS and WhatsApp)

We use your phone number to verify your identity at signup and on subsequent sign-ins by delivering a one-time 6-digit code ("OTP") via SMS and/or WhatsApp. To deliver the OTP we share your phone number with a third-party messaging provider (including the WhatsApp Business API and our SMS gateway). The OTP itself is short-lived and is not used for marketing. After authentication, the same phone number may be used to send transactional messages (order confirmations, delivery updates, customer-support replies) over SMS or WhatsApp. You may request that we stop sending non-essential messages by contacting us; OTPs are mandatory for sign-in.

1.5 Location Permission (Mobile App)

The Sabthings mobile app requests fine and coarse location permission at signup so the platform can:

Capture your one-time signup location for moderation review (used to route new accounts to the appropriate local business / store)
Compute approximate distance from delivery zones

The app does not track your location continuously and does not read location in the background. You can deny or revoke the permission via your device settings; some signup flows may not be available without it.

1.6 Camera Permission (Mobile App)

The mobile app requests camera permission so you can photograph parchis (supplier invoices), product items, profile pictures, and similar media you choose to upload. Photos are taken only when you tap the in-app camera button — the camera is not used silently or in the background. Uploaded images are stored on our servers and on our image hosting subprocessor (see Section 4).

2. How We Use Your Information

We use your information for the following purposes:

Create and manage your account
Process orders, shipments, and returns
Communicate with buyers, sellers and support
Improve the website, features and user experience
Send important notifications (order updates, security alerts)
Prevent fraud, abuse, and enforce our policies
Customize product recommendations and search results

3. Cookies and Tracking Technologies

We use cookies and similar technologies to remember your preferences, keep you logged in, analyze site performance, and deliver personalized content. You can control cookie settings through your browser. Disabling some cookies may affect site functionality.

4. Sharing of Information

We share your information only as described below or when required by law:

Sellers / Service Providers on our platform: We share necessary details (name, phone, address) with sellers to fulfill orders.
Image hosting (Cloudinary): Profile photos, product images, and parchi/invoice photographs are stored on Cloudinary, our image hosting subprocessor.
Messaging providers: Phone numbers are shared with our SMS gateway and the WhatsApp Business API solely to deliver OTPs and transactional messages.
Push notifications (Firebase Cloud Messaging): Device identifiers (FCM tokens) are managed by Google FCM to deliver push notifications.
Other third-party service providers: We use trusted third parties for payment processing, hosting, and analytics.
Legal Requirements: We may disclose information in response to lawful requests or to protect our rights, safety, or property.

We do not sell your personal data.

5. Data Security

We implement reasonable technical and organizational measures to protect your information such as:

Encrypted connections (HTTPS)
Secure servers and access controls
Regular security reviews and updates

While we strive to protect your data, no online service is 100% secure. Please exercise caution when sharing personal information online.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you
Request correction or update of your information
Delete your account and personal data (see Section 6.1 below)
Opt out of marketing communications
Disable cookies via your browser
Withdraw Google/Gmail login permissions

To exercise any of these rights, contact us using the details at the bottom of this page.

6.1 Account Deletion (Mobile App)

You can delete your Sabthings account directly from inside the mobile app at any time:

Open the app and sign in.
Go to the My Account tab.
Scroll to Settings & Privacy and tap Delete Account.
Type "delete" to confirm.

On confirmation, the following personal data is permanently removed from our systems:

Your name, email address, phone number, profile photo, and Google sign-in linkage
Push-notification device tokens issued to your devices
Your customer record's identifying fields (the stakeholder name / email / phone / address linked to your account)

Some transactional records (orders, invoices, stocktake activity, etc.) are retained in anonymised form for legal, accounting and audit purposes — these no longer identify you personally but allow the businesses you transacted with to keep accurate books.

If you cannot access the app or prefer assisted deletion, email us at the address below and we will process the deletion on your behalf within 14 days.

7. Children’s Privacy

Sabthings.com is not intended for persons under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe we have collected such data, contact us and we will take steps to remove it.

8. International Transfers

As a global platform, your information may be stored and processed in countries other than your residence. We will take steps to ensure appropriate protections are in place when transferring data across borders.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated policy on this page with a revised "Last Updated" date. Continued use of the service after changes indicates acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, contact us:

Email: support@sabthings.com
Website: sabthings.com

This Privacy Policy was generated to reflect the information provided by the site owner. It is recommended to have a legal review to ensure compliance with local laws and regulations (for example, GDPR, CCPA, or other applicable privacy laws).