Privacy Policy

SOFTMEET

Last Modified: June 6, 2026 |

INTRODUCTION

Softtechz Technology (Pty) Ltd, trading as SoftMeet ('SoftMeet', 'we', 'us', or 'our'), respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the SoftMeet platform, mobile application, and associated services.

SoftMeet is a SITA-certified (RFB2009) digital communication platform designed to provide data-free communication services to all South Africans. This policy is governed by the Protection of Personal Information Act (POPIA) 4 of 2013 and other applicable South African laws.

By using SoftMeet, you agree to the collection and use of your information as described in this Privacy Policy.

IMPORTANT DATA USAGE NOTICE

Data-Free Services

The following services are provided without data consumption where applicable network agreements exist:

• Text messaging and chat communication (stored on SoftMeet South African servers)

• Basic text-based profile management

• Website navigation and account management

• User authentication and login processes

Data-Required Services

The following services require an active internet connection and will consume your data allowance:

• Image, video, and audio file uploads and viewing (stored on DigitalOcean Spaces)

• Voice and video calls (processed via Agora.io)

• Go Live streaming and viewing

• Marketplace product image browsing

• Coin purchases and gifting transactions (processed via Paystack)

• Event ticket purchases (processed via Paystack)

• Subscription payments (processed via Paystack)

• New user registration including OTP verification (third-party SMS service)

• All push notification receipt (via Firebase FCM, Apple APNs, Huawei HMS, OneSignal)

You are solely responsible for all data costs associated with Data-Required Services. SoftMeet accepts no liability for data charges incurred.

1. INFORMATION WE COLLECT

1.1 Information You Provide Directly

When you create an account or use our services, you may provide:

• Full name and display name

• Email address

• Phone number (used for OTP authentication only)

• Password (encrypted and hashed using bcrypt industry-standard protocols; never stored in plain text)

• Profile picture and cover photo (stored on DigitalOcean Spaces)

• Organisation name (optional)

• Text messages and chat content

• Media files including images, videos, audio recordings, and documents

• Bank account details including bank name, account number, and account holder name (for payment receipt purposes)

• Identity verification documents (where required for financial compliance)

1.2 Payment and Financial Information

For marketplace, events, subscriptions, and coin purchases, we collect:

• Transaction history and payment records

• Payment references and Paystack transaction identifiers

• Bank account details for automatic payment disbursement (stored securely; never shared except with Paystack for payment processing)

• Paystack recipient codes (used to route automatic payments to your bank account)

• Paystack subaccount codes (used for payment splitting between SoftMeet and creators/sellers/organisers)

• Escrow transaction records (marketplace payments held for 30 days)

• Affiliate commission records and referral tracking data

• Coin purchase history and gift transaction records

• Earnings records from marketplace sales, event tickets, subscriptions, and gifts

Card details are never stored by SoftMeet. All card data is processed and stored exclusively by Paystack in compliance with PCI-DSS standards. SoftMeet only receives transaction confirmation and reference numbers from Paystack.

1.3 Device and Technical Information

We automatically collect certain technical information when you use SoftMeet:

• Device type, model, and operating system version

• Unique device identifiers

• Firebase Cloud Messaging (FCM) token — used to deliver push notifications on Android and iOS devices

• Apple Push Notification Service (APNs) token — used to deliver push notifications on iOS devices

• Huawei Mobile Services (HMS) push token — used to deliver push notifications on Huawei devices

• OneSignal player ID — used to manage push notification delivery across all device types

• VoIP push token (iOS only) — used for incoming call notifications on iOS

• IP address and general location data

• Network and connectivity information

• Application performance data and error logs

• Session duration and frequency of use

1.4 Affiliate and Referral Tracking Data

To support our affiliate programme and ensure accurate referral attribution, we collect:

• Referral codes used during registration

• IP address fingerprint at the time of clicking an affiliate link (stored temporarily for up to 24 hours to support deferred deep linking on iOS and Huawei devices)

• Device user agent string at the time of affiliate link click

• Referral attribution records linking referred users to their referring affiliate

• Commission earnings and payment records for affiliates

The IP address fingerprint collected for deferred deep linking is used exclusively to match the affiliate referral when a new user installs and opens the SoftMeet app for the first time. This data is marked as 'used' and retained for audit purposes only after the attribution is completed.

