← Back to home

Privacy Policy & POPIA Compliance

Last updated: August 2026

1. Introduction

Venvy ("we", "us", "our") is committed to protecting the privacy of our merchants and their customers. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in accordance with the South African Protection of Personal Information Act 4 of 2013 ("POPIA").

2. Information We Collect

We operate as an operator (processor) on behalf of you, the merchant (the responsible party). The data collected through the WhatsApp commerce integration includes:

• Customer Data: WhatsApp phone numbers, chat history, names, and delivery preferences (such as chosen Courier Guy locker locations).
• Merchant Data: Business details, banking and PayFast credentials (facilitated securely; we do not store full card info), contact email, and owner phone numbers.

3. Use of Personal Information

Customer data is strictly used to facilitate the e-commerce transaction on your behalf. This includes:

• Processing orders and managing carts within WhatsApp.
• Generating payment links via PayFast.
• Creating waybills and tracking shipments with The Courier Guy.
• Sending automated transactional updates (order confirmed, out for delivery).

4. Data Sharing and Third Parties

To provide our service, we integrate with specific compliant third parties:

• Meta (WhatsApp Business API): For message transmission.
• PayFast: For secure payment processing.
• The Courier Guy: For generating waybills and lockers routing.

We do not sell, rent, or trade your customers' personal information to any third parties for marketing purposes.

5. Data Security and Retention

We implement appropriate technical and organisational measures to prevent the loss, damage, or unauthorised access to personal information. We retain transaction records as legally required for financial auditing purposes (typically 5 years in South Africa), after which they are securely archived or destroyed.

6. Your Obligations as a Merchant

Under POPIA, you act as the "Responsible Party". It is your responsibility to ensure you have obtained the necessary consent from your customers to engage with them on WhatsApp and process their data for fulfilling orders. Venvy provides the platform (as an "Operator") to execute these transactions securely.

7. Contact Information

For any data protection inquiries, to request access to information, or to request deletion of records under POPIA, please contact our Information Officer at legal@venvy.co.za.