ZuqoraZuqora

Last updated: April 10, 2026

Privacy Policy

Zuqora ("Zuqora", "we", "us") is operated by Syncraft Labs and partner vendors who use the platform to run their businesses. This policy explains how we handle personal information when you use our websites, progressive web app, APIs, and related services (collectively, the "Services").

1. Who we are

The data controller for the Zuqora product is Syncraft Labs, reachable at contact@syncraftlabs.com. Individual vendors are independent businesses; when they access order or customer data through Zuqora, they act as separate controllers for their own purposes and must comply with applicable law.

2. Information we collect

  • Account and profile data: name, email, phone, role (customer, vendor, admin), and preferences you provide when registering or updating your profile.
  • Vendor and business data: shop name, address, coordinates you supply, menu and inventory content, payout identifiers, and operational settings.
  • Transaction data: orders, cart contents, delivery instructions, payment method selections, and communications needed to fulfil orders (including WhatsApp or SMS where enabled).
  • Technical data: IP address, device type, browser, approximate location derived from IP, cookies or local storage identifiers, and diagnostic logs for security and reliability.
  • Optional location (marketplace):if you choose "Near me" or load a link with coordinates, we may process latitude and longitude in the browser to filter nearby stores. This is not used to create an account unless you sign up separately.

3. How we use information

We use personal data to:

  • Provide, secure, and improve the Services;
  • Authenticate users, enforce roles, and prevent fraud or abuse;
  • Route orders between customers and vendors and send operational notifications;
  • Analyse aggregated usage to improve UX and performance;
  • Comply with legal obligations and respond to lawful requests.

We do not sell your personal information. We do not use your data for third‑party behavioural advertising unless we introduce such a feature with a separate notice and, where required, consent.

4. Legal bases (where GDPR-style rules apply)

Where the EU/UK GDPR applies, we rely on: (a) performance of a contract; (b) legitimate interests (security, analytics, product improvement), balanced against your rights; (c) consent, where required (e.g. non‑essential cookies or marketing); and (d) legal obligation.

5. Sharing and subprocessors

We may share data with:

  • Infrastructure providers (e.g. Supabase for database and auth, hosting providers) under strict agreements;
  • Payment and messaging partners you or your vendor enable (e.g. M‑Pesa, SMS or WhatsApp gateways), solely to execute transactions or messages you request;
  • Professional advisers where required by law.

Vendors receive the customer and order details necessary to prepare and deliver your order. They must handle that data in line with their own privacy notices.

6. International transfers

Our subprocessors may process data in the European Economic Area, the United States, and other regions where they operate. Where required, we use appropriate safeguards such as Standard Contractual Clauses.

7. Retention

We retain data only as long as needed for the purposes above, including legal, accounting, and dispute resolution. Order and billing records may be kept longer than marketing preferences. You may request deletion subject to statutory exceptions.

8. Security

We implement technical and organisational measures appropriate to the risk, including encryption in transit, access controls, and least‑privilege service roles. No method of transmission is 100% secure; use strong passwords and protect your devices.

9. Your rights

Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, or object to processing, and to data portability. You may lodge a complaint with a supervisory authority. To exercise rights, contact contact@syncraftlabs.com. We will respond within the timeframes required by law.

10. Children

The Services are not directed at children under 16. We do not knowingly collect their personal data.

11. Changes

We may update this policy from time to time. We will post the new version here and adjust the "Last updated" date. Continued use after changes constitutes acceptance where permitted by law.

12. Contact

Questions: contact@syncraftlabs.com

Back to home · Terms of Service