Privacy Policy

ClickDone respects your privacy and is committed to protecting your Personal Information. This Privacy Policy explains how ClickDone collects, uses, stores, shares, and otherwise processes Personal Information when you access or use our website, mobile application, and related services (collectively, the "Platform"). ClickDone operates as a platform that connects users seeking services ("Customers") with independent service providers and specialists ("Specialists"). In the course of providing the Platform and related services, we may collect and process Personal Information relating to Customers, Specialists, website visitors, and other individuals who interact with us. We are committed to processing Personal Information responsibly, transparently, and in accordance with applicable laws, including the Protection of Personal Information Act, 2013 ("POPIA") of South Africa, and other applicable data protection laws. Please read this Privacy Policy carefully to understand how we handle your Personal Information. By accessing or using the Platform, or by otherwise providing Personal Information to us, you acknowledge that your Personal Information may be processed as described in this Privacy Policy. If you do not agree with this Privacy Policy, you should not access or use the Platform.

ClickDone is a digital platform that connects customers seeking services with independent specialists and service providers. For purposes of this Privacy Policy, "ClickDone", "we", "us", or "our" refers to the entity that owns and operates the Platform and determines the purposes and means of processing Personal Information in connection with the Platform and related services. ClickDone is a private business operating in South Africa and provides its services primarily to users in the South African market. If you have any questions about this Privacy Policy, the way we process your Personal Information, or if you wish to exercise any of your rights in relation to your Personal Information, you may contact us using the details below: Company name: ClickDone Email: info@clickndone.co.za Phone: +27 76 078 25 74 Where required by applicable law, including the Protection of Personal Information Act, 2013 ("POPIA"), ClickDone acts as the responsible party in respect of Personal Information processed through the Platform.

This Privacy Policy applies to the Personal Information processed by ClickDone in connection with your access to and use of the ClickDone website, mobile application, and any related services, features, content, communications, and support functions made available through the Platform. This Privacy Policy applies to Personal Information relating to, among others:

• Customers who post tasks, requests, or service needs through the Platform;
• Specialists who create profiles, apply for tasks, offer services, or otherwise use the Platform for business or work opportunities;
• individuals who visit our website or interact with our Platform without creating an account;
• individuals who communicate with us, including through customer support, email, phone, chat, or other channels; and
• any other persons whose Personal Information is provided to us in connection with the operation of the Platform. This Privacy Policy governs how ClickDone collects, uses, stores, shares, protects, and otherwise processes Personal Information in connection with the operation of the Platform. This Privacy Policy does not apply to the privacy practices of independent Specialists, Customers, payment providers, advertisers, analytics providers, social media platforms, or other third parties that may interact with the Platform or provide services in connection with it, except to the extent that ClickDone itself acts as the responsible party for the relevant processing of Personal Information. Where the Platform contains links to third-party websites, services, or applications, or where third-party services are integrated into the Platform, such third-party services are governed by their own privacy policies and terms, and we encourage you to review those policies before providing Personal Information to them.