1.5 Location Data

SoftMeet collects location data only when you explicitly choose to share your location in a chat message. Location sharing is entirely voluntary, requires your active consent, and is never collected in the background without your knowledge.

1.6 Contact List

SoftMeet requests permission to access your device contact list to help you find friends on the platform. Your contact list is never uploaded to our servers. Individual phone numbers are checked locally against our database to identify registered SoftMeet users, and the full contact list remains on your device only at all times.

1.7 Virtual Currency (Coins) Data

If you purchase or use SoftMeet Coins, we collect:

• Coin purchase history including amounts and Paystack transaction references

• Coin balance and transaction records

• Gift records including sender, recipient, gift type, and coin value

• Creator earning records derived from gifts received

Coins are a virtual currency with no real-world monetary value outside the SoftMeet platform. Coin purchase data is retained for financial compliance and audit purposes.

2. HOW WE USE YOUR INFORMATION

2.1 Service Delivery

• Providing text-based communication services (data-free where applicable)

• Storing and delivering media content through DigitalOcean Spaces

• Enabling real-time voice and video communication through Agora.io

• Processing marketplace transactions through Paystack

• Managing escrow for marketplace payments during the 30-day dispute window

• Automatically disbursing payments to sellers, organisers, creators, and affiliates

• Delivering push notifications via FCM, APNs, HMS, and OneSignal

• Tracking affiliate referrals and calculating multi-level commissions

• Managing SoftMeet Coins purchases, gifting, and creator payouts

2.2 Account Management

• Authenticating your identity and securing your account

• Verifying bank accounts for payment disbursement

• Providing customer support and resolving disputes

• Recovering accounts and resetting passwords

• Verifying identity for financial compliance (KYC/AML)

2.3 Financial Operations

• Processing payments via Paystack

• Splitting payments between SoftMeet and sellers/creators/organisers (80/20 split)

• Holding marketplace payments in escrow for 30 days

• Automatically releasing payments after the dispute window expires

• Processing dispute refunds via Paystack

• Calculating and paying affiliate commissions across up to 4 levels

• Generating financial records for tax reporting purposes

2.4 Safety and Security

• Preventing fraud, abuse, and financial crimes

• Monitoring transactions for suspicious activity as required by FICA

• Investigating violations of our Terms and Conditions

• Protecting the rights and safety of users and SoftMeet

2.5 Legal and Regulatory Compliance

• Complying with POPIA, FICA, and other applicable South African laws

• Responding to lawful requests from government and law enforcement authorities

• Maintaining financial records for SARS compliance

• Fulfilling SITA certification obligations (RFB2009)

2.6 Service Improvement

• Analysing usage patterns to improve the platform

• Fixing bugs and optimising performance

• Developing new features based on user needs

3. DATA STORAGE AND PROCESSING LOCATIONS

3.1 SoftMeet Servers (South Africa)

The following data is stored on SoftMeet's servers located in South Africa:

• Text messages and chat history

• User account information (non-media)

• Financial transaction records

• Affiliate programme data and commission records

• Coin purchase and gift records

• Marketplace order records

• Dispute records and investigation notes

• Push notification tokens (FCM, APNs, HMS, OneSignal)

• Affiliate click fingerprints (IP address, retained for 24 hours)

3.2 DigitalOcean Spaces (Global Data Centres including India)

The following media data is stored on DigitalOcean Spaces infrastructure:

• Profile pictures and cover photos

• Images, videos, and audio files uploaded by users

• Marketplace product images

• Documents and files shared in chats

Accessing media stored on DigitalOcean requires an active internet connection and will consume your data allowance. DigitalOcean's storage is subject to their terms of service and privacy policy available at https://www.digitalocean.com/legal/privacy-policy.

3.3 Agora.io (Global)

Real-time voice and video call data is processed through Agora.io's global infrastructure. Call content is not stored by SoftMeet. Basic call metadata may be retained for service improvement. Agora.io's processing is subject to their privacy policy available at https://www.agora.io/en/privacy-policy/.

