العربية

Safi Privacy Policy

Last updated: May 23, 2026

This Privacy Policy explains how Safi collects, uses, stores, shares, transfers, retains, and protects personal data when you use the Safi mobile application and related services.

1. Our Privacy Approach

Safi is built around data minimization.

We collect only the data that is necessary to deliver the app’s core services, including shift tracking, trip logging, earnings and expense reporting, vehicle cost estimation, support, notifications, security, and service reliability.

Examples:

  • We collect location samples during active tracking sessions to calculate shift distance and route-based insights.
  • We collect trip fares, income, and expenses to calculate net results and reports.
  • We collect a push notification token only to send app-related notifications.

We do not sell personal data.

We do not use your precise location, trip history, earnings, or expenses for third-party advertising or cross-app tracking.

2. Data We Collect

A. Account and profile data

We may collect:

  • Email address and authentication data, managed through Supabase Auth
  • Required profile details for account setup, including full name and date of birth
  • Additional profile details, such as phone number, gender, or nationality, may be collected if you choose to provide them or if they are needed for a specific app feature, support purpose, eligibility, localization, or legal/compliance reason.
  • Country code derived from your device locale and stored in your profile for localization and consistency
  • Referral code, if provided

Purpose:

  • Create and secure your account
  • Personalize your profile and support interactions
  • Communicate with you about your account or support requests
  • Protect the service from unauthorized access or abuse
  • Support localization, eligibility, compliance, or feature-specific needs where applicable

Some account data is required to create and use a Safi account, including date of birth for minimum-age eligibility checks.

B. Operational driver data

We may collect:

  • Vehicle records, including make, model, year, fuel settings, oil settings, and related fields
  • Shift records, including start time, end time, duration, distance, and shift status
  • Trip records, including platform, fare, timestamps, distance, and optional pickup/dropoff location fields
  • Transactions, including income entries, expense entries, source labels, categories, notes, and dates
  • Targets and planning settings

Purpose:

  • Run Safi’s core features
  • Track shifts, trips, income, and expenses
  • Estimate fuel, oil, and other vehicle-related costs
  • Generate period-based and shift-based reports (for example week, month, or custom range)
  • Help you understand your net results from driving work

If you enter shift, trip, income, expense, or vehicle data manually, Safi stores the information you provide so it can generate reports and summaries.

C. Location and route data

We may collect:

  • GPS coordinates
  • Route markers
  • Distance and movement-related data
  • Pickup/dropoff location fields when you enter or save them

Purpose:

  • Calculate shift distance
  • Calculate runtime metrics
  • Support route-based views
  • Improve shift and trip analytics
  • Estimate driving-related costs more accurately

Safi collects location data only when you start a shift or use a tracking feature that requires location access.

If you enable live shift tracking, Safi may collect location data while the app is in the background to calculate shift distance, duration, route markers, and related cost estimates.

Background location collection stops when the tracking session ends.

If you do not grant location permission, live shift tracking and route-based distance calculation may not work. However, you may still be able to enter shift or trip information manually where supported.

D. Device and technical data

We may collect:

  • Push notification token
  • Device platform type
  • App language
  • Basic operational logs
  • Error context, diagnostics, and performance data needed for reliability and security

Purpose:

  • Deliver push notifications
  • Maintain service quality
  • Detect and fix errors
  • Protect the app from abuse, fraud, or unauthorized access
  • Improve app reliability and performance

E. Support and communications data

We may collect:

  • Support threads and messages you send in-app
  • Support request status
  • Announcement read/archive state
  • Replies, suggestions, complaints, or help messages you submit

Purpose:

  • Provide customer support
  • Respond to questions or complaints
  • Send in-app communications
  • Track whether important announcements were read or archived
  • Maintain records needed to resolve support issues

3. App Permissions

Safi may request access to:

  • Location: to calculate shift distance, route markers, trip-related metrics, and driving-related cost estimates.
  • Background location (on supported platforms): to continue calculating distance and route data during an active shift when the app is not open.
  • Notifications: to send shift reminders, trip/session alerts, support updates, account messages, and other app-related notifications.

