Privacy Policy

1. Introduction

At Aleph Safety (Pty) Ltd, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, in compliance with South African privacy legislation including the Protection of Personal Information Act, 2013 (POPIA).

2. Information We Collect

What Personal Data We Collect

We gather various types of information to provide and improve our services. This includes your account information such as your email address, full name, phone number, and specific company details like your registration number, industry classification, and corporate logo. We also collect usage data detailing the documents you generate, the projects you create, and the times you log into the platform. Furthermore, we retain communication data from emails, support requests, and feedback. On a technical level, our systems record data including your IP address, browser type, device type, and the specific pages you visit.

How We Collect It

The information we process is collected through several distinct channels. Primarily, we collect data directly from you when you complete the signup process, fill out your profile, or submit forms within the application. Additionally, we automatically capture diagnostic and tracking information through the use of essential cookies, analytics engines, and standard server logs. Finally, we may receive information from verified third parties, such as our payment processor, PayFast, to confirm transaction statuses.

3. How We Use Your Information

We use your personal data to provide and maintain our core services, process your payments, and manage billing cycles effectively. Your contact information allows us to send you critical updates regarding changes in legislation, particularly the OHS Act and MHSA, while also helping us to respond directly to your technical support requests. Furthermore, we leverage usage analytics to improve and optimize our platform, ensure ongoing compliance with South African law and regulations, and actively detect and prevent fraudulent activities.

4. Data Retention

We retain your personal data strictly for as long as it is necessary to provide our services and satisfy legal obligations. Account data is retained while your account remains active and is immediately scheduled for deletion upon account termination. The safety documents you generate are retained in accordance with the specific terms of your active subscription plan. For regulatory compliance, all financial and billing records are retained for a legally mandated period of 7 years. Additionally, technical usage logs are kept on our servers for 30 days exclusively for security and diagnostic purposes.

5. Your Rights Under POPIA

Under the Protection of Personal Information Act, 2013, you are granted specific rights regarding your personal information. You possess the right to access the personal data we hold about you and request corrections if any information is inaccurate. You also hold the right to request the deletion of your data, commonly known as the right to be forgotten, and you may object to our processing activities. Finally, if you believe your data has been mishandled, you have the right to lodge a formal complaint with the Information Regulator. To exercise any of these rights, please reach out to us at privacy@alephsafe.co.za.

6. Data Security

We implement industry-standard security measures to protect your data against unauthorized access or alteration. Our defense mechanisms include end-to-end encryption of data in transit via SSL/TLS protocols and heavily encrypted static storage databases. We perform regular security audits to maintain the integrity of our platform and enforce strict internal access controls and authentication requirements. However, it is important to acknowledge that no method of transmission over the Internet or electronic storage is entirely infallible, meaning we cannot guarantee absolute security.

7. Third-Party Services

To successfully operate the Aleph Safe platform, we may share specific portions of your data with trusted partners. This includes PayFast for secure payment processing, Supabase for robust data hosting, Anthropic Claude for intelligent document generation, and enterprise email service providers for transactional communications. All of these third parties are legally bound by strict confidentiality agreements and adhere to mandatory POPIA compliance standards.

8. Cookies

Aleph Safety (Pty) Ltd utilizes essential browser cookies to maintain your active login session, remember your interface preferences, and track generalized usage for product analytics. You retain full control over cookie settings directly within your browser preferences; however, disabling cookies may negatively impact or completely disable certain core functionalities of the Aleph Safe platform.

9. International Data Transfers

Our primary databases are stored locally within South Africa, fully complying with POPIA regulations. We do not transfer your sensitive personal data outside the borders of South Africa without obtaining your explicit consent and ensuring that appropriate legal safeguards and data processing agreements are securely in place.

10. Changes to this Policy

We may update this Privacy Policy periodically to reflect technological advancements or changes in the regulatory landscape. Whenever we implement material changes, we will formally notify you via email or by posting a prominent notice directly on our website. Your continued use of the Aleph Safe platform following these notifications constitutes your explicit acceptance of the updated policies.

11. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our broader data privacy practices, please contact us. You can reach our compliance team via email at privacy@alephsafe.co.za. Our physical headquarters are located in Johannesburg, South Africa. We strive to provide comprehensive responses to all privacy-related inquiries within 10 business days.