App Inlet Privacy Policy

Last Updated: 19th January 2026

Version: 1

This privacy policy sets out how App Inlet collects, uses, stores and otherwise processes personal information and, where applicable, special personal information.

Certain provisions are important and may have legal consequences, including provisions relating to consent, security, cross-border transfers and limitations of liability.

1. Scope and application

1.1 Introduction

1.1.1 App Inlet (Pty) Ltd (“App Inlet”, “we”, “us” or “our”) is a software development business operating from South Africa and providing services to clients locally and internationally.

1.1.2 App Inlet is committed to protecting privacy and to processing Personal Information in a lawful, reasonable and responsible manner in accordance with the Protection of Personal Information Act, 4 of 2013 (“POPIA”) and, where relevant, data-protection principles recognised in other jurisdictions.

1.1.3 This Privacy Policy applies when you: access or use our website (“Website”); engage us to provide services; supply goods or services to us; or otherwise communicate or interact with us in any regard.

1.2 Relationship with other documents

1.2.1 This Privacy Policy must be read together with any Website Terms of Use and any agreements concluded between App Inlet and yourself.

1.2.2 This Privacy Policy supplements those documents and, unless expressly stated otherwise, prevails in the event of a material inconsistency.

2. Consent

2.1 We may collect, record, organise, store, retrieve, use, disclose, transfer or delete Personal Information as described in this Privacy Policy (“Processing”).

2.2 By using the Website or engaging with App Inlet, you acknowledge that your Personal Information may be processed as set out in this Privacy Policy.

2.3 Where processing is based on consent as a lawful basis, you consent to such processing.

2.4 Where processing is based on contractual necessity, legal obligation or legitimate interests, consent is not required.

3. Role of App Inlet

3.1 Depending on the nature of the engagement, App Inlet may act either as:

3.1.1 a responsible party / data controller , where App Inlet determines the purpose and means of Processing; or

3.1.2 an operator / data processor , where Personal Information is processed on behalf of a client in accordance with that client’s instructions.

3.2 Where App Inlet acts as an operator, the relevant client remains responsible for ensuring that Personal Information has been lawfully collected and that all required notices and consents have been obtained from data subjects.

3.3 In such cases, App Inlet processes Personal Information strictly in accordance with the applicable agreement and applicable law.

4. Persons to whom this Privacy Policy applies

4.1 This Privacy Policy applies to Personal Information relating to:

4.1.1 visitors to the Website;

4.1.2 prospective and existing clients;

4.1.3 suppliers, service providers and their representatives;

4.1.4 job applicants (where applicable); and

4.1.5 any other person whose Personal Information is processed in the ordinary course of the Company’s business.

4.2 This Privacy Policy applies regardless of the device used to access the Website.

5. Personal Information

5.1 “Personal Information” means information relating to an identifiable living natural person or, where applicable, an identifiable existing juristic person, as defined in POPIA.

5.2 Depending on the nature of the engagement, App Inlet may process:

5.2.1 names and business contact details;

5.2.2 personal names and identity numbers;

5.2.3 email addresses and telephone numbers;

5.2.4 company and invoicing information;

5.2.5 correspondence and communications;

5.2.6 technical and usage data (including IP address, browser and device data); and

5.2.7 marketing and communication preferences.

5.3 Aggregated or de-identified information does not constitute Personal Information unless it can reasonably be re-identified.

6. Special Personal Information

6.1 Special Personal Information includes information relating to health, biometric data, religion, race or ethnic origin, political persuasion, trade union membership, sex life or criminal behaviour.

6.2 App Inlet does not intentionally collect Special Personal Information via the Website.

6.3 Where such information is processed, it will be done only where permitted by law and subject to appropriate safeguards, and specific agreements in relation to the collection and handling thereof.

7. Collection of Personal Information

7.1 Personal Information may be collected:

7.1.1 directly from you when you contact or engage with us;

7.1.2 automatically through use of the Website (including cookies, logs and analytics);

7.1.3 from publicly available sources, where lawful; or

7.1.4 from third parties providing services to App Inlet

8. Purpose of Processing

8.1 Personal Information is processed for purposes that are lawful and reasonably necessary, including:

8.1.1 responding to enquiries and communications;

8.1.2 delivering software development and technology services;

8.1.3 client onboarding and administration;

8.1.4 invoicing and financial administration;

8.1.5 security, risk management and fraud prevention;

8.1.6 business continuity and record-keeping;

8.1.7 improving the Website and service offerings;

8.1.8 marketing communications, where permitted; and

8.1.9 compliance with legal and regulatory obligations.

9. Automated decision-making

App Inlet does not use Personal Information for automated decision-making or profiling that produces legal or similarly significant effects on individuals.

10. Payment information

The Company does not store payment card details. Where electronic payments are facilitated, this is done through third-party payment service providers in accordance with their own security standards and terms.

11. Mandatory information

11.1 Certain Personal Information (such as name and contact details) is required to respond to enquiries or provide services.