Safi does not access permissions unless they are needed for app features and allowed by your device settings.

You can manage app permissions through your device settings.

4. Data We Do Not Collect for Current Services

For the current Safi app flow:

  • We do not process in-app card payments.
  • We do not store full credit card or debit card details.
  • We do not need VAT billing data to provide current core features.
  • We do not sell personal data.
  • We do not use personal data for third-party advertising or cross-app tracking.

If Safi later offers subscriptions or in-app purchases, payment processing will be handled by Apple, Google, or another payment provider. Safi will not receive or store your full card details.

5. How We Use Data

We use personal data to:

  • Provide and operate Safi features
  • Authenticate users and protect account security
  • Track shifts, trips, income, expenses, and vehicle-related costs
  • Generate summaries, reports, insights, and cost estimates
  • Send app-related notifications
  • Respond to support requests
  • Maintain app reliability and performance
  • Detect errors, abuse, fraud, or unauthorized access
  • Enforce product safety, anti-abuse, and platform integrity
  • Maintain operational records related to account deletion or security events
  • Meet legal obligations when applicable

6. Required and Optional Data

Some data is required to provide Safi’s core features. This includes account data (including date of birth), vehicle data, shift records, trip records, transaction records, and technical data needed for security and reliability.

Some data is optional. This may include optional profile fields other than date of birth, notes, support messages, optional pickup/dropoff fields, and some planning settings.

If you choose not to provide required data, some Safi features may not work.

If you choose not to grant location permission, Safi may not be able to calculate live shift distance or route-based metrics. You may still be able to manually enter shift or trip information where supported.

If you choose not to allow notifications, you may not receive shift reminders, trip/session alerts, support updates, or other app-related notifications.

7. Legal Basis for Processing

Depending on applicable law, Safi processes personal data based on your consent where required, or where processing is necessary to provide Safi’s services, protect account and service security, comply with legal obligations, respond to your requests, or achieve other lawful purposes permitted by applicable law.

Where processing is based on consent, you may withdraw consent through app settings, device settings, or by contacting us, depending on the type of data or permission.

Withdrawing consent may affect features that depend on the related data or permission. For example, disabling location permission may prevent live shift tracking from working properly.

8. Sharing and Processors

We share data only with service providers needed to operate Safi.

These may include:

  • Supabase: authentication, database, backend services, and related infrastructure
  • Firebase Cloud Messaging: push notifications
  • Map, tile, or hosting providers configured by Safi: map rendering, route display, or delivery of map tiles
  • Email or communication service providers: account emails, support messages, or app-related communications, if used

We require service providers to use data only for service delivery, security, reliability, and legal compliance.

We do not sell personal data to advertisers.

We do not share your precise location, trip history, earnings, or expenses with third parties for third-party advertising or cross-app tracking.

9. International Data Transfers

Your data may be processed outside Saudi Arabia or outside your country of residence by Safi’s infrastructure providers and service providers.

When personal data is transferred or processed outside Saudi Arabia or your country of residence, Safi takes steps designed to protect the data in accordance with applicable requirements.

These steps may include:

  • Using reputable infrastructure and service providers
  • Applying contractual safeguards where required
  • Using encrypted transport
  • Applying access controls
  • Limiting access to personal data based on operational need
  • Using security restrictions and monitoring where appropriate

10. Retention

We retain personal data only as long as needed to:

  • Provide Safi services
  • Maintain account security
  • Support app reliability
  • Resolve support requests
  • Prevent abuse, fraud, or unauthorized access
  • Maintain operational records related to deletion, troubleshooting, or security
  • Comply with legal obligations

Retention periods may vary depending on the data type, legal requirements, and operational needs.

