Legal

Data Protection

Last updated: 27 June 2026 · Effective date: 1 June 2025

This page explains how Fippence protects the personal data we hold about you, and how to exercise your data rights. For our full privacy practices, see the Privacy Policy.

Our commitment

Fippence is committed to responsible data handling. We collect the minimum data necessary to run the service, we protect it using appropriate technical and organisational measures, and we give you meaningful control over your information.

We align our practices with internationally recognised data protection principles, including those reflected in the EU General Data Protection Regulation (GDPR) and the Data Protection Act of Jamaica (2020), even where we are not legally required to comply with every provision.

The data we hold about you

Depending on how you use Fippence, we may hold the following categories of data:

Identity data: your name
Contact data: email address, WhatsApp number (if provided)
Location data: parish (provided by you); GPS coordinates only if explicitly permitted
Preference data: your usual supermarket, device type
Usage data: app activity, feature usage, session length
Technical data: device model, operating system, app version, crash logs
Shopping data: items and quantities added to your cart, running totals

We do not hold payment data, biometric data, government ID numbers, or sensitive personal categories of data as defined by applicable law.

How we protect your data

We apply the following security measures:

Encryption in transit: all data sent between the app/website and our servers uses TLS encryption (HTTPS)
Encryption at rest: personal data stored on our servers is encrypted
Access controls: only authorised team members can access personal data, and only when necessary for their role
Minimal data collection: we collect only what we need to operate the service
Anonymisation: where possible, we anonymise or aggregate data before using it for product analytics or price database improvement
Secure third parties: we only use service providers who maintain appropriate security standards
Regular review: we periodically review and update our security practices

Your data rights

You have the following rights over your personal data. To exercise any of them, email administrator@plush-soft.com with your name and email address. We will respond within 30 days.

Right to access

Request a copy of all personal data we hold about you. We'll provide it in a readable format within 30 days.

Right to correction

Ask us to correct any inaccurate or incomplete personal data we hold about you.

Right to deletion

Request that we delete your personal data. We'll do so within 30 days, subject to legal retention obligations.

Right to portability

Receive your personal data in a machine-readable format (JSON or CSV) so you can transfer it elsewhere.

Right to object

Object to us processing your data based on legitimate interests. We will assess and respond within 30 days.

Withdraw consent

Withdraw consent for optional processing (e.g. marketing emails) at any time, without affecting past processing.

Data retention periods

Waitlist data — held until beta period ends, or upon deletion request
Active account data — held while your account is active
Closed account data — deleted within 90 days of account closure
Usage and analytics data — anonymised after 12 months
Legal and financial records — retained for up to 7 years as required by Jamaican law

Data breaches

In the event of a personal data breach that is likely to result in a risk to your rights, we will notify affected users without undue delay and, where required, notify the relevant regulatory authority within 72 hours of becoming aware of the breach.

International data transfers

Fippence is based in Jamaica. If we use third-party service providers whose servers are located outside Jamaica (e.g. cloud hosting providers), we take steps to ensure that appropriate safeguards are in place to protect your data, in accordance with applicable data protection law.

Third-party processors

We use the following categories of third-party data processors to help deliver the service:

Cloud hosting providers — to store data and run the app
Email service providers — to send you notifications and updates
Form processors — to process waitlist form submissions (currently Formspree)
Analytics providers — to understand app usage (anonymised data only)
Crash reporting tools — to identify and fix bugs

All processors are bound by data processing agreements that require them to protect your data and use it only for the purpose of providing services to Fippence.

Cookies

The Fippence website uses only essential cookies required for the site to function, and may use anonymised analytics cookies. We do not use advertising cookies, tracking pixels, or third-party behavioural profiling on our website.

You can manage or disable cookies through your browser settings at any time.

Contact our data team

For all data protection enquiries, requests, or complaints, please contact:

Fippence Data Team
Email: administrator@plush-soft.com
Subject line: "Data Protection Request"
Kingston, Jamaica

If you are not satisfied with our response, you may lodge a complaint with the relevant data protection authority in your jurisdiction.