In this Privacy Policy, unless the context indicates otherwise, the following terms shall have the meanings set out below: "ClickDone", "we", "us", or "our" means the entity that owns, operates, and manages the ClickDone Platform and acts as the responsible party for purposes of processing Personal Information, where applicable. "Platform" means the ClickDone website, mobile application, and any related services, features, tools, content, communications, and support channels made available by ClickDone. "Customer" means a user who uses the Platform to post a task, request, job, or service requirement, or otherwise seeks to engage a Specialist through the Platform. "Specialist" means an independent service provider, contractor, freelancer, tradesperson, or other user who creates a profile on the Platform in order to apply for tasks, offer services, or perform work for Customers. "Services" means the services, functionality, features, and tools provided by ClickDone through the Platform, including facilitating connections, communications, task postings, applications, payments, ratings, reviews, and related support services. "Personal Information" means information relating to an identifiable, living natural person, and where applicable, an identifiable existing juristic person, as contemplated under applicable law, including POPIA. This may include, depending on the circumstances, a person's name, contact details, identification number, location data, communications, profile information, and other information capable of identifying that person. "Process", "Processed", or "Processing" means any operation or activity concerning Personal Information, whether or not by automatic means, including the collection, receipt, recording, organisation, storage, updating, retrieval, use, dissemination, sharing, merging, restriction, deletion, destruction, or other handling of Personal Information. "Responsible Party" means the person or legal entity which, alone or in conjunction with others, determines the purpose of and means for processing Personal Information, as contemplated under POPIA. "Operator" means a person or entity that processes Personal Information for ClickDone in terms of a contract or mandate, without coming under the direct authority of ClickDone, as contemplated under POPIA. "User" means any person who accesses, browses, registers on, or otherwise uses the Platform, including Customers and Specialists. "POPIA" means the Protection of Personal Information Act, 2013 of South Africa, as amended, replaced, or supplemented from time to time. "Information Regulator" means the Information Regulator of the Republic of South Africa, established in terms of applicable law.

ClickDone may collect and process different categories of Personal Information depending on how you interact with the Platform, whether you are a Customer, a Specialist, a website visitor, or otherwise communicate with us. The types of Personal Information we may collect include the following:

5.1 Information You Provide Directly

We may collect Personal Information that you provide to us directly when you register for an account, create a profile, post a task, apply for a task, communicate with another user, make or receive payments, contact support, or otherwise use the Platform. This information may include:

• your name and surname;
• email address;
• mobile phone number;
• account login credentials, including password or authentication details;
• profile information, including profile photo, biography, skills, qualifications, experience, service categories, and availability;
• residential, business, billing, or service-related address information;
• task descriptions, job requirements, project details, and any content you upload or submit through the Platform;
• quotes, offers, pricing information, and related transaction details;
• communications you send through the Platform, including messages with other users or with ClickDone support;
• ratings, reviews, and feedback you provide or receive;
• information submitted when you participate in surveys, promotions, competitions, or marketing campaigns;
• records of enquiries, complaints, disputes, or other communications with us; and
• any other Personal Information you choose to provide when using the Platform.

5.2 Specialist Verification and Business Information

Where you register or use the Platform as a Specialist, we may collect additional information relevant to your professional profile, your eligibility to provide services, and our trust and safety processes. Such information may include:

• business or trading name;
• company registration details, where applicable;
• copies of identification documents or other verification documents;
• proof of address;
• qualifications, certifications, licences, permits, or accreditations;
• tax-related or invoicing information, where applicable;
• bank account or payout-related information required to facilitate payments; and
• any other information reasonably required for onboarding, verification, fraud prevention, risk management, or regulatory compliance.

5.3 Payment and Transaction Information

When you make or receive payments through the Platform, we may collect or receive transaction-related information. This may include:

• payment amount;
• transaction date and time;
• payment status;
• billing-related information;
• payout information;
• refund information;
• limited payment method details; and
• transaction reference numbers and related records. Payment processing may be carried out by third-party payment service providers on our behalf. Where this is the case, we may not store full card or bank card details ourselves, but we may receive transaction confirmations and related payment data necessary to operate the Platform, manage payments, prevent fraud, resolve disputes, and comply with legal and accounting obligations.

5.4 Information Collected Automatically

When you access or use the Platform, we may automatically collect certain technical and usage information about your device and interactions with the Platform. This information may include:

• IP address;
• device type, model, and identifiers;
• operating system and version;
• browser type and version;
• mobile app version;
• internet service provider or mobile network information;
• language and time zone settings;
• log files and access records;
• date and time of access;
• pages viewed, screens visited, clicks, searches, and other usage activity;
• referral URLs or navigation paths; and
• approximate location information derived from your device or IP address. We collect this information to help us operate, secure, troubleshoot, analyse, and improve the Platform and user experience.