11.2 If such information is not provided, App Inlet may be unable to engage or deliver services.

12. Disclosure of Personal Information

12.1 App Inlet does not sell Personal Information.

12.2 Personal Information may be shared with:

12.2.1 employees, contractors and consultants on a need-to-know basis; professional advisers;

12.2.2 third-party service providers supporting business operations; and

12.2.3 regulatory or governmental authorities where required by law.

12.3 Categories of recipients may include cloud hosting providers, email and collaboration platforms, analytics services, security and backup providers, and professional advisers.

12.4 Reasonable steps are taken to ensure appropriate confidentiality and data-protection obligations apply.

13. Storage and cross-border transfers

13.1 Personal Information may be stored on App Inlet systems, servers, or with reputable third-party service providers.

13.2 Personal Information may be transferred outside South Africa, including to jurisdictions that may not have equivalent data-protection legislation.

13.3 Where this occurs, App Inlet takes reasonably practicable steps to implement appropriate safeguards consistent with applicable law.

14. Hosting and Software-as-a-Service (SaaS)

14.1 App Inlet provides certain software development, technology and support services which may involve the hosting or processing of Personal Information on third-party cloud infrastructure.

14.2 App Inlet does not operate its own data centres and does not provide standalone hosting services.

14.3 Where App Inlet provides software platforms, tools or systems to clients, Personal Information is generally processed on behalf of the relevant client and in accordance with that client’s instructions.

14.4 In such cases, App Inlet acts as an operator (data processor) and the client remains the responsible party (data controller) for the Personal Information processed through the relevant system.

14.5 App Inlet may also process Personal Information as a responsible party in respect of its own internal business operations, including client onboarding, administration, billing, support and communications.

14.6 Personal Information processed in connection with hosting or SaaS services may be stored or accessed using reputable third-party service providers, including cloud hosting, backup, security and collaboration platforms.

14.7 These service providers may be located outside South Africa. Where cross-border processing occurs, App Inlet takes reasonably practicable steps to ensure that appropriate safeguards are in place in accordance with applicable data-protection laws.

14.8 App Inlet implements reasonable technical and organisational measures to protect Personal Information processed through its systems.

14.9 However, no method of electronic storage or transmission is completely secure, and absolute security cannot be guaranteed.

15. Security and breaches

15.1 App Inlet implements reasonable technical and organisational measures to protect Personal Information against loss, unauthorised access or disclosure.

15.2 While reasonable measures are taken, App Inlet cannot guarantee absolute security.

15.3 To the maximum extent permitted by law, App Inlet will not be liable for losses arising from unauthorised access or security breaches beyond its reasonable control

15.4 Where required by law, App Inlet will notify affected data subjects and/or the relevant authority of a security compromise as soon as reasonably possible.

16. Retention

16.1 Personal Information is retained only for as long as reasonably necessary to fulfil the purposes for which it was collected, including compliance with legal, accounting, tax and regulatory requirements, unless a longer retention period is required or permitted by law.

16.2 Retention periods are determined with reference to applicable legislation, contractual requirements and internal record-keeping policies.

17. Accuracy

17.1 Reasonable steps are taken to ensure Personal Information is accurate and up to date.

17.2 You should notify App Inlet if any information is incorrect or outdated.

18. Your rights

18.1 Subject to applicable law, you may request access to, correction or deletion of Personal Information, object to certain processing activities, or withdraw consent where processing is based on consent.

18.2 Requests for access to records are dealt with in accordance with the Promotion of Access to Information Act, 2 of 2000 (PAIA) and App Inlet’s PAIA Manual, which is available for download on our Website at https://appinlet.com/privacy-policy or upon request from our Information Officer.

18.3 International Data Subjects: If you are accessing our services from the European Union (EU) or United Kingdom (UK), you may have additional rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the right to data portability, the right to restrict processing, and the right to lodge a complaint with your local supervisory authority.

19. Cookies and analytics

19.1 The Website may use cookies and basic analytics to improve functionality and performance.

19.2 We may use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device).

19.3 These technologies allow us to recognise your device and customise your experience. Cookies may be managed through browser settings.

20. Children

The Website and services are not directed at persons under 18. App Inlet does not knowingly collect Personal Information of children without lawful consent.

21. Direct marketing

Electronic marketing communications are sent only where permitted by law. You may opt out at any time.

22. Third-party websites

22.1 This Privacy Policy does not apply to third-party websites or services linked to from the Website.

22.2 App Inlet is not responsible for their privacy practices.

23. Legal compliance

23.1 Nothing in this Privacy Policy is intended to limit rights or remedies that cannot be limited under POPIA, the Consumer Protection Act or other applicable laws.

23.2 All provisions are qualified to the extent necessary to ensure legal compliance.

24. General

24.1 This Privacy Policy is governed by the laws of the Republic of South Africa.

24.2 If any provision is found unenforceable, the remaining provisions remain valid.

24.3 App Inlet may update this Privacy Policy from time to time.

24.4 Where changes are material, reasonable steps will be taken to notify affected persons, including by updating the policy on the Website.

25. Queries and complaints

25.1 Privacy-related queries may be directed to App Inlet’s Information Officer at:

25.1.1 Email: info@appinlet.com Telephone: +27 (21) 879 9898

25.2 Complaints may also be lodged with the South African Information Regulator at: https://inforegulator.org.za/