Skip to main content

Overview

Safi Data takes the security of your research data and your respondents’ privacy seriously. This page explains how we collect, store, and protect data — and what controls you have as a researcher.

Data Storage

All data collected through Safi Data is stored on secure, encrypted servers. We use:
  • Encryption in transit — all data sent between Safi Data and WhatsApp, and between Safi Data and your browser, is encrypted using TLS
  • Encryption at rest — all stored data, including transcripts, voice memos, and respondent information, is encrypted at rest
  • Access controls — only authorised Safi Data personnel can access raw data, and only when required for support or debugging purposes

Respondent Privacy

Safi Data is committed to protecting the privacy of every respondent who participates in a survey.
  • Informed consent — respondents receive a clear explanation of the survey’s purpose and data use before they begin
  • Opt-out — respondents can stop participating at any time by replying “Stop” to the survey conversation
  • Data minimisation — we collect only the information necessary to conduct the research
  • No data selling — respondent data is never sold or shared with third parties outside of the research relationship

Researcher Data Controls

As a researcher, you have full control over your data:
  • Delete a survey — permanently delete a survey and all associated responses from the Safi Data platform
  • Delete a respondent — remove an individual respondent’s data from a survey
  • Export and delete — export your data as a CSV and then delete it from Safi Data’s servers if you prefer to manage storage yourself
To request a data deletion, contact support@safidata.com or use the delete options within the platform.

WhatsApp Data

Safi Data operates through the WhatsApp Business API, which is provided by Meta. This means:
  • Survey conversations take place within WhatsApp’s infrastructure
  • WhatsApp’s own privacy policy and terms of service apply to message delivery
  • Safi Data does not have access to respondents’ personal WhatsApp chats or contact lists — only the specific survey conversation
For more on how WhatsApp handles data, see WhatsApp’s Privacy Policy.

Compliance

Safi Data is designed to support compliance with data protection regulations relevant to African markets, including:
  • Kenya’s Data Protection Act (2019)
  • South Africa’s POPIA (Protection of Personal Information Act)
  • Nigeria’s NDPR (Nigeria Data Protection Regulation)
  • The EU’s GDPR (for researchers operating across jurisdictions)
Compliance ultimately depends on how you as a researcher use Safi Data. It is your responsibility to ensure your use of the platform complies with the data protection laws applicable to your organisation and your respondents’ locations.

Reporting a Security Issue

If you believe you have found a security vulnerability in Safi Data, please contact us immediately at security@safidata.com. We take all reports seriously and will respond within 24 hours. Do not disclose security issues publicly before we have had a chance to address them.