What we collect
To welcome you to the table we hold onto:
- Your name, phone number, and — optionally — your email.
- Your role (host, guest, or emissary) and how you describe your table.
- Your profile photo and, if you verify, a selfie used only for verification.
- The knocks you send and receive, and the messages exchanged on them.
- Optional links you provide (Instagram, Facebook, LinkedIn).
How we use it
- To send you login codes and knock notifications (WhatsApp, SMS, email).
- To show your profile and knock to the specific member you're engaging with.
- To keep the community safe — investigating abuse reports and removing bad actors.
We do not sell your information. We do not advertise against it. We do not train third-party models on your data.
Who sees what
Other members see your public profile — name, photo, role, community, bio, social links you chose to share. Your phone and email are never shown; knocks route through us. Administrators can access what they need to moderate.
Where it lives
Application data lives in a Postgres database hosted in the US. Photos live in our storage provider. Messages sent through WhatsApp, SMS, or email transit through Twilio and Resend and are subject to their policies. Session cookies are encrypted and HTTP-only.
Your rights
- Access. See your profile from the app; request a full export by emailing privacy@shefa.app.
- Correction. Edit your profile from Profile → Edit profile.
- Deletion. Delete your account from Profile → Edit profile → Delete account. This removes your profile, photos, knocks, and messages. Allow up to 30 days for full removal from backups.
- Objection. Write to us; we'll do the right thing.
Children
The service is for adults. We do not knowingly collect information from anyone under 18. If you believe we have, write to us and we will delete it.
Changes
We may update this policy. If we make material changes, we will notify you in the app before they take effect.
Contact
Questions or requests? Write to privacy@shefa.app.