Legal
Lispor Privacy Policy
Effective date: 5 June 2026
Lispor ("we", "our") is a mobile application for small business inventory and sales management, operated from Dar es Salaam, Tanzania. We treat your data with the same care we'd want for our own.
1. What we collect
When you register, we collect your phone number and the name you choose. We need your phone to identify your account and to send OTP codes that verify it's really you.
When you use the app, we store your business name(s), the products you add, the sales you record, sticker QR scans, team members you invite, and subscription requests. This data lives encrypted on your phone (we use SQLCipher, an industry-standard encryption layer over SQLite). When the device is online, encrypted copies sync to our server so your other devices and your team can see the same data.
We do NOT collect your contacts, calls, SMS, location, microphone, photos that aren't sticker QR scans, or anything else outside what's needed to run the app.
2. End-to-end encryption
Your business data is encrypted with a key derived from a passphrase only you know. Even Lispor staff with full server access cannot read your inventory, sales, or staff records — the server only sees encrypted blobs. Your passphrase never leaves your device.
The only personal data the server can read in plaintext is your phone number, the names of users and businesses (needed for sign-in and team management), and subscription request details (needed to verify your payment).
3. Crash reports
If the app crashes, we may send a minimized report to our crash-reporting provider (Sentry) so we can fix the bug. These reports never include personal data, passphrases, tokens, encryption keys, or your business data — we strip them out before sending. Crash reporting is disabled entirely in development builds and any release where we haven't configured a reporting endpoint.
4. How we use your data
We use your data only to: run the app for you, sync between your devices, let your team see shared shop data, send OTP codes by SMS, verify subscription payments, and respond to your support messages.
We never sell or rent your data to anyone. We don't run advertising. We don't use your data to train any model. There are no third-party trackers, analytics, or ad SDKs in the Lispor app.
5. Third parties
The only third parties that touch your data are:
- Briq (SMS provider) — receives your phone number to deliver the OTP code.
- Airtel Money (payment provider) — payment happens outside the app on Airtel's own service; we only see the transaction reference you type in.
- Sentry (crash reporting) — receives scrubbed crash data with no personal information, only when configured.
6. How long we keep your data
Encrypted data lives on our server until you delete your account. The moment you delete your account from the app (Profile → Delete my account), your user record, all your owned businesses, and every related encrypted blob are removed within 30 days. Local data on your phone is wiped immediately. For the full retention schedule and how to request deletion without the app, see our account & data deletion page.
7. Your rights
You can:
- See all your data — it's all in the app.
- Export it — use the in-app encrypted backup feature.
- Correct it — every product, sale, and team member is editable in-app.
- Delete it — Profile → Delete my account, or request deletion without the app.
8. Children
Lispor is for adults running businesses. We don't knowingly accept users under 18.
9. Security
We use TLS for all network traffic, SQLCipher for local storage, signed authentication tokens with short expiry, and OS-level keystore (Android Keystore / iOS Keychain) for cryptographic key material. We don't claim to be unhackable, but we treat security as the first feature, not the last.
10. Changes to this policy
If we change anything material, we'll show the new policy inside the app and update the "Effective date" above. Continued use after that date means you accept the new policy.
11. Contact
Questions about your data? WhatsApp: +255 662 635 623. We answer in English or Swahili.