Privacy Policy

Soma Ops is built with data protection by design. We comply with the Ghana Data Protection Act, enforce Row Level Security (RLS) for tenant isolation, and use 256-bit AES encryption. Payments are processed via Paystack (PCI-DSS Level 1).

Data We Process

  • Business data: profile, integrations, policies.
  • Customer data: conversations, orders, payments (non-card data), alerts.
  • Operational logs: actions, outcomes, escalations.

How We Protect Data

  • RLS isolation per business in Supabase.
  • 256-bit AES encryption in transit and at rest.
  • Payment card data handled by Paystack (PCI-DSS Level 1).
  • Access controls and audit logging of actions/outcomes.

Your Rights

  • Access, rectify, or delete your data where applicable.
  • Export records on request (Excel/Sheets if enabled).
  • Opt in/out of integrations at any time; Soma adapts behavior accordingly.

Data Retention

Operational data is retained for ongoing service delivery and auditability, then minimized or deleted in line with business needs and legal requirements.