5.5 Location Information

We may collect location-related information where relevant to the functioning of the Platform. This may include:

• the location of a posted task or service request;
• address details provided by Customers or Specialists;
• approximate geolocation derived from IP address or device data; and Location information may be used to help match Customers with relevant Specialists, improve local search results, support service delivery, and enhance platform functionality.

5.6 Communications and User Content

We may collect and store information contained in communications made through the Platform or in connection with the Platform. This may include:

• messages exchanged between Customers and Specialists;
• attachments, photos, or files shared through the Platform;
• customer support correspondence;
• call or chat records, where applicable;
• dispute-related submissions; and
• other content you upload, submit, publish, or share through the Platform. We may use this information for purposes such as facilitating the service, maintaining records, providing support, investigating complaints or disputes, detecting fraud or misconduct, and enforcing our terms and policies.

5.7 Information from Third Parties

We may receive Personal Information about you from third parties where permitted by law and where relevant to the operation of the Platform. Such third parties may include:

• payment service providers;
• identity verification or background screening providers;
• analytics and technology service providers;
• fraud detection and security partners;
• marketing, advertising, or communication partners;
• social media or login integration providers, if applicable; and
• other users who provide information about you in connection with a task, dispute, referral, review, or support request. We may combine information received from third parties with other information we hold about you, in accordance with applicable law.

5.8 Cookies and Similar Technologies

We may use cookies, pixels, SDKs, local storage, and similar technologies on our website and app to collect information about how users interact with the Platform. These technologies may collect information such as:

• session and authentication data;
• device and browser information;
• user preferences;
• analytics and performance data; and
• information relating to advertising or campaign effectiveness, where applicable. Further information about our use of cookies and similar technologies may be provided in this Privacy Policy or in a separate Cookie Policy.

5.9 Information We Do Not Intend to Collect Unnecessarily

We do not intend to collect more Personal Information than is reasonably necessary for the purposes described in this Privacy Policy. Users should avoid sharing unnecessary sensitive or confidential information through the Platform unless it is specifically required and lawfully requested for a legitimate purpose. Where certain information is required for the provision of the Platform or for legal, safety, verification, payment, or compliance purposes, failure to provide such information may limit your ability to use some or all features of the Platform.

ClickDone uses Personal Information for legitimate business, operational, legal, safety, and service-related purposes in connection with the operation of the Platform. We may use Personal Information for the following purposes:

6.1 To Provide and Operate the Platform

We use Personal Information to provide, maintain, and operate the Platform and its features, including to:

• create and manage user accounts;
• enable Customers to post tasks, requests, and service needs;
• enable Specialists to create profiles, apply for tasks, and offer services;
• facilitate matching and interactions between Customers and Specialists;
• process bookings, task-related activities, and other transactions;
• enable messaging and communications through the Platform; and
• provide core platform functionality and user support.

6.2 To Verify Users and Maintain Trust and Safety

We may use Personal Information to verify users and to promote the safety, integrity, and reliability of the Platform, including to:

• verify identity, contact details, profile information, and supporting documents;
• assess eligibility to use certain features of the Platform;
• detect, prevent, and investigate fraud, scams, misleading conduct, abuse, suspicious activity, or other harmful behaviour;
• monitor compliance with our Terms and Conditions, Acceptable Use Policy, and other platform rules;
• investigate complaints, incidents, disputes, or reports made by users or third parties; and
• take appropriate action where required, including warnings, restrictions, suspensions, removals, or other enforcement steps.

6.3 To Process Payments and Related Transactions

We may use Personal Information to facilitate and administer payments and other financial processes connected with the Platform, including to:

• process customer payments;
• facilitate payouts to Specialists;
• manage refunds, reversals, cancellations, and payment-related issues;
• maintain transaction records;
• detect and prevent payment fraud or abuse;
• support reconciliation, financial reporting, and record-keeping; and
• comply with legal, tax, audit, accounting, and regulatory obligations.

