Effective Date: 25 February 2026 | Applies to: MyProtektor Mobile App and www.myprotektor.co.za
MyProtektor recognises its obligation to protect personal data and is dedicated to operating in accordance with the Protection of Personal Information Act (POPIA), Act 4 of 2013. Given that our platform processes location data, manages emergency alerts, and facilitates incident reporting, we place a high priority on responsible data handling.
The purpose of this statement is to outline the measures we employ to protect user data and honour individuals' rights under data protection law.
1. Types of Personal Information We Collect
In order to deliver our mobile application and platform services, we may gather and process the following categories of personal information:
- Full name and surname
- Contact details (email address and mobile number)
- GPS location and tracking data
- Device type and system information
- Emergency contact details
- User-generated incident reports (which may contain personal or sensitive contextual data)
- App usage patterns and analytics
We do not collect biometric, health, or special category data.
2. Our Commitment to POPIA Principles
The following core POPIA principles guide every aspect of our data collection and processing activities:
- Lawful and fair processing – Personal data is handled solely for legitimate operational requirements.
- Purpose limitation – We gather information exclusively for specified functions, including location tracking, incident management, and account administration.
- Data minimisation – Only the minimum amount of data required for platform operation is collected.
- Data accuracy – Users may review, correct, or update their personal details at any time.
- Security safeguards – Suitable technical and organisational controls are applied to protect stored and transmitted data.
- Transparency and accountability – We openly communicate our data practices and accept accountability to both users and regulatory bodies.
3. Security Measures We Have in Place
Our platform employs a multi-layered security approach across all systems:
- TLS (Transport Layer Security) encryption for all data in transit
- AES encryption for data stored at rest
- Role-based access control for admins, guards, and clients
- Daily encrypted backups stored securely
- Audit logging of sensitive actions
- Cloud infrastructure hosted on Firebase and Google Cloud, meeting international security standards
- Ongoing patching, updates, and monitoring of app and backend systems
4. International Data Transfers
Certain services, hosting platforms, and technology partners that we rely upon are based outside the borders of South Africa, including:
- Firebase (cloud storage and analytics)
- Vercel (web hosting)
- Paystack and Google Play (payment processing)
To ensure that any transfer of personal data across borders remains compliant with POPIA, we implement the following safeguards:
- Secure transmission methods
- Contracts with data processors that meet POPIA and GDPR standards
- Hosting providers that adhere to international data protection benchmarks
5. Your Rights Under POPIA
As a data subject, you are entitled to:
- Request access to the personal information we hold about you
- Have inaccurate or outdated records corrected or removed
- Object to the processing of your data for direct marketing or analytical purposes
- File a complaint with the Information Regulator of South Africa
We undertake to process all legitimate access or deletion requests within the timeframes prescribed by POPIA.
6. Contact Us
Should you have any concerns about the way your personal information is managed, or if you wish to submit a data access or deletion request, you may contact us at:
Email: info@myprotektor.co.za
This statement should be read in conjunction with our Privacy Policy, Terms of Service, and PAIA Manual.
We reserve the right to revise this page from time to time in response to legislative changes, technological developments, or updates to our internal procedures.
Disclaimer: This statement describes our present security practices and ongoing efforts towards compliance. It does not amount to a legal certification or an absolute guarantee of regulatory conformity.