How Eki handles your data.
This page summarizes the operational privacy posture of Eki based on the current product and backend implementation. It explains what data we process, why we process it, and the user controls currently available in the product.
Data we process
- Account details such as name, email address, phone number, role, and authentication state
- Order and delivery details such as products ordered, totals, delivery address, and order status
- Payment-related metadata needed to verify and reconcile transactions through Stripe or Paystack
- Vendor storefront content such as product listings, descriptions, pricing, and uploaded images
- Operational records such as notifications, audit logs, and support messages
Why we process it
- To authenticate users and secure access to buyer, vendor, and admin functions
- To process orders, order tracking, escrow states, disputes, refunds, and payouts
- To detect abuse, enforce security controls, and investigate platform incidents
- To deliver transactional emails, OTP codes, notifications, and operational support
Infrastructure and subprocessors
- Vercel for hosting and server execution
- Neon for PostgreSQL database storage
- Stripe for international payments
- Paystack for supported domestic payments and payout rails
- Cloudflare R2 for file storage
- Sentry for error monitoring
- Resend for transactional email delivery
Your controls
- Authenticated users can export account data through the data-export endpoint
- Authenticated users can request account deletion, with financial records retained where legally required
- Order and payment records may be retained for compliance, fraud prevention, and accounting obligations
- For privacy requests or correction requests, contact adminandy@eki.app