Privacy Policy

1. Introduction

AutomateSA ("we", "us", or "our") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, in compliance with the Protection of Personal Information Act, 2013 (POPIA) of South Africa.

2. Information We Collect

We collect personal information that you voluntarily provide to us, including:

• Name and surname
• Business name
• Email address
• Phone / WhatsApp number
• Business challenges and requirements you describe to us
• Account credentials (email and encrypted password) if you create an account

3. Purpose of Processing (POPIA Section 13)

We process your personal information for the following purposes:

• To respond to your enquiry and provide a free automation audit
• To deliver our AI automation services
• To send you service-related communications
• To generate invoices and manage billing
• To improve our website and services

4. Lawful Basis for Processing

We process your personal information based on your consent (when you submit a form or create an account), contractual necessity (to deliver services you have requested), and our legitimate interests in operating and improving our business, as permitted under POPIA.

5. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Lead data is retained for up to 24 months after last contact. Client data is retained for the duration of the service agreement and for 5 years thereafter for legal and accounting purposes.

6. Your Rights Under POPIA

As a data subject, you have the right to:

• Request access to your personal information
• Request correction of inaccurate information
• Request deletion of your personal information
• Object to the processing of your personal information
• Withdraw your consent at any time
• Lodge a complaint with the Information Regulator of South Africa

7. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including encryption of data in transit and at rest, secure authentication mechanisms, and access controls. Our data is stored on secure cloud infrastructure provided by Supabase with servers that comply with international security standards.

8. Third-Party Services

We may share your information with trusted third-party service providers who assist us in operating our business (e.g., cloud hosting, email delivery). These providers are contractually obligated to protect your data and only process it on our behalf.

9. Cookies

Our website uses essential cookies required for authentication and basic functionality. We do not use tracking or advertising cookies.

10. Information Officer

For any questions about this privacy policy or to exercise your rights, please contact our Information Officer via WhatsApp or email as listed on our website.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.