EreftaPrivacy Policy
Last updated: June 21, 2026
This Privacy Policy explains what information Erefta collects, how it is used, and the choices available to account holders and invited team members, including analytics and diagnostics when those features are enabled.
Information we collect
Erefta stores account details such as name, email address, language preference, and role, along with business records such as products, purchases, inventory counts, sales, exchange-rate data, item photos you upload, and team activity history. To deliver push notifications we store a device push token. We may also collect usage and diagnostic data through configured analytics tooling, such as screen or route context, interaction signals where enabled, in-app events, device and app-version information, crash and error reports, and application logs sent to our analytics provider.
How we use it
We use this information to operate the service, personalize the workspace, secure accounts, send essential account or invite messages, and generate the workflows and reports the store relies on. We also use telemetry to secure the service, troubleshoot issues, measure reliability, and improve product quality.
Sharing and service providers
We share information only with vendors and infrastructure providers that help us host, secure, support, or deliver Erefta. We host application data and uploaded photos with Amazon Web Services (AWS). When enabled, we use PostHog, Inc. for product analytics and diagnostics (see posthog.com/privacy) and OneSignal for push-notification delivery (see onesignal.com/privacy). We may also disclose information when required by law or to protect the service, users, or our legal rights. We do not sell your personal information, and we do not use it for cross-app or cross-site advertising. Some providers may store or process data in the United States or other countries where they or their subprocessors operate.
Retention and choices
Owners can update workspace details, invite or remove clerks, and request support for account-access issues. We retain business data for as long as needed to operate the service, meet legal obligations, resolve disputes, and enforce our agreements. For questions about privacy or these practices, contact us at hello@marefia.com.
Product analytics and diagnostics
When PostHog is configured, Erefta may send product analytics and limited visual context about how app screens appear and change over time, to reproduce bugs, improve stability, and understand how features are used. Typed fields and images are masked in our configuration; other parts of the interface may still be visible, so avoid entering information you do not want reflected in diagnostics outside normal business use. We may capture interaction signals and screen or route identifiers (including navigation parameters supplied to the app). We may collect error telemetry such as uncaught exceptions, unhandled promise rejections, console warnings and errors, and structured application logs linked to diagnostic identifiers. After you sign in, your account email may be associated with a stable analytics identifier to correlate support and usage across sessions. We retain this information only as long as needed for the purposes described and according to our provider configuration and support practices.
Closing your account
When you close your account from Settings → Account → Delete account, we end your sign-in access and free your email address for any future re-registration. Business records linked to the account — purchases, sales, inventory, and related history — are retained in line with the Retention and choices section above, so we can continue to operate the service, meet legal obligations, and resolve disputes. We do not re-associate retained records with any new account opened later under the same email. If you close an owner account, the store associated with it is also closed; clerks previously invited to that store lose access while their personal accounts remain active. Account closure cannot be undone — if you change your mind, you would need to sign up again as a fresh account.
Data security
We protect information with measures appropriate to its sensitivity: data is encrypted in transit using HTTPS/TLS, passwords are stored only as salted cryptographic hashes (never in plain text), and access to production systems is restricted. No method of transmission or storage is completely secure, so we cannot guarantee absolute security; please use a strong, unique password and keep your sign-in credentials private.
Children’s privacy, contact, and changes
Erefta is a business tool intended for adults operating or working in a shop. It is not directed to children, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us so we can remove it. For any privacy question, or to request access to or deletion of your data, email hello@marefia.com. We may update this Privacy Policy from time to time; material changes will be reflected by updating the “Last updated” date above, and continued use after an update means you accept the revised policy.