Legal Hub Privacy Policy
Data Protection

Privacy Policy

How ChAinge Logic collects, processes, and protects your personal information — aligned with the Protection of Personal Information Act (POPIA), Act 4 of 2013.

POPIA Aligned Covers TipC Platform Last Updated: April 2026
01 — Overview

Introduction

ChAinge Logic (Pty) Ltd ("ChAinge Logic", "we", "us", or "our") is committed to protecting the personal information of everyone who interacts with our services. This Privacy Policy describes how we collect, use, share, retain, and safeguard personal information in connection with:

  • The ChAinge Logic website at chaingelogic.co.za
  • Our AI automation consulting and digital transformation services
  • Custom software and SaaS products we operate
  • TipC — our QR-based digital tipping platform operated as a ChAinge Logic product

By accessing our website or using any of our services, you confirm that you have read and understood this policy. If you do not agree, you should not use our services.

Governing law: This policy is governed by the Protection of Personal Information Act, 2013 (POPIA) and the laws of the Republic of South Africa. Where our services involve payment processing, our obligations may also be informed by the requirements of our payment service providers.

02 — Responsible Party

Who We Are

For the purposes of POPIA, ChAinge Logic (Pty) Ltd acts as the Responsible Party (data controller) in respect of personal information processed through our website and services. In certain operational contexts — particularly where we process personal information on behalf of clients — we may also act as an Operator.

Entity

ChAinge Logic (Pty) Ltd
Republic of South Africa

Information Officer

Email: privacy@chaingelogic.co.za
General: info@chaingelogic.co.za

Our designated Information Officer is responsible for ensuring compliance with POPIA and handling data subject requests. All privacy-related queries should be directed to the contact details above.

03 — Data Collection

Personal Information We Collect

We collect personal information through various touchpoints. The type of information collected depends on how you interact with us.

When you browse our website or submit an enquiry, we may collect:

  • Name and contact details (email address, phone number)
  • Company name and job title (for business enquiries)
  • Message content submitted via contact forms
  • Technical data: IP address, browser type, device type, referring URL, pages visited, and session duration (via analytics tools)
  • Cookie identifiers and session tokens (see our cookie usage below)

Lawful basis: Legitimate interest (analytics, security) and consent (enquiry forms).

When you engage us for AI automation consulting, software development, or digital transformation services:

  • Business contact details (name, email, phone, business address)
  • Contractual and billing information (company registration, VAT number, banking or payment details for invoicing)
  • Project-related data and documentation you share with us
  • Communication records (email, video call notes, meeting records)
  • Strategy call booking information via Calendly

Lawful basis: Contractual necessity; legitimate interest for ongoing relationship management.

TipC is a QR-based digital tipping platform operated by ChAinge Logic. When individuals register to receive tips through TipC, we collect:

  • Full legal name
  • South African identity or passport number (for identity verification and FICA compliance purposes)
  • Contact details (email address, mobile number)
  • Banking details (bank name, account number, account holder name, branch code) for payout processing
  • Profile information (display name, photograph if provided)
  • Employment or venue context (where applicable)
  • Payout history and transaction records

Lawful basis: Contractual necessity (to facilitate payouts); legal obligation (FICA and financial compliance); legitimate interest (fraud prevention).

Special note: Identity information is collected solely for the purposes of payout verification and financial compliance. It is not shared for marketing purposes.

When a customer scans a TipC QR code and submits a tip payment, we collect:

  • Transaction amount and timestamp
  • Payment method type (as reported by the payment provider)
  • Transaction reference and status (success, failed, pending)
  • Device and session metadata (for fraud prevention)
  • Optional message or rating left by the customer (if the feature is active)

Payment card data is not collected or stored by ChAinge Logic or TipC. All payment data is processed exclusively by our payment service provider, Ozow, in accordance with their PCI-DSS compliant systems and privacy policy.

Lawful basis: Contractual necessity (to complete the transaction); legitimate interest (fraud prevention, dispute resolution).

04 — Purpose of Processing

How We Use Your Information

We process personal information only for specific, legitimate, and documented purposes. We do not use personal information for purposes incompatible with those stated below.

