Privacy Policy

ShapShop is operated as a sole proprietorship trading as ShapShop, based in Mossel Bay, Western Cape, South Africa. We are in the process of registering as ShapShop (Pty) Ltd.

We collect only what we need to provide the service:

• Account information: email address and password (hashed, never stored in plain text)
• Family profile: family size, weekly grocery budget, dietary preferences, cuisine preferences, disliked ingredients, cooking time preference, plan duration
• Usage data: meal plans generated, grocery comparisons viewed, subscription status
• Payment information: processed entirely by PayFast — we never store your card details
• Technical data: browser type, device type, IP address (collected by our infrastructure providers for security purposes)

We do not collect sensitive personal information such as race, health records, biometric data, or political views.

Your information is used only for the following purposes:

• To create and manage your ShapShop account
• To generate personalised AI meal plans tailored to your household
• To compare grocery prices across South African retailers on your behalf
• To process subscription payments via PayFast
• To send transactional emails (account confirmation, password reset)
• To improve and maintain the service

We will never use your information for unsolicited marketing without your explicit consent.

• Account data: retained for as long as your account is active
• Meal plans: kept for 12 months then automatically deleted
• Payment records: kept for 5 years as required by South African tax law
• Deleted accounts: all personal data is removed within 30 days of account deletion

We use the following trusted third-party processors. All are bound by their own privacy policies and applicable law:

We do not sell, rent or trade your personal information to any third party.

You have the right to:

• Access the personal information we hold about you
• Correct any inaccurate or outdated information
• Delete your account and all associated personal data
• Object to the processing of your personal information
• Lodge a complaint with the Information Regulator of South Africa

To exercise any of these rights, email us at hello@shapshop.online. We will respond within 30 days.

ShapShop uses strictly necessary cookies only — these are required for authentication and keeping you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies. You can disable cookies in your browser settings, but the app will not function without them.

We take reasonable technical and organisational measures to protect your personal information, including encrypted data transmission (HTTPS), hashed passwords, and row-level security on our database. No system is 100% secure — if you believe your account has been compromised, contact us immediately at hello@shapshop.online.

If you believe we have not handled your personal information lawfully, you may contact:

We may update this policy from time to time. Material changes will be communicated via email or an in-app notice. Continued use of ShapShop after changes constitutes acceptance of the updated policy.