PRIVACY POLICY
Intelligent Output Systems (Pty) Ltd
Mobile and Web Applications
| Version | 1.0 |
|---|---|
| Effective Date | 5 February 2026 |
| Review Date | 5 February 2027 |
| Owner | Managing Director |
1. Introduction
1.1 About This Policy
This Privacy Policy explains how Intelligent Output Systems (Pty) Ltd ("IO Systems", "we", "us", or "our") collects, uses, stores, and protects personal information when you use our mobile and web applications.
1.2 Our Commitment
We are committed to protecting your privacy and ensuring that your personal information is handled in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA"), the Electronic Communications and Transactions Act 25 of 2002 ("ECTA"), and all other applicable South African legislation.
1.3 Scope
This policy applies to all our mobile applications, web applications, and related services, including but not limited to:
- Connected Fleet vehicle tracking and fleet management platform
- PersonAuth identity verification services
- AgriERP agricultural management system
- Any other applications or services provided by IO Systems
2. Responsible Party Information
In accordance with POPIA Section 18, the responsible party for your personal information is:
Intelligent Output Systems (Pty) Ltd
Registration Number: 2012/209767/07
4 Hurd Street, Newton Park
Gqeberha (Port Elizabeth), 6045
Eastern Cape, South Africa
Email: info@iosystems.co.za
3. Information We Collect
3.1 Information You Provide
We collect information you voluntarily provide when using our services:
- Account Information: Name, email address, telephone number, company name, job title
- Identity Verification: ID numbers, photographs, biometric data (where applicable)
- Payment Information: Billing address, payment card details (processed by secure third-party providers)
- Communications: Correspondence, support tickets, feedback
3.2 Information Collected Automatically
When you use our applications, we automatically collect:
- Device Information: Device type, operating system, unique device identifiers
- Usage Data: Features used, access times, interaction patterns
- Location Data: GPS coordinates, cell tower data (for fleet tracking applications)
- Log Data: IP addresses, browser type, error reports
4. Legal Basis and Purpose of Processing
In accordance with POPIA Sections 9-11, we process your personal information based on the following lawful grounds:
4.1 Contractual Necessity
Processing necessary to fulfil our contractual obligations to you:
- Providing and maintaining our services
- Processing transactions and billing
- Providing technical support and customer service
4.2 Legitimate Interest
Processing necessary for our legitimate business interests:
- Improving and developing our services
- Security monitoring and fraud prevention
- Analytics and service optimization
4.3 Consent
Where required, we obtain your explicit consent for:
- Marketing communications
- Processing of special personal information (biometric data)
- Sharing data with third parties for non-essential purposes
4.4 Legal Obligation
Processing required to comply with South African law, including tax obligations, court orders, and regulatory requirements.
5. Data Sharing and Disclosure
5.1 Third-Party Service Providers
We may share personal information with trusted third-party service providers who assist us in operating our services, including:
- Cloud hosting providers
- Payment processors
- Analytics services
- Customer support tools
All third-party providers are contractually obligated to protect your information in accordance with POPIA.
5.2 Legal Requirements
We may disclose personal information when required by law, court order, or government request, or when necessary to protect our rights, safety, or property.
5.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the successor entity, subject to the same privacy protections.
6. Cross-Border Data Transfers
In accordance with POPIA Section 72, we may transfer personal information outside South Africa only where:
- The recipient country has adequate data protection laws
- The recipient is bound by a contract ensuring adequate protection
- You have consented to the transfer
- The transfer is necessary for the performance of our contract with you
7. Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including:
- Active Accounts: For the duration of your account relationship plus 5 years
- Transaction Records: 7 years as required by South African tax law
- Location Data: As specified in your service agreement, typically 12-36 months
- Legal Claims: Until the applicable limitation period expires
8. Your Rights Under POPIA
In accordance with POPIA Sections 23-25, you have the following rights:
8.1 Right of Access
You may request confirmation of whether we hold personal information about you and request access to such information.
8.2 Right to Correction
You may request that we correct or delete inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or unlawfully obtained personal information.
8.3 Right to Object
You may object to the processing of your personal information for direct marketing purposes or on reasonable grounds relating to your particular situation.
8.4 Right to Withdraw Consent
Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
8.5 Right to Lodge a Complaint
You have the right to lodge a complaint with the Information Regulator:
Information Regulator (South Africa)
Email: inforeg@justice.gov.za
Website: https://www.justice.gov.za/inforeg/
9. Security Measures
We implement appropriate technical and organisational measures to protect your personal information, including:
- Encryption of data in transit and at rest
- Secure access controls and authentication
- Regular security assessments and penetration testing
- Employee training on data protection
- Incident response procedures
10. Security Breach Notification
In accordance with POPIA Section 22, in the event of a security breach that compromises your personal information, we will:
- Notify the Information Regulator as soon as reasonably possible
- Notify you of the breach if there is a reasonable belief that your personal information has been accessed or acquired by an unauthorised person
- Provide sufficient information to allow you to take protective measures
11. Children's Privacy
Our services are not directed to children under 18 years of age. We do not knowingly collect personal information from children. In accordance with POPIA Section 35, processing of children's personal information requires consent from a competent person (parent or guardian).
If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete such information.
12. App Store Compliance
12.1 Apple App Store
Our iOS applications comply with Apple's App Store Guidelines and App Tracking Transparency requirements. We request permission before accessing device features such as location, camera, or contacts.
12.2 Google Play Store
Our Android applications comply with Google Play's User Data Policy and Data Safety requirements. We provide clear disclosure of data collection and usage in the Google Play Console Data Safety section.
13. Cookies and Tracking Technologies
Our web applications may use cookies and similar technologies to:
- Maintain session state and authentication
- Remember your preferences
- Analyse usage patterns
- Improve performance
You can manage cookie preferences through your browser settings. Disabling cookies may affect the functionality of our services.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website and applications
- Sending notification via email or in-app message
- Updating the "Effective Date" at the top of this policy
15. Contact Us
For questions, concerns, or requests relating to this Privacy Policy or your personal information, please contact us:
Information Officer
Intelligent Output Systems (Pty) Ltd
4 Hurd Street, Newton Park
Gqeberha, 6045
Email: info@iosystems.co.za
We will respond to your request within 30 days as required by POPIA.
16. Governing Law
This Privacy Policy is governed by the laws of the Republic of South Africa. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of the South African courts.
17. Limitation of Liability
17.1 Disclaimer
While we implement reasonable security measures to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.
17.2 Third-Party Services
Our services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties.
17.3 Maximum Liability
To the maximum extent permitted by South African law, our liability for any breach of this policy shall not exceed:
- The total fees paid by you to us in the three (3) months preceding the claim
- R10,000 (ten thousand Rand), whichever is lesser
Document History
| Version | Date | Author | Changes |
|---|---|---|---|
| 1.0 | 5 February 2026 | Managing Director | Initial release |