top of page

Privacy Policy

1. INTRODUCTION

FinGenie (Pty) Ltd ("FinGenie," "we," "us," or "our") is committed to protecting your privacy and personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) and other applicable South African data protection laws.

This Privacy Policy explains:

  • What personal information we collect

  • How we use your information

  • How we protect your information

  • Your rights under POPIA

  • How to contact us about privacy matters

By using our website, software, or services, you consent to the collection and use of your personal information as described in this Privacy Policy.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

When you use our Services, we may collect:

Account Registration:

  • Full name

  • Business name

  • Email address

  • Phone number

  • Physical business address

  • Industry/sector information

  • Annual revenue range (optional)

Financial Data (Client Data):

  • Financial statements and figures

  • Cash flow information

  • Debtor and creditor details

  • Banking information (for payment processing)

  • Credit-related information

  • Any other business financial data you input into our software

Communication Information:

  • Messages sent via contact forms

  • Email correspondence

  • Phone call records

  • Consultation notes

  • Support requests

Payment Information:

  • Billing address

  • Payment method details (processed by secure third-party payment processors)

  • Transaction history

  • Invoices

2.2 Information We Collect Automatically

Usage Data:

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and features used

  • Time and date of visits

  • Referring website

  • Software interaction patterns

Cookies and Tracking Technologies: We use cookies and similar technologies to enhance user experience and analyze usage patterns. See Section 8 for details.

2.3 Information from Third Parties

We may receive information from:

  • Credit bureaus (when you request credit reports for your customers)

  • Payment processors

  • Analytics providers

  • Referral partners (with your consent)

3. PURPOSE OF PROCESSING (How We Use Your Information)

We process your personal information for the following lawful purposes under POPIA:

3.1 Service Provision (Contractual Necessity)

  • To provide Flow, Collect, GenieScore, and Complete services

  • To process your registration and manage your account

  • To deliver monthly consulting services

  • To generate reports and assessments

  • To provide customer support

  • To communicate about your account and services

3.2 Payment Processing (Contractual Necessity)

  • To process subscription fees and payments

  • To issue invoices and receipts

  • To manage billing inquiries

3.3 Service Improvement (Legitimate Interest)

  • To improve software functionality and user experience

  • To develop new features and services

  • To analyze usage patterns and trends

  • To conduct research and analysis

3.4 Communication (Legitimate Interest / Consent)

  • To send service-related notifications

  • To provide updates about Services

  • To send marketing communications (with your consent)

  • To respond to your inquiries

3.5 Legal Compliance (Legal Obligation)

  • To comply with South African laws and regulations

  • To respond to legal requests and prevent fraud

  • To enforce our Terms of Service

  • To protect our rights and property

3.6 Security (Legitimate Interest)

  • To protect against unauthorized access

  • To detect and prevent fraud or abuse

  • To maintain system security and integrity

4. LEGAL BASIS FOR PROCESSING

Under POPIA, we process your personal information based on:

  1. Consent: You have given clear consent for specific purposes (e.g., marketing communications)

  2. Contract: Processing is necessary to fulfill our contractual obligations to you

  3. Legal Obligation: Processing is required to comply with South African law

  4. Legitimate Interests: Processing is necessary for our legitimate business interests, provided your rights are not overridden

5. SHARING YOUR INFORMATION

5.1 We DO Share Information With:

Service Providers (Data Processors):

  • Cloud hosting providers (to store data)

  • Payment processors (to process transactions)

  • Email service providers (to send communications)

  • Analytics providers (to analyze usage)

  • Credit bureaus (when you request customer credit reports)

All service providers are contractually obligated to protect your information and use it only for specified purposes.

Legal Requirements: We may disclose information if required by:

  • Court orders or legal process

  • South African law enforcement or regulatory authorities

  • Protection of our legal rights or prevention of harm

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

5.2 We DO NOT:

  • Sell your personal information to third parties

  • Share your information for third-party marketing without consent

  • Disclose your financial data except as necessary to provide Services or as required by law

6. INTERNATIONAL TRANSFERS

Your personal information is primarily stored and processed within South Africa. If we transfer information outside South Africa, we will:

  • Ensure adequate protection measures are in place

  • Comply with POPIA's requirements for cross-border transfers

  • Obtain your consent where required

7. DATA SECURITY

7.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest

  • Secure access controls and authentication

  • Regular security assessments

  • Employee training on data protection

  • Secure data centers and infrastructure

7.2 Limitations

No system is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials.

