myquack

Privacy Policy

Protection of Personal Information Act, 2013 (POPIA) notice · Last updated 4 July 2026

This policy explains how Avuno Technologies (Pty) Ltd (“we”, “us”, “myquack”), the operator of myquack (http://myquack.co.za), collects, uses, shares and protects your personal information, and the rights you have under POPIA. We are the “responsible party” for the personal information we process.

Responsible party: Avuno Technologies (Pty) Ltd (registration [company registration number]), [registered business address, South Africa].
Information Officer: Werno Roodt — privacy@myquack.co.za.

1. The personal information we collect

  • Account details — your name, email address, phone number (optional) and a securely hashed password.
  • Provider listing (providers only) — business name, industry and specialisation, description, town/area, and public contact details you choose to publish.
  • Payout details (providers only) — your bank account holder name, account number and bank, used solely to pay out your released escrow funds.
  • Verification documents (providers who choose to verify) — an image or PDF of an official document (e.g. CIPC registration, a trade/qualification certificate, or an ID). See “Automated verification” below.
  • Booking & transaction data — the bookings you make or receive, amounts, escrow status, payouts, and related records.
  • Communications — messages you send us and emails we send you.
  • Technical data — limited log data such as IP address and browser type, used for security and to keep the service running.

We do not collect or store your card or banking login details — card payments are handled entirely by our payment partner (see below).

2. How and why we use it, and our lawful basis

Under POPIA we process your personal information only where we have a lawful basis to do so:

PurposeLawful basis (POPIA)
Create and manage your account; provide the marketplacePerformance of our contract with you
Take bookings, hold funds in escrow and pay providers outPerformance of contract; our legitimate interests
Verify a provider’s business documents (optional)Your consent (you choose to upload)
Send you transactional emails (booking, payment, invoice)Performance of contract
Keep the platform secure and prevent fraudOur legitimate interests; legal obligation
Keep tax and financial recordsCompliance with a legal obligation

Providing your information is voluntary, but some of it is necessary to use myquack — for example, we cannot create an account without a name and email, or pay a provider out without their bank details.

3. Who we share it with (operators & other users)

We share personal information only as needed to run the service, with third parties acting as our “operators” under written agreement, and with the other party to a booking:

  • Payments & escrow — Paystack, to collect payments, hold funds and pay providers out.
  • Email delivery — our transactional email provider (e.g. SendGrid/Twilio), to send booking, payment and invoice emails.
  • Document verification — Anthropic, to perform the automated check described below.
  • Hosting — our cloud hosting provider, where the service and database run.
  • Other users — once a booking is paid, the customer and provider are shown the details needed to fulfil it (such as name and contact details).

We do not sell your personal information, and we do not share it for third-party advertising.

4. Automated verification of documents

If you choose to verify your business, the document you upload is transmitted to our verification provider (Anthropic) and analysed automatically to confirm it looks like a genuine official document and matches your details. We use the result (verified / not verified) and a short reason. We do not store the uploaded document after the check is complete. Verification is optional; you can use myquack without it.

5. Cross-border transfers

Some of our operators (for example our email and verification providers) process data on servers outside South Africa. Where personal information is transferred across borders, we take reasonable steps — including contractual safeguards — to ensure it receives a level of protection comparable to POPIA, as required by section 72. By using verification and email features you consent to these transfers where consent is the applicable basis.

6. How we protect it

  • All traffic is encrypted in transit (HTTPS/TLS, with HSTS enforced).
  • Passwords are stored only as salted one-way hashes — never in plain text.
  • Access to personal information is restricted to what is needed to operate the service.
  • We apply standard security headers and keep our platform and dependencies maintained.

If a security compromise affecting your personal information occurs, we will notify you and the Information Regulator as required by section 22 of POPIA.

7. How long we keep it

We keep your personal information for as long as your account is active and as needed to provide the service. When you request erasure we delete or de-identify your personal information, except records we are required to retain by law — financial and tax records (such as invoices and transaction records) are kept for the period required by the South African Revenue Service and applicable legislation.

8. Your rights under POPIA

As a data subject you have the right to:

  • Be told what personal information we hold about you and request access to it;
  • Ask us to correct or update information that is inaccurate or out of date;
  • Ask us to delete or destroy your information (subject to records we must keep by law);
  • Object to processing, and withdraw consent where processing is based on consent;
  • Not be subject to a decision based solely on automated processing that significantly affects you; and
  • Complain to the Information Regulator.

You can update your details, change preferences, deactivate your account or request erasure from your Account page, or contact our Information Officer at privacy@myquack.co.za.

9. Direct marketing

We currently send only transactional and service messages relating to your account and bookings. We will not send you electronic marketing without your consent, and every marketing message we ever send will include an easy way to opt out.

10. Cookies

We use a small number of strictly necessary cookies: a session cookie to keep you signed in and a security token to protect forms against cross-site request forgery. We do not use third-party advertising or cross-site tracking cookies.

11. Children

myquack is intended for people aged 18 and over. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this policy from time to time. We will change the “Last updated” date above and, for material changes, take reasonable steps to let you know.

13. Contact & complaints

Questions or requests: privacy@myquack.co.za. If you believe we have not handled your personal information lawfully, you may lodge a complaint with:

The Information Regulator (South Africa)
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
Complaints: POPIAComplaints@inforegulator.org.za
Enquiries: enquiries@inforegulator.org.za
inforegulator.org.za

See also our Terms & Conditions.

© 2026 Avuno Technologies (Pty) Ltd
Terms Privacy Contact