6.4 To Communicate with Users

We use Personal Information to communicate with users in connection with their use of the Platform, including to:

• send account, service, and transaction-related notifications;
• communicate about tasks, bookings, applications, offers, or payments;
• respond to enquiries, complaints, and support requests;
• provide updates about policy changes, service changes, or important notices;
• facilitate communications between Customers and Specialists; and
• contact users where necessary for trust and safety, compliance, or dispute-resolution purposes.

6.5 To Improve and Develop the Platform

We may use Personal Information to understand how the Platform is used and to improve our services, including to:

• analyse usage trends, user behaviour, and platform performance;
• troubleshoot bugs, errors, and technical issues;
• develop new features, services, tools, and functionality;
• improve user experience, interface design, and service delivery;
• test and evaluate platform improvements; and
• conduct internal research, reporting, and business analysis.

6.6 To Personalise User Experience

We may use Personal Information to personalise aspects of the Platform and make the service more relevant to users, including to:

• show relevant tasks, specialists, or service opportunities;
• tailor search results and recommendations;
• present location-relevant content or services;
• remember user preferences and settings; and
• improve the relevance of communications and platform interactions.

6.7 To Manage Ratings, Reviews, and Reputation Features

We may use Personal Information to operate reputation and transparency features of the Platform, including to:

• publish and display ratings, reviews, and feedback;
• maintain profile history and completed-task records;
• support users in making informed decisions when selecting or engaging with one another; and
• investigate misuse of ratings, reviews, or profile information.

6.8 For Marketing and Promotional Purposes

Where permitted by applicable law, we may use Personal Information to send users marketing and promotional communications about ClickDone, its services, offers, features, campaigns, or updates. This may include:

• email marketing;
• SMS or push notifications;
• promotional messages relating to new services or features;
• surveys, competitions, or referral campaigns; and
• targeted or interest-based marketing, where applicable. Users may opt out of receiving marketing communications at any time, subject to applicable law and as further described in this Privacy Policy.

6.9 To Comply with Legal and Regulatory Obligations

We may use Personal Information where necessary to comply with applicable laws and legal obligations, including to:

• comply with obligations under South African law, including POPIA where applicable;
• respond to lawful requests from regulators, courts, law enforcement authorities, or other public authorities;
• maintain legally required records;
• enforce our contractual rights and legal claims; and
• protect the rights, property, safety, and legitimate interests of ClickDone, its users, and third parties.

6.10 For Other Lawful Business Purposes

We may also use Personal Information for other lawful and reasonably related purposes consistent with the operation of the Platform, provided that such use is permitted by applicable law and is compatible with the purposes for which the information was collected.

ClickDone processes Personal Information only where there is a lawful basis to do so under applicable law, including the Protection of Personal Information Act, 2013 ("POPIA"), and, where relevant, other applicable data protection laws. Depending on the circumstances, we may process Personal Information on one or more of the following grounds:

7.1 Performance of a Contract

We may process Personal Information where such processing is necessary to enter into, perform, or administer a contract with you, or to provide the Platform and related services you request. This includes, for example, processing necessary to:

• create and manage user accounts;
• enable Customers to post tasks and engage Specialists;
• enable Specialists to apply for and perform tasks;
• facilitate communications between users;
• process payments, payouts, refunds, and related transactions; and
• provide customer support and manage disputes or service-related issues.

7.2 Compliance with Legal Obligations

We may process Personal Information where such processing is necessary for compliance with a legal or regulatory obligation to which ClickDone is subject. This may include processing necessary to:

• comply with applicable laws and regulations;
• maintain accounting, tax, and financial records;
• respond to lawful requests from courts, regulators, law enforcement authorities, or public bodies;
• investigate unlawful conduct or suspected fraud; and
• comply with obligations relating to safety, risk management, consumer protection, or regulatory reporting.

