Saflipay
Legal

Cookie Policy

Which cookies and similar technologies SafliPay uses, what they are for, and how you can control them.

Effective 20 June 2026

01What Are Cookies

Cookies are small text files stored on your device when you use a website or mobile application. Similar technologies include local storage, session tokens, and device identifiers used in mobile applications. SafliPay uses these to keep you signed in securely, protect your account, and understand how the application is used so we can improve it.

Because SafliPay is a regulated payment service, some of these technologies are essential to security and cannot be disabled while you are using the platform.

02Technologies We Use

Strictly necessary

Session authentication tokens that maintain your signed-in state during an active session. These expire automatically when your session ends or you sign out. They cannot be disabled as they are essential to the security and functioning of the service.

Security

Device fingerprint signals and IP-based risk scoring used to detect unusual login attempts, flag suspicious activity, and confirm the authenticity of high-value transaction instructions. These signals are processed in our secure backend and are not shared with third parties.

Analytics

Aggregated, anonymised usage data that helps us understand which features are most used and where users encounter friction. This data is not linked to your personal identity and is not shared with advertising networks. We use privacy-first analytics tools that comply with the NDPR.

Functional

Preferences stored locally on your device, such as your notification settings and display preferences. These persist across sessions so you do not need to reconfigure the app each time you open it.

03Third-Party Technologies

MetaMap processes biometric liveness data on your device during identity verification. This data is handled entirely within your device's secure enclave and is not stored or transmitted to SafliPay's servers. MetaMap operates under its own privacy policy and NDPR-compliant data processing agreement with SafliPay.

Our CBN-licensed banking partners may use their own session and security technologies when processing payment instructions on our behalf. These are governed by their own privacy and cookie policies and are limited strictly to transaction execution.

04How to Control Cookies

You can clear local storage and session data at any time through your device's application settings or by signing out of SafliPay. Note that clearing session data will sign you out and you will need to re-authenticate the next time you open the app.

Analytics data collection can be disabled in your SafliPay account under Settings, then Privacy. Disabling analytics does not affect your ability to use any feature of the platform.

Strictly necessary and security cookies cannot be disabled while you are actively using the service. They are deleted when your session ends or when you uninstall the application.

05Retention

Session tokens expire at the end of each active session. Security signals are retained for up to 90 days for fraud investigation purposes. Analytics data is retained in aggregated form for up to 24 months before deletion.

06Changes to This Policy

If we introduce new tracking technologies or change how existing ones are used, we will update this Cookie Policy and notify you via in-app notification or email at least 14 days before the change takes effect.

Questions about this document? Email hello@saflipay.com. We respond within two business days.