3.4 Paystack (South Africa and International)

All payment transaction data is processed by Paystack Payments (Pty) Ltd, authorised by the South African Reserve Bank. Paystack processes and stores:

• Card details and payment credentials (never stored by SoftMeet)

• Transaction records and payment histories

• Subaccount and recipient information for payment splitting

• Refund records and chargeback information

Paystack's processing is subject to their privacy policy at https://paystack.com/za/privacy and their PCI-DSS compliance standards.

3.5 Firebase (Google) — Global

Firebase Cloud Messaging is used to deliver push notifications to Android and iOS devices. FCM tokens are shared with Firebase/Google solely for notification delivery. Firebase's processing is subject to Google's privacy policy at https://policies.google.com/privacy.

3.6 OneSignal (Global)

OneSignal is used to manage and deliver push notifications across Android, iOS, and Huawei devices. OneSignal player IDs are shared with OneSignal for notification routing. OneSignal's processing is subject to their privacy policy at https://onesignal.com/privacy_policy.

3.7 Huawei AppGallery and HMS (Global)

SoftMeet is available on Huawei AppGallery. HMS push tokens are used to deliver notifications to Huawei devices via Huawei Mobile Services. Huawei's processing is subject to their privacy policy at https://consumer.huawei.com/za/privacy/.

4. DISCLOSURE OF YOUR INFORMATION

4.1 Third-Party Service Providers

We share your information with trusted third-party providers strictly for service delivery purposes:

• Paystack: Bank account details, transaction data, and identity information for payment processing and disbursement

• DigitalOcean: Media files for storage and global content delivery

• Agora.io: Communication data for real-time voice and video calls

• Firebase/Google: FCM tokens for push notification delivery

• OneSignal: Player IDs for cross-platform push notification management

• Huawei: HMS tokens for push notification delivery on Huawei devices

• SMS/OTP providers: Phone numbers for one-time password authentication

We do not sell your personal information to any third party. Information shared with service providers is limited to what is strictly necessary for service delivery.

4.2 Legal Disclosures

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests

• Report suspicious financial transactions to the Financial Intelligence Centre (FIC) as required by FICA

• Cooperate with SARS for tax compliance and reporting

• Respond to requests from the Information Regulator (South Africa)

• Enforce our Terms and Conditions and protect SoftMeet's rights

• Protect the safety of users or the public in emergency situations

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred. We will notify users of any such transfer and any changes to this Privacy Policy with reasonable advance notice.

4.4 Buyer-Seller Information Sharing

For marketplace transactions, limited information is shared between buyers and sellers as necessary to complete the transaction including order details, delivery information, and dispute evidence. Financial details such as bank account numbers are never shared between users.

5. PUSH NOTIFICATIONS AND DEVICE TOKENS

SoftMeet collects and uses the following device tokens to deliver push notifications:

• FCM Token: Collected for Android and iOS devices to deliver notifications via Firebase Cloud Messaging

• APNs Token / VoIP Token: Collected for iOS devices to deliver standard and incoming call notifications via Apple Push Notification Service

• HMS Token: Collected for Huawei devices to deliver notifications via Huawei Mobile Services

• OneSignal Player ID: Collected for all device types to manage notification delivery through OneSignal

These tokens are stored on SoftMeet's South African servers and are used exclusively for notification delivery. They are not shared with any party other than the relevant notification service provider (Firebase, Apple, Huawei, OneSignal).

You may disable push notifications at any time through your device settings. Disabling notifications may affect your ability to receive timely alerts for messages, calls, and transactions.

6. AFFILIATE PROGRAMME AND REFERRAL TRACKING

6.1 Referral Link Tracking

When you share your SoftMeet referral link and another user clicks it, we collect:

• The referring user's username from the referral link

• The clicking user's IP address (retained for up to 24 hours for deferred deep link attribution)

• The clicking user's device user agent string

This information is used solely to attribute the referral correctly when the new user installs and registers on SoftMeet. The IP address fingerprint is deleted after use or after 24 hours, whichever is sooner.