7.3 Legitimate Interests

We may process Personal Information where such processing is necessary for the legitimate interests of ClickDone or a third party, provided that such interests are not overridden by your rights and interests under applicable law. These legitimate interests may include:

• operating, maintaining, and improving the Platform;
• verifying users and maintaining trust and safety on the Platform;
• detecting, preventing, and investigating fraud, abuse, security incidents, and policy violations;
• protecting ClickDone, its users, and third parties from harm or loss;
• developing and improving our services, tools, and features;
• conducting internal analytics, reporting, and business planning; and
• enforcing our Terms and Conditions, policies, and legal rights. Where required, we will consider the nature of the Personal Information, the purpose of the processing, and the impact on your rights before relying on this basis.

7.4 Consent

In some cases, we may process Personal Information based on your consent. This may apply, for example, where:

• you choose to provide optional information through the Platform;
• you consent to receive direct marketing communications, where required by law;
• you enable optional device permissions, such as precise location access; or
• consent is otherwise required under applicable law for a particular type of processing. Where processing is based on consent, you may withdraw your consent at any time, subject to legal and contractual limitations and subject to the lawfulness of processing carried out before such withdrawal.

7.5 Protection of Legitimate Interests of the Data Subject

Where permitted under applicable law, we may process Personal Information where such processing is necessary to protect a legitimate interest of the data subject.

7.6 Other Grounds Permitted by Law

We may also process Personal Information on any other lawful ground permitted under applicable law, where such processing is necessary, reasonable, and proportionate in the circumstances.

ClickDone may communicate with you in connection with your use of the Platform and, where lawful, may also send you marketing and promotional communications.

8.1 Service and Operational Communications

ClickDone may send you service-related and operational communications that are necessary for the provision, administration, security, and support of the Platform. These communications may include communications relating to:

• account registration, login, and verification;
• task postings, applications, offers, bookings, and cancellations;
• payments, payouts, refunds, and transaction confirmations;
• customer support and dispute handling;
• trust and safety matters, fraud prevention, or security alerts;
• changes to the Platform, our services, or our policies; and
• other important administrative or operational matters. These communications are not direct marketing communications and may be sent even if you have opted out of marketing communications.

8.2 Direct Marketing

ClickDone may send you direct marketing communications about ClickDone's services, features, promotions, offers, updates, or campaigns only to the extent permitted by applicable law. Such communications may be sent by means including:

• email;
• SMS;
• push notifications;
• in-app messages; and
• other electronic communications channels permitted by law.

8.3 Consent and Existing Customer Marketing

Where required by applicable law, ClickDone will send electronic direct marketing communications only where:

• you have given your consent; or
• ClickDone is otherwise permitted by law to send such communications to an existing customer in respect of its own similar services. Where ClickDone relies on consent, you are under no obligation to give it, and you may withdraw it at any time. Where ClickDone is permitted by law to send direct marketing to an existing customer without separate prior consent, ClickDone will still provide a reasonable opportunity to object to or opt out of such communications.

8.4 No Sale of Personal Information for Third-Party Marketing

ClickDone does not sell your Personal Information to third parties for their independent direct marketing purposes. ClickDone does not share your Personal Information with third parties for their own direct marketing unless you have separately agreed to such sharing or such sharing is otherwise lawful.

8.5 Opting Out of Marketing Communications

You may opt out of direct marketing communications from ClickDone at any time by:

• clicking the unsubscribe link in a marketing email, where available;
• adjusting your communication preferences in the Platform, where available;
• disabling push notifications through your device or app settings, where applicable; or
• contacting us using the contact details set out in this Privacy Policy. An opt-out request will not affect service-related or legally required communications.

8.6 Personalisation of Communications

Where permitted by law, ClickDone may use limited information such as your general Platform activity, broad service interests, or preferences to make communications more relevant to you. ClickDone does not use sensitive Personal Information for direct marketing unless this is lawful and appropriately authorised.