Typical retention approach:

Data type Typical retention
Account and authentication data Until account deletion, unless limited retention is required for security, legal, or operational reasons
Profile data Until you update it, or until account deletion
Vehicle data Until you archive/remove the vehicle record where supported, or until account deletion
Shift, trip, income, expense, and transaction data Until you edit/archive/remove the relevant records where supported, or until account deletion
Location and route data linked to shifts or trips Retained with related operational records unless explicitly removed by the feature, or until account deletion
Support messages Until account deletion, or as long as needed to resolve support, security, or legal issues
Push notification token Until token replacement/reassignment or account deletion; it may persist after logout
Operational logs, diagnostics, and error context As long as needed for reliability, security, troubleshooting, and abuse prevention
Deletion audit record Target retention up to 90 days
Encrypted infrastructure backups Typically up to 7 days, depending on infrastructure configuration

When personal data is no longer needed, Safi deletes it, anonymizes it, or retains it only where required or permitted for security, operational, legal, or backup purposes.

11. Account Deletion Retention Behavior

You can request account deletion directly in the app from:

More → Profile → Delete account

You can also view account deletion instructions or request deletion support at: https://safi.anaports.com/delete-account.html

When you request account deletion in-app:

  • User-linked app records used by current Safi services are deleted from active production systems.
  • The authentication account is deleted.
  • A minimal technical deletion audit record is kept without raw email, phone number, or name.

The deletion audit record may include:

  • Deletion case ID
  • Request timestamp
  • Completion timestamp
  • Status
  • Error count, if any
  • Hashed internal user reference
  • HMAC-hashed normalized email reference (no raw email stored)

Deletion audit retention:

  • Target retention is up to 90 days for operational verification, security, troubleshooting, and abuse prevention.

Backups:

  • If encrypted infrastructure backups are enabled for the environment, deleted data may remain in backup copies for a limited period before automatic removal.
  • Backup retention is typically up to 7 days, depending on the infrastructure configuration.

Account deletion requests are usually processed immediately or within a reasonable operational period.

If a deletion reference ID is provided, it can be used for operational follow-up if you contact Safi about your deletion request.

12. Your Controls and Rights

Depending on applicable law, you may have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion of your account or data
  • Object to certain processing
  • Restrict certain processing
  • Withdraw consent where processing is consent-based
  • Request information about how your data is collected, used, shared, transferred, and retained

You can manage some data directly in the app, including profile, vehicle, shift, trip, income, expense, and target-related information where editing or deletion features are available.

For account deletion, use:

More → Profile → Delete account

You can also view account deletion instructions or request deletion support at: https://safi.anaports.com/delete-account.html

For other privacy requests, contact us using the details below.

13. Complaints

If you have a concern about how Safi handles your personal data, please contact us first using the contact details below so we can review and respond to your request.

If you are in Saudi Arabia and are not satisfied with our response, you may have the right to submit a complaint to the Saudi Data & AI Authority, where applicable.

If you are outside Saudi Arabia, you may have the right to submit a complaint to another competent data protection authority, where applicable.

14. Security

We use reasonable technical and organizational safeguards to protect personal data.

These safeguards may include:

  • Encrypted transport
  • Access controls
  • Authentication protections
  • Database security rules and policies
  • Operational monitoring
  • Limited access to production data based on operational need

No method of transmission or storage is 100% secure.

You are responsible for keeping your account credentials secure and for protecting access to your device.

15. Children and Minimum Age

Safi is intended for users who are at least 18 years old and legally able to manage driving-related income, expenses, and operational records.

Safi is not intended for children or for users under 18.

We collect date of birth during account setup to support minimum-age eligibility checks.

If you believe a person under 18 has created an account or submitted personal data to Safi, contact us so we can take appropriate action, including deletion of the account and related data where appropriate.

16. Changes to This Policy

We may update this Privacy Policy from time to time.

When we update the policy, we will post the updated version with a new “Last updated” date.

For material changes, we may provide additional notice in the app or through another appropriate method.

17. Contact

For privacy questions, rights requests, or complaints:

  • Email: anaportsHQ@gmail.com
  • WhatsApp support: +966 55 600 8837
  • Controller/Entity: Turki Alenezi
  • Address: Riyadh, Saudi Arabia