Privacy Policy
Effective Date: 17 February 2026 · Last Updated: 17 February 2026
DataFlo Automation ("Company", "we", "us", or "our") is committed to protecting the privacy and personal information of users of the TeamTracker platform (the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
This policy complies with the Protection of Personal Information Act, 2013 (POPIA) of the Republic of South Africa and the General Data Protection Regulation (GDPR) where applicable.
1. Information We Collect
1.1 Information You Provide
- Account Information: company name, contact person name, email address, phone number, and physical address.
- User Information: first name, last name, email address, and role within your company.
- Payment Information: billing details processed through third-party payment providers (we do not store full credit card numbers).
- Content: form templates, submissions, job cards, and other data you create within the Service.
1.2 Information Collected Automatically
- Usage Data: pages visited, features used, actions taken, timestamps.
- Device Information: browser type, operating system, device type, screen resolution.
- Log Data: IP address, access times, referring URLs, error logs.
- Cookies: session identifiers and preferences (see our Cookie Policy).
1.3 Information from Third Parties
- OAuth Providers: if you sign in via Google or Microsoft, we receive your name and email address from those services.
- Payment Providers: transaction confirmations and payment status from Paystack and similar providers.
2. How We Use Your Information
| Purpose | Legal Basis |
|---|---|
| Provide and operate the Service | Contract performance |
| Process payments and manage subscriptions | Contract performance |
| Send transactional emails (invoices, password resets, account alerts) | Contract performance |
| Improve and develop the Service | Legitimate interest |
| Detect and prevent fraud or abuse | Legitimate interest |
| Comply with legal obligations | Legal obligation |
| Send marketing communications (only with consent) | Consent |
3. Data Sharing & Third Parties
We do not sell your personal information. We may share data with:
- Service Providers: hosting (Google Cloud Platform), payment processing (Paystack), email delivery, and analytics providers who process data on our behalf.
- Legal Requirements: when required by law, regulation, or legal process, or to protect the rights, property, or safety of DataFlo Automation or others.
- Business Transfers: in connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity.
4. Data Storage & Security
Your data is stored on secure servers provided by Google Cloud Platform. We implement industry-standard security measures, including:
- Encryption in transit (TLS/SSL) and at rest.
- Access controls and authentication.
- Regular security reviews.
- Audit logging of administrative actions.
While we take reasonable measures to protect your data, no system is completely secure. You are responsible for keeping your login credentials confidential.
5. Data Retention
- Active Accounts: we retain your data for as long as your Account is active.
- Terminated Accounts: we may retain data for up to 90 days after Account termination, after which it will be deleted unless retention is required by law.
- Audit Logs: administrative audit trails may be retained for up to 7 years for compliance purposes.
6. Your Rights
Under POPIA and applicable data protection laws, you have the right to:
- Access your personal information held by us.
- Correct inaccurate or incomplete information.
- Delete your personal information (subject to legal retention requirements).
- Object to the processing of your data for direct marketing.
- Data Portability: request a copy of your data in a structured, machine-readable format.
- Withdraw Consent where processing is based on consent, without affecting the lawfulness of prior processing.
- Lodge a Complaint with the Information Regulator of South Africa.
To exercise these rights, contact us at privacy@datafloautomation.com.
7. Cookies
We use cookies and similar technologies to operate the Service. For full details, see our Cookie Policy.
8. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly.
9. International Transfers
Your data may be processed in countries outside of South Africa (e.g. where our cloud infrastructure is hosted). In such cases, we ensure appropriate safeguards are in place to protect your data in accordance with POPIA and applicable laws.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Information Officer
In terms of POPIA, DataFlo Automation has appointed an Information Officer who can be contacted regarding any privacy-related queries:
Information Officer
DataFlo Automation
Email: privacy@datafloautomation.com
Republic of South Africa
12. Contact Us
DataFlo Automation
Email: privacy@datafloautomation.com
Website: datafloautomation.com
Republic of South Africa