8.7 Your Choice

You may choose not to receive direct marketing communications from ClickDone. Refusing or withdrawing consent to direct marketing will not affect your ability to use the core features of the Platform, subject to any communications that are necessary for account administration, transactions, safety, support, or legal compliance.

ClickDone may share Personal Information with third parties where necessary for the operation of the Platform, the provision of services, compliance with legal obligations, the protection of users, or for other lawful purposes consistent with this Privacy Policy. We do not sell Personal Information to third parties for their independent commercial use.

9.1 Sharing Between Users of the Platform

Because ClickDone operates as a platform connecting Customers and Specialists, certain Personal Information may be shared between users where necessary to facilitate tasks, communications, bookings, payments, service delivery, trust, and dispute resolution. For example, we may share or make visible to other users:

• your name or display name;
• profile photo;
• profile description, skills, qualifications, service categories, and ratings;
• reviews and feedback;
• task-related information;
• location or service area information;
• quotes, offers, and pricing information;
• communication content exchanged through the Platform; and
• other information you choose to make available through your account or profile. The extent of such sharing will depend on the nature of the service, the functionality of the Platform, and your use of privacy and profile settings where available.

9.2 Service Providers and Operators

We may share Personal Information with third-party service providers, contractors, and operators who process information on our behalf and under our instructions in connection with the operation of the Platform. These may include providers of:

• cloud hosting and infrastructure services;
• website and app development, maintenance, and support;
• payment processing and payout services;
• data storage and backup services;
• analytics and performance monitoring tools;
• customer support tools;
• communication services such as email, SMS, push notification, and chat infrastructure;
• identity verification and fraud-prevention services;
• security, monitoring, and incident response services; and
• professional services such as legal, audit, accounting, and compliance support. We require such service providers, where appropriate, to process Personal Information only for authorised purposes and to implement reasonable security safeguards.

9.3 Payment Providers and Financial Service Partners

We may share Personal Information with third-party payment processors, banks, payout partners, and related financial service providers where necessary to facilitate payments, payouts, refunds, chargeback handling, fraud prevention, reconciliation, and financial compliance. Such information may include:

• name and contact details;
• transaction details;
• billing-related information;
• payout information; and
• information necessary for fraud checks, dispute handling, and compliance purposes.

9.4 Verification, Trust and Safety Partners

We may share Personal Information with third parties that assist us with user verification, identity checks, fraud detection, risk assessment, moderation, trust and safety functions, or compliance checks. This may include the sharing of:

• identity and contact details;
• profile and account information;
• verification documents;
• transaction history;
• device and technical data; and
• other relevant information necessary for safety, security, or compliance purposes.

9.5 Professional Advisers and Corporate Transactions

We may share Personal Information with our professional advisers and representatives, including lawyers, auditors, accountants, insurers, consultants, and similar advisers, where reasonably necessary for legal, tax, regulatory, financial, insurance, corporate governance, or operational purposes. We may also disclose Personal Information in connection with a proposed or actual merger, acquisition, restructuring, financing, sale of assets, business transfer, or similar corporate transaction, subject to appropriate safeguards and to the extent permitted by law.

9.6 Legal and Regulatory Disclosures

We may disclose Personal Information where we believe such disclosure is necessary or appropriate to:

• comply with applicable law, regulation, court order, subpoena, or lawful request from a public authority;
• cooperate with law enforcement agencies, regulators, or government bodies;
• establish, exercise, or defend legal rights or claims;
• investigate suspected unlawful activity, fraud, misconduct, or breaches of our terms or policies; or
• protect the rights, property, safety, or legitimate interests of ClickDone, our users, or third parties.

9.7 With Your Consent or at Your Direction

We may share Personal Information with third parties where you have given us your consent to do so, or where you instruct or authorise us to share such information. This may include cases where you choose to use integrations, participate in promotions, make information public through the Platform, or otherwise request or permit disclosure.