6.2 Deferred Deep Linking

For iOS and Huawei users who click an affiliate link before installing the app, SoftMeet temporarily stores the IP address fingerprint to enable deferred deep linking. When the user opens the app for the first time after installation, the app queries our server using the device's IP address to retrieve the referral code. This process:

• Uses IP address matching only — no other tracking methods

• Stores the fingerprint for a maximum of 24 hours

• Marks the fingerprint as used immediately after attribution

• Is used exclusively for affiliate referral attribution

• Does not track the user's browsing behaviour or activities

6.3 Commission Records

We maintain records of affiliate commissions including amounts, payment dates, and transaction references. These records are retained for a minimum of 5 years for financial compliance purposes.

7. FINANCIAL DATA AND AUTOMATIC PAYMENT PROCESSING

7.1 How We Use Your Bank Account Details

When you add your bank account to SoftMeet, your details are:

• Stored securely on SoftMeet's servers with encryption

• Shared with Paystack to create a payment recipient record for automatic disbursement

• Used exclusively to receive automatic payments from SoftMeet

• Never shared with other users, sellers, buyers, or third parties other than Paystack

SoftMeet does not debit your bank account. Your bank details are used only to credit earnings to your account automatically.

7.2 Automatic Payment Disbursement

SoftMeet's automated payment system processes the following without any manual action required:

• Marketplace seller payments: Released automatically after 30-day dispute window via Paystack transfer

• Event organiser payments: Released immediately upon ticket purchase via Paystack split payment

• Content creator subscription payments: Released immediately upon subscription via Paystack split payment

• Gift earnings for creators: Released automatically upon each gift transaction via Paystack transfer

• Affiliate commissions: Released automatically upon each qualifying referral transaction via Paystack transfer

All automatic disbursements are processed by Paystack and are subject to Paystack's transfer processing times and minimum transfer amounts.

7.3 Escrow Data

For marketplace transactions, payment data is held in escrow for 30 days. During this period, we retain:

• Transaction amount and Paystack reference

• Buyer and seller user identifiers

• Product information and order details

• Seller's Paystack recipient code (snapshotted at time of purchase to ensure correct payment even if seller changes bank details)

• Dispute records if raised

8. YOUR DATA RIGHTS UNDER POPIA

As a data subject under POPIA, you have the following rights:

8.1 Right of Access

You have the right to request a copy of the personal information we hold about you. Requests must be submitted to privacy@softmeet.co.za and will be processed within 30 days.

8.2 Right to Correction

You have the right to request correction of inaccurate or incomplete personal information. You may update most information directly through your account settings or by contacting support@softmeet.co.za.

8.3 Right to Deletion

You have the right to request deletion of your personal information subject to legal retention requirements. Upon account termination:

• Text data: Removed from SoftMeet servers within 30 days

• Media files: Removed from DigitalOcean Spaces within 30 days

• Financial records: Retained for a minimum of 5 years as required by South African law

• Push notification tokens: Deleted upon account termination

• Affiliate click fingerprints: Deleted after 24 hours or upon use

8.4 Right to Object

You have the right to object to the processing of your personal information for marketing purposes. You may opt out of marketing communications through your account settings at any time.

8.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format. Contact privacy@softmeet.co.za to exercise this right.

8.6 Right to Lodge a Complaint

If you believe your privacy rights have been violated, you have the right to lodge a complaint with the Information Regulator (South Africa) at https://www.justice.gov.za/inforeg/.

9. DATA SECURITY

9.1 Technical Safeguards

• Data encrypted in transit using TLS/HTTPS

• Passwords hashed using bcrypt — never stored in plain text

• Database access restricted by IP and credentials

• Payment data processed exclusively by Paystack under PCI-DSS compliance

• Bank account numbers displayed with masking (only last 4 digits shown in admin interfaces)

• API endpoints protected by session authentication

• Transaction references used for duplicate payment prevention

9.2 Administrative Safeguards

• Role-based access control for SoftMeet staff

• Regular security reviews and audits

• Incident response procedures for data breaches

• Staff training on privacy and security obligations

9.3 Important Security Limitation

No security system is completely infallible. While we implement industry-standard security measures, you use our services at your own risk. You are responsible for maintaining the confidentiality of your login credentials and for all activities under your account. Report any suspected unauthorised access immediately to support@softmeet.co.za.

