MyProtektor

Privacy Policy

Last Updated: 2026-02-25

1. Introduction

MyProtektor ("we," "our," or "us") places the protection of your personal information at the centre of our operations. This Privacy Policy describes the categories of data we gather, the purposes for which we process it, the circumstances under which we may disclose it, and the measures we employ to keep it secure when you interact with our web application, mobile application, and associated services (together, the "Services").

Every individual who uses MyProtektor is covered by this policy, irrespective of their role within the platform — from security firm owners and administrators to guards and end-user clients operating within our 5-tier access hierarchy.

2. Information We Collect

2.1 Personal Information

  • Account Information: Full name, email address, telephone number, organisation affiliation, position or title
  • Profile Information: Assigned role (LiteClient, Client, Guard, Admin, Owner), user preferences, profile photograph
  • Authentication Data: Securely hashed passwords, multi-factor authentication credentials
  • Communication Data: Correspondence, support enquiries, user feedback, and incident report narratives

2.2 Location Information

  • Real-time Location: Geographic coordinates captured for incident logging, patrol route tracking, and emergency dispatch
  • Location History: Archived positional data used for security trend analysis and route efficiency improvements
  • Geofencing: Location-triggered alerts, automated notifications, and proximity-based check-in events
  • Address Data: Physical addresses of monitored properties, defined patrol routes, and documented incident sites

2.3 Security and Incident Data

  • Incident Reports: Photographs, video recordings, written descriptions, time stamps, severity classifications, and resolution status
  • Patrol Data: QR code scan records, GPS route traces, checkpoint confirmations, and patrol completion summaries
  • Panic Button Usage: Emergency activation events, activation timestamps, associated coordinates, and response durations
  • Access Logs: Authentication attempts, active sessions, security-relevant events, and platform interaction records

2.4 Technical Information

  • Device Information: Hardware model, operating system version, browser identifier, IP address
  • Usage Data: In-app behaviour, feature engagement metrics, performance diagnostics, and error reports
  • Analytics Data: Screen views, session length, navigation patterns, and conversion indicators

3. How We Use Your Information

3.1 Core Security Services

  • Incident Management: Record, track, and bring security events to resolution
  • Real-time Monitoring: Deliver live operational oversight and instant alert notifications
  • Emergency Response: Orchestrate rapid reactions to panic button activations and critical situations
  • Patrol Management: Monitor guard routes, enforce schedules, and evaluate patrol effectiveness

3.2 User Management

  • Authentication: Confirm user identities and administer secure session management
  • Role-based Access: Enforce feature and data permissions aligned with each user's assigned role
  • Organisation Management: Facilitate team administration and organisational configuration

3.3 Communication and Notifications

  • Critical Alerts: Dispatch time-sensitive notifications when security events occur
  • System Updates: Communicate platform changes, version releases, and newly available features
  • Support Services: Address technical enquiries and assist with operational issues

4. Data Sharing and Disclosure

4.1 Within Your Organisation

  • Role-based Sharing: Information is made visible within your organisation according to each member's role and permissions
  • Security Reporting: Incident summaries and operational analytics are furnished to administrators and owners
  • Team Collaboration: Authorised team members can jointly access and act upon security data

4.2 Third-Party Service Providers

  • Firebase/Google Cloud: Identity verification, database hosting, file storage, and serverless computing
  • Google Maps: Mapping, geolocation resolution, and spatial data services
  • Stripe: Secure payment processing and subscription lifecycle management
  • Monitoring Services: Application error tracking, uptime monitoring, and behavioural analytics

4.3 Legal and Safety Requirements

  • Law Enforcement: Respond to legally binding requests, subpoenas, and court orders
  • Emergency Services: Disclose information when necessary to safeguard life or prevent serious harm
  • Legal Compliance: Fulfil regulatory obligations and uphold industry-mandated standards

5. Data Security

5.1 Technical Safeguards

  • Encryption: AES-256 for data at rest; TLS 1.3 for all data transmitted across networks
  • Access Controls: Role-based permission enforcement combined with multi-factor authentication
  • Security Monitoring: Continuous 24/7 surveillance of infrastructure with automated incident detection

5.2 Physical and Administrative Safeguards

  • Data Centres: Certified hosting facilities featuring physical perimeter controls and restricted entry
  • Staff Training: Ongoing security awareness programmes for all personnel who handle data
  • Security Audits: Periodic vulnerability assessments and independent penetration tests

6. Data Retention

6.1 Personal Data

  • Active Accounts: Kept on file for the duration of your account's active status and any legitimate operational need thereafter
  • Inactive Accounts: Purged following 24 months of continuous inactivity
  • Account Deletion: Executed within 30 days of receiving a verified deletion request

6.2 Security and Operational Data

  • Incident Reports: Preserved for 7 years in satisfaction of legal and insurance requirements
  • Patrol Data: Held for 3 years to enable operational trend analysis
  • Access Logs: Maintained for 12 months for security audit and monitoring purposes
  • Financial Records: Archived for 7 years in accordance with tax and statutory obligations

7. Your Rights and Choices

7.1 Access and Control

  • Data Access: Obtain a copy of the personal data we hold about you
  • Data Portability: Receive your data in a commonly used, machine-readable format
  • Data Correction: Have inaccurate or incomplete records rectified
  • Data Deletion: Ask for your personal data to be erased, subject to overriding legal retention requirements

7.2 Privacy Controls

  • Location Services: Adjust or disable location tracking through your device preferences
  • Notifications: Configure which alerts you receive and how frequently they are delivered
  • Data Sharing: Manage the extent to which your information is visible within your organisation

8. International Data Transfers

South Africa serves as the primary jurisdiction for data processing and storage. Nevertheless, certain data may be transferred to countries in which our service providers maintain infrastructure. Appropriate protective mechanisms are applied to all cross-border transfers, including:

  • Adequacy Decisions: Transfers directed to jurisdictions recognised as providing sufficient data protection
  • Standard Contractual Clauses: EU-endorsed contractual safeguards governing international data flows
  • Privacy Shield: Adherence to applicable international privacy frameworks where relevant

9. Children's Privacy

The MyProtektor platform is designed for adult users and is not directed at individuals below 13 years of age. We do not intentionally gather personal data from children under 13. Should you become aware that a child has provided us with personal information, please notify us immediately so we can take corrective action.

10. Changes to This Privacy Policy

Revisions to this Privacy Policy may be published periodically. When we make substantive changes, we will inform you through:

  • Publication of the revised policy on our website
  • Direct email communication to all registered account holders
  • Prominent in-app notification banners

Ongoing use of the Services following publication of any amendments signifies your acceptance of the updated Privacy Policy.

11. Contact Information

If you have questions concerning this Privacy Policy or wish to exercise any of your data rights, please get in touch:

MyProtektor

Email: info@myprotektor.co.za

Phone: +43 676 441 2714

12. Regulatory Compliance

This Privacy Policy has been prepared with regard to the following regulatory frameworks:

  • POPIA: Protection of Personal Information Act (Republic of South Africa)
  • GDPR: General Data Protection Regulation (European Union)
  • CCPA: California Consumer Privacy Act (United States of America)
  • Industry Standards: ISO 27001, SOC 2, and other recognised security and privacy benchmarks

This Privacy Policy is effective as of 2026-02-25 and applies to all users of MyProtektor services.