9.8 Aggregated, De-Identified, or Anonymised Information

We may share aggregated, statistical, de-identified, or anonymised information that does not reasonably identify you, where permitted by law, for purposes such as analytics, research, reporting, product development, business planning, or marketing.

9.9 Cross-Border Sharing

Some recipients of Personal Information may be located outside South Africa. Where Personal Information is shared across borders, ClickDone will take reasonable steps to ensure that such transfers are carried out in accordance with applicable law and subject to appropriate safeguards.

9.10 Limits on Disclosure

ClickDone seeks to limit the sharing of Personal Information to what is reasonably necessary for the relevant purpose. Where required by law, we will take appropriate contractual, organisational, and technical measures to protect Personal Information disclosed to third parties.

ClickDone may facilitate payments made by Customers and payouts made to Specialists in connection with tasks, services, bookings, cancellations, refunds, and other transactions carried out through the Platform.

10.1 Payment Processing

Payments made through the Platform may be processed by third-party payment service providers, payment gateways, banks, payout partners, or other financial service providers engaged by ClickDone. Such providers may process payment-related information in accordance with their own privacy policies, terms, and regulatory obligations. ClickDone may receive and process payment-related information necessary to facilitate transactions, maintain records, prevent fraud, resolve disputes, and operate the Platform.

10.2 Information We May Process in Connection with Payments

In connection with payments and payouts, ClickDone may collect, receive, use, store, or share payment-related Personal Information, including:

• payer and payee name;
• billing or payout contact details;
• transaction amount;
• transaction date and time;
• payment status;
• payout status;
• refund or reversal information;
• limited payment method details;
• bank account or payout details, where required for Specialist payouts;
• transaction reference numbers; and
• records relating to cancellations, disputes, complaints, or payment investigations.

10.3 Use of Payment Information

ClickDone may use payment-related information for purposes including:

• facilitating customer payments and Specialist payouts;
• confirming, recording, and administering transactions;
• holding, releasing, reversing, or refunding payments in accordance with Platform rules and applicable terms;
• managing cancellations, failed transactions, payment disputes, and chargebacks;
• detecting, preventing, and investigating fraud, payment abuse, suspicious activity, or other misuse of the Platform;
• maintaining financial, tax, accounting, and audit records;
• complying with legal, regulatory, and compliance obligations; and
• enforcing our rights under our Terms and Conditions and other applicable policies.

10.4 Third-Party Payment Providers

Where payment services are provided by third parties, ClickDone does not necessarily collect or store full card details or other full payment instrument details itself. Instead, such information may be collected and processed directly by the relevant payment provider in accordance with its own security procedures and legal obligations. ClickDone may nevertheless receive transaction confirmations, masked payment information, billing information, payout data, and other payment-related records necessary for the operation of the Platform.

10.5 Holding and Release of Funds

Where the Platform uses a payment-holding, escrow-like, or staged payment model, ClickDone may facilitate the temporary holding and subsequent release of funds in accordance with the applicable terms of the Platform, the relevant transaction flow, dispute processes, cancellation rules, and any applicable legal or regulatory requirements. This may include the temporary restriction, delay, reversal, or withholding of payments where reasonably necessary for fraud prevention, dispute handling, compliance review, risk management, or enforcement of Platform rules.

10.6 Payouts to Specialists

To facilitate payouts to Specialists, ClickDone may require Specialists to provide certain payout-related information, such as bank account details, beneficiary details, or other information reasonably necessary to process lawful payouts. Specialists are responsible for ensuring that payout information provided to ClickDone is accurate, complete, and up to date. ClickDone is not responsible for losses arising from incorrect payout information provided by a user, except to the extent required by law.

10.7 Fraud Prevention and Risk Management

ClickDone may monitor payment activity and use payment-related information to detect, prevent, and investigate fraud, suspicious transactions, abuse of refunds or chargebacks, policy violations, and other harmful or unlawful conduct. Where reasonably necessary, ClickDone may suspend, delay, limit, review, or decline certain transactions or payouts pending verification, investigation, risk assessment, or legal compliance checks.