7.3 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the Information Regulator (if required by POPIA)

  • Notify affected individuals without undue delay

  • Take steps to mitigate harm

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us enhance your experience and analyze usage.

8.2 Types of Cookies We Use

Essential Cookies (Required):

  • Session management

  • Authentication

  • Security

Functional Cookies (Optional):

  • Remember your preferences

  • Enhance user experience

Analytics Cookies (Optional):

  • Understand how visitors use our site

  • Improve website performance

Marketing Cookies (Optional with Consent):

  • Track effectiveness of marketing campaigns

  • Personalize advertising

8.3 Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may impact functionality.

9. YOUR RIGHTS UNDER POPIA

You have the following rights regarding your personal information:

9.1 Right of Access

You may request confirmation of what personal information we hold about you and access to that information.

9.2 Right to Correction

You may request correction of inaccurate or incomplete personal information.

9.3 Right to Deletion

You may request deletion of your personal information in certain circumstances, including:

  • Information no longer necessary for the purpose collected

  • You withdraw consent (where consent was the basis)

  • Information was unlawfully processed

Limitations: We may retain information where required by law or for legitimate business purposes (e.g., financial records for tax compliance).

9.4 Right to Object

You may object to processing based on legitimate interests or for direct marketing purposes.

9.5 Right to Restriction

You may request restriction of processing in certain circumstances.

9.6 Right to Data Portability

You may request your personal information in a structured, commonly used format for transfer to another service provider (where technically feasible).

9.7 Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.

9.8 Right to Complain

You have the right to lodge a complaint with the Information Regulator of South Africa if you believe we have violated your privacy rights.

Information Regulator Contact:

10. EXERCISING YOUR RIGHTS

To exercise any of your rights under POPIA, contact us at:

Email: [Insert Privacy Email] Phone: [Insert Phone] Address: [Insert Physical Address] Attention: Information Officer

We will respond to your request within a reasonable time, and no later than 30 days as required by POPIA. We may request verification of your identity before processing requests.

11. DATA RETENTION

11.1 Retention Periods

We retain personal information for as long as necessary to:

  • Provide Services to you

  • Comply with legal obligations (e.g., tax records: 5 years)

  • Resolve disputes and enforce agreements

  • Fulfill legitimate business purposes

11.2 Deletion

When information is no longer needed, we will:

  • Securely delete or anonymize it

  • Ensure it cannot be reconstructed

  • Comply with any legal retention requirements

12. CHILDREN'S PRIVACY

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware we have collected information from a child, we will delete it promptly.

13. DIRECT MARKETING

13.1 Consent

We will only send you marketing communications if:

  • You have given consent, or

  • You are an existing client and communications relate to similar services

13.2 Opt-Out

You may opt out of marketing communications at any time by:

  • Clicking "unsubscribe" in emails

  • Contacting us directly

  • Updating your account preferences

Opting out does not affect service-related communications necessary for account management.

14. INFORMATION OFFICER

In compliance with POPIA, we have designated an Information Officer responsible for ensuring compliance with data protection laws.

Information Officer: [Insert Name] [Insert Title] Email: [Insert Email] Phone: [Insert Phone] Address: [Insert Physical Address]

15. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy to reflect changes in:

  • Our practices

  • Legal requirements

  • Service offerings

Material changes will be communicated via:

  • Email notification to registered users

  • Prominent notice on our website

  • Updated "Last Updated" date

Continued use of Services after changes constitutes acceptance of the updated Privacy Policy.

16. CONTACT US

For questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Email: [Insert Privacy Email] Phone: [Insert Phone] Physical Address: [Insert Street Address] [Insert City, Postal Code] South Africa

Information Officer: [Insert Name]

17. CONSENT

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED HEREIN.

If you do not agree with this Privacy Policy, please do not use our Services.

18. LANGUAGE

This Privacy Policy is provided in English. In the event of any conflict between English and translated versions, the English version shall prevail.

bottom of page