  • To provide services: Processing information necessary to deliver consulting, software, or TipC platform services you have requested.
  • To process payments and payouts: Verifying identities, facilitating tip transactions through Ozow, and processing worker payout requests to their registered bank accounts.
  • To comply with legal obligations: Meeting financial, tax, FICA, and regulatory requirements applicable to our operations.
  • For fraud prevention and security: Detecting, investigating, and preventing fraudulent transactions, abuse of the TipC platform, or security threats to our systems.
  • To communicate with you: Responding to enquiries, sending service updates, invoices, payout notifications, or dispute correspondence.
  • For analytics and improvement: Understanding how our website and products are used in order to improve functionality, user experience, and service quality.
  • To enforce our terms: Exercising or defending legal rights, managing disputes, and enforcing our agreements.
05 — Third-Party Sharing

Sharing Personal Information

We do not sell your personal information. We share it only in the circumstances described below, and only to the extent necessary.

TipC payment transactions are facilitated through Ozow, a South African payment service provider. When you initiate or receive a payment through TipC, relevant transaction data is shared with Ozow to process and verify payments. Ozow operates under its own privacy policy and is bound by applicable South African financial regulations. ChAinge Logic shares only the minimum information necessary to facilitate payment processing.

We engage trusted third-party service providers who process personal information on our behalf as Operators under POPIA. These include cloud hosting providers, analytics platforms, communication tools, and fraud prevention services. All such parties are contractually bound to process personal information only on our instructions and in accordance with POPIA requirements.

We may disclose personal information to law enforcement, regulatory bodies, or courts of law where we are legally required or authorised to do so. We will, where permitted, notify affected individuals of such disclosure.

06 — Data Retention

How Long We Keep Your Data

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

Data Category Retention Period Basis
Website enquiry / contact form data 3 years from last interaction Legitimate interest (relationship management)
Client contracts & billing records 7 years from contract end Legal obligation (SARS, Companies Act)
TipC worker identity & banking details 5 years from account closure Legal obligation (FICA, financial compliance)
TipC transaction records 5 years from transaction date Legal obligation; dispute resolution
Analytics / website usage data 26 months Legitimate interest
Fraud investigation records 7 years from investigation close Legal obligation; legitimate interest

Upon expiry of the applicable retention period, personal information is securely deleted or anonymised in accordance with our data disposal procedures.

07 — Your Rights

Your POPIA Rights

Under POPIA, you have the following rights regarding your personal information:

01
Right of Access
You may request a copy of the personal information we hold about you, and information about how it is processed.
02
Right to Correction
You may request that inaccurate, incomplete, misleading, or outdated personal information be corrected or updated.
03
Right to Deletion
You may request deletion of your personal information where it is no longer necessary, subject to our legal retention obligations.
04
Right to Object
You may object to the processing of your personal information on grounds relating to your particular situation, including objection to direct marketing.
05
Right to Complain
You have the right to lodge a complaint with the Information Regulator of South Africa if you believe your rights under POPIA have been violated.
06
Right to Non-Automated Decisions
You may request human review of decisions made solely by automated processing where such decisions have legal or similarly significant effects on you.

To exercise any of these rights, contact our Information Officer at privacy@chaingelogic.co.za. We will respond within 30 days of receiving a valid request. In complex cases we may extend this period by a further 30 days, with notice.

08 — Security

How We Protect Your Information

We implement appropriate technical and organisational measures to protect personal information against loss, unauthorised access, destruction, misuse, modification, or disclosure. These measures include:

  • Encrypted data transmission (HTTPS/TLS) for all web interfaces
  • Access controls limiting data access to authorised personnel only
  • Secure cloud infrastructure with industry-standard security configurations
  • Fraud detection and anomaly monitoring on TipC transactions
  • Regular security assessments and personnel training
  • Contractual security obligations imposed on all third-party Operators

In the event of a data breach that poses a risk of harm to you, we will notify you and the Information Regulator as required by POPIA Section 22.

09 — Complaints & Escalation

Raising a Privacy Complaint

If you believe your personal information has been processed unlawfully, or that we have failed to comply with our obligations under this policy or POPIA, you may:

01
Contact our Information Officer
Email privacy@chaingelogic.co.za with a description of your concern. We will acknowledge within 3 business days and aim to resolve within 30 days.
02
Escalate to the Information Regulator
If unresolved, you may lodge a complaint with the Information Regulator (South Africa) at complaints.IR@justice.gov.za. Regulator details: SALU Building, 316 Thabo Sehume Street, Pretoria, 0001.
10 — Policy Updates

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on our website with a revised "Last Updated" date. For material changes affecting your rights, we will provide notice through appropriate channels. Continued use of our services after any update constitutes acceptance of the revised policy.

Current version: April 2026  |  Previous review: January 2026  |  Next scheduled review: October 2026