Afrodata

Privacy Policy

Last updated: June 2026. Pending legal review — do not rely on this version as final.

1. Who we are

Afrodata operates the Platform at afrodata.io. We are committed to protecting the privacy of our users and handling personal data responsibly and transparently.

2. Data we collect

We collect only what is necessary to operate the Platform:

  • Account data: email address, preferred language, subscription tier.
  • Query logs: the questions you submit, detected language, answer language, datasets used, and response metadata. These are used to improve the Platform and for usage analytics. Logs are retained for 12 months.
  • Usage data: query counts per billing period for quota enforcement.
  • Payment data: handled entirely by Stripe. We do not store card numbers.
  • Analytics: aggregate usage events (e.g. page views, query submitted) via PostHog, with IP anonymisation enabled.

3. How we use your data

  • To provide, operate, and improve the Platform.
  • To enforce subscription quotas and billing.
  • To detect abuse, enforce rate limits, and maintain platform security.
  • To send transactional emails (quota warnings, subscription confirmations).
  • We do not sell your data to third parties.
  • We do not use your query content to train AI models without explicit consent.

4. Data storage and security

Data is stored in Supabase (PostgreSQL), hosted in the EU. Query logs and account data are encrypted at rest and in transit. Access is restricted to service accounts with the minimum necessary privileges. We apply Row-Level Security policies so that users can only access their own data.

5. Your rights

Subject to applicable law (including GDPR and POPIA), you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated data.
  • Object to processing or request restriction.
  • Data portability for data you have provided.

To exercise any of these rights, email privacy@afrodata.io.

6. Cookies

We use a Supabase session cookie for authentication and a PostHog analytics cookie. No advertising or tracking cookies are used. You can disable cookies in your browser, but authentication will not function without the session cookie.

7. Third-party services

  • Supabase (database and auth) — supabase.com/privacy
  • Stripe (payments) — stripe.com/privacy
  • Anthropic (AI answers) — anthropic.com/privacy
  • PostHog (analytics) — posthog.com/privacy
  • Vercel (frontend hosting) — vercel.com/legal/privacy-policy

8. Contact

Privacy enquiries: privacy@afrodata.io