S
Sika Flows

Privacy Policy

Last Updated: March 28, 2026

1. Information We Collect

We collect information necessary to provide our payment collection and scheduling services:

  • Merchant Account Information: Name, business name, email address, and settlement bank details.
  • Customer Information: Email address, name, and any custom form data provided during checkout.
  • Payment Data: All financial transactions are processed securely via Paystack. Sika Flows does not store full credit card numbers or mobile money PINs.
  • Google User Data: If you connect your Google Calendar, we collect your Google email address and specific calendar metadata (Busy/Free status).

2. How We Use Your Data

We use the collected data to:

  • Process payments and generate receipts.
  • Notify merchants of successful transactions via webhooks and email.
  • Scheduling: Sync with your Google Calendar to prevent double-bookings and automatically create events for confirmed appointments.

3. Google API Data Usage Disclosure

Sika Flows accesses your Google Calendar data to provide scheduling features:

  • Availability: We use the calendar.readonly (or Free/Busy) scope to check your existing appointments and show only available slots to your customers. We do not read or store the titles, descriptions, or attendees of your private meetings.
  • Event Creation: We use the calendar.events scope to insert a new appointment into your primary calendar once a customer payment is successful. This event includes a Google Meet link for your convenience.
  • Limited Use Requirement: Sika Flows' use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We only share data with:

  • Paystack: To process financial transactions.
  • Google: To sync scheduling data if the merchant has opted-in.
  • Resend: To deliver automated email receipts and alerts.
  • Clerk: For secure authentication and user management.

5. Data Security

We implement industry-standard security measures, including HMAC-SHA256 signing for webhooks and SSL/TLS encryption for all data in transit, to protect your information from unauthorized access.

6. Your Rights

You have the right to access, correct, or delete your personal information at any time. Merchants can disconnect their Google Calendar via the Dashboard, which immediately revokes our access to their Google data.