10. DATA RETENTION

We retain your information for the following periods:

• Account data (active): Retained while your account is active

• Account data (deleted): Most data deleted within 30 days of account termination

• Text messages: Retained until account deletion or user deletion of messages

• Media files: Retained until user deletion or account termination

• Financial transaction records: Minimum 5 years as required by South African law

• Bank account and payment recipient data: Retained while account is active and for 5 years after termination

• Affiliate commission records: Minimum 5 years

• Push notification tokens: Deleted upon account termination

• Affiliate click fingerprints (IP): Maximum 24 hours

• Dispute records: Minimum 5 years

• Identity verification documents: As required by FICA regulations

• Opt-out preferences: Retained indefinitely to honour your preferences

11. CHILDREN'S PRIVACY

SoftMeet does not knowingly collect personal information from children under 13 years of age. If you are under 13, do not create an account or use our services. If we become aware that we have collected information from a child under 13 without parental consent, we will delete that information promptly. Parents or guardians who believe their child has provided information should contact support@softmeet.co.za immediately.

12. INTERNATIONAL DATA TRANSFERS

Your data may be transferred internationally for service delivery:

• Media data via DigitalOcean (global data centres including India)

• Call data via Agora.io (global network)

• Payment data via Paystack (South Africa and international banking networks)

• Notification data via Firebase/Google (global), Apple (global), Huawei (global), OneSignal (global)

All international transfers are conducted under appropriate safeguards including contractual protections and adherence to international privacy frameworks. By using SoftMeet, you consent to these international transfers as necessary for service delivery.

13. APP DISTRIBUTION CHANNELS

SoftMeet is distributed through the following official channels:

• Google Play Store (Android): com.sofftechz.softmeet

• Apple App Store (iOS): App ID id6444095964

• Huawei AppGallery: App ID C107313299

SoftMeet is only available through these official channels. We are not responsible for any versions of SoftMeet distributed through unofficial channels.

14. COOKIES AND TRACKING

SoftMeet's website (softmeet.co.za) may use cookies for:

• Session management and authentication

• Affiliate referral code storage (retained for the duration of your browser session)

• Basic analytics to understand website usage

You may disable cookies through your browser settings. Disabling cookies may affect certain website functionality including affiliate referral tracking.

15. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Sending an email notification to your registered email address

• Displaying a prominent notice in the SoftMeet application

• Updating the 'Last Modified' date at the top of this policy

Continued use of SoftMeet after notification of changes constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you must stop using SoftMeet and may delete your account.

Previous versions of this Privacy Policy are available upon request by contacting privacy@softmeet.co.za.

16. LIMITATION OF LIABILITY FOR DATA

To the maximum extent permitted by South African law:

• SoftMeet is not liable for data charges incurred through use of any SoftMeet service

• SoftMeet is not liable for service interruptions caused by DigitalOcean, Agora.io, Paystack, Firebase, OneSignal, Huawei, or any other third-party provider

• SoftMeet is not liable for data loss caused by third-party service failures

• SoftMeet is not liable for unauthorised access caused by your failure to maintain account security

• SoftMeet's total liability for privacy incidents is limited to the greater of R1,000 or fees paid in the preceding 12 months

17. CONTACT INFORMATION

For questions about this Privacy Policy or to exercise your data rights:

General and Support Enquiries

• Company: Softtechz Technology (Pty) Ltd

• Trading As: SoftMeet

• Address: Unit 7, 49 De Havilland Crescent, Persequor, Pretoria, South Africa

• Email: support@softmeet.co.za

• Website: https://softmeet.co.za

Privacy-Specific Enquiries

• Data Protection Officer: support@softmeet.co.za

• Response time: Within 30 days for privacy rights requests

Legal and Compliance

• Legal Department: legal@softmeet.co.za

• SITA Certification Reference: RFB2009

Regulatory Authority

• Information Regulator (South Africa): https://www.justice.gov.za/inforeg/

• Financial Intelligence Centre: https://www.fic.gov.za/