Privacy Policy

We collect the minimum data needed to run checks and deliver reports. We delete check results after 7 days. We don't sell your data. We don't share it with advertisers. We only search publicly available databases: government registries, court records, business filings, and phone directories. If information about someone isn't in those public sources, we won't find it. But having verified information from public records is better than going in with none.

Safi is operated by Safi Holdings Ltd, registered in ADGM, Abu Dhabi Global Market, UAE. For privacy questions, contact us at privacy@getsafi.ai.

To use Safi, we need your phone number to verify your identity via a one-time code. When you run a check, we need the name and phone number of the person you're checking, along with your use case (date, landlord, contractor, etc.) so we can tailor the results. You can optionally provide additional details like a company name or city to improve accuracy.

If you make a purchase, your payment is handled by our payment processor. We never see or store your card details.

We also collect standard technical data (device type, pages visited, error logs) to keep Safi running smoothly. This data is anonymised and kept for up to 90 days.

When you run a check, we search publicly available sources for information about the person you're checking: phone directory listings, business registrations, court records, sanctions databases, publicly available social media profiles, and news mentions. All of this information is already publicly available. We don't access private accounts, intercept communications, or obtain information through any illegal means.

Check results are automatically deleted after 7 days. Your account information (phone number) is kept while your account is active and deleted within 30 days if you close your account.

We use your data to provide the Safi service, process payments, improve how Safi works, communicate with you about your checks, and prevent fraud and abuse.

We do NOT use your data for advertising, profiling, or selling to third parties.

We work with a small number of trusted service providers to process payments, deliver messages, generate reports, track errors, and understand how people use Safi. Each provider only receives the minimum data needed to do their job, and all are contractually required to protect your data.

We do not sell, rent, trade, or otherwise monetise your personal data. We do not share your data with data brokers or advertisers.

Safi is NOT a Consumer Reporting Agency as defined by the Fair Credit Reporting Act (15 U.S.C. § 1681 et seq.). We do not provide “consumer reports” as defined by the FCRA. Safi reports are for personal informational purposes only and may not be used for employment, credit, housing, insurance, or any other purpose regulated by the FCRA.

If you're a California resident, you have the right to know what personal information we've collected, request corrections, request deletion, and opt out of any sale of personal data (we don't sell it, so there's nothing to opt out of). We do not collect sensitive personal information as defined by the CPRA. We won't treat you differently for exercising your privacy rights. To exercise these rights, email privacy@getsafi.ai. We'll respond within 45 days.

Several other US states (Virginia, Colorado, Connecticut, Utah, and others) have enacted similar privacy laws. If you're a resident of one of these states, you can exercise your rights by emailing privacy@getsafi.ai.

We use essential cookies to keep Safi working (authentication and session management) and optional analytics cookies to understand usage patterns. You can opt out of analytics cookies when you first visit. We don't use advertising cookies, tracking pixels, or third-party cookies for ad targeting.

Your data is encrypted in transit and at rest, protected by row-level database security, and accessible only to essential systems. Check results are automatically deleted after 7 days. No system is perfectly secure. If we discover a data breach that affects your information, we'll notify you without unreasonable delay, and in any event within 30 days of discovery.

Safi is operated from the UAE. Your data may be processed in the UAE, the United States, and other countries where our service providers operate. We ensure that all data transfers are protected by appropriate safeguards.

Safi is not for anyone under 18. We don't knowingly collect data from minors. If we learn that a user is under 18, we'll delete their account and data.

If we make material changes, we'll notify you via email or in-app notice at least 30 days before they take effect. Your continued use of Safi after the effective date means you accept the updated policy.

If any provision of this policy is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

Privacy questions: privacy@getsafi.ai
General questions: hello@getsafi.ai