10.8 Record Retention and Compliance

ClickDone may retain payment and transaction records for as long as reasonably necessary for operational purposes, dispute handling, fraud prevention, enforcement, accounting, tax, audit, legal, and regulatory compliance purposes, in accordance with applicable law.

10.9 Responsibility of Users

Users are responsible for reviewing transaction details carefully and ensuring that payment, billing, and payout information provided through the Platform is accurate and lawful. Users should not submit payment information belonging to another person unless they are authorised to do so. Users must also comply with the Platform's Terms and Conditions, Acceptable Use Policy, and any rules governing payments, refunds, and payouts.

ClickDone may process Personal Information for identity verification, trust, safety, fraud prevention, risk management, and platform integrity purposes. Because ClickDone operates as a platform connecting Customers and Specialists, we may take reasonable steps to verify certain users, assess risk, prevent misuse of the Platform, and promote a safer and more reliable environment for all users.

11.1 Identity Verification

ClickDone may request, collect, and process information necessary to verify the identity of users, particularly Specialists, or where verification is otherwise required for access to certain features, transactions, payments, dispute resolution, trust and safety checks, or legal compliance. This may include:

• full name;
• date of birth;
• phone number and email address;
• profile information;
• copies of identity documents;
• proof of address;
• photographs or selfies submitted for verification purposes;
• business registration or trading information, where applicable;
• qualifications, licences, permits, certifications, or professional credentials; and
• any other information reasonably required to verify identity, eligibility, authenticity, or authority. Verification does not constitute an endorsement, guarantee, certification, or warranty by ClickDone regarding any user, their identity, qualifications, conduct, or suitability.

11.2 Trust and Safety Measures

ClickDone may use Personal Information to maintain trust and safety on the Platform, including to:

• verify account authenticity;
• reduce the risk of impersonation, fraud, scams, spam, and misleading conduct;
• detect and prevent abusive, unsafe, unlawful, or suspicious activity;
• identify attempts to misuse the Platform, payment systems, messaging tools, or review features;
• support moderation, enforcement, and compliance actions;
• investigate complaints, reports, disputes, or incidents;
• protect the rights, safety, and property of ClickDone, its users, and third parties; and
• maintain the overall integrity and reliability of the Platform.

11.3 Screening, Review, and Risk Assessment

Where permitted by law and reasonably necessary, ClickDone may use Personal Information, alone or in combination with information from third-party providers, to conduct verification checks, account reviews, fraud screening, or risk assessments. This may include the use of:

• identity verification providers;
• fraud-prevention and security tools;
• payment-related risk indicators;
• device and technical signals;
• account activity history;
• reports from other users; and
• other information relevant to assessing platform safety, abuse risk, or compliance concerns. Some verification, screening, moderation, or fraud-detection processes may involve automated tools, manual review, or a combination of both.

11.4 Trust, Safety, and Compliance Actions

Where reasonably necessary, ClickDone may use Personal Information to take trust, safety, or compliance-related action, including to:

• request additional information or documents;
• place restrictions on certain account features;
• delay or hold payments or payouts pending review;
• remove content, listings, profiles, reviews, or messages;
• issue warnings;
• suspend or terminate accounts; and
• report suspected unlawful conduct or cooperate with regulators, law enforcement, or other competent authorities where required or permitted by law.

11.5 Reviews, Complaints, and Incident Handling

ClickDone may process Personal Information submitted in connection with complaints, disputes, safety reports, misconduct allegations, suspected fraud, or other incidents involving use of the Platform. This may include information provided by Customers, Specialists, witnesses, support staff, payment providers, verification partners, or other relevant third parties. We may use such information to investigate matters, make decisions, respond to reports, enforce platform policies, and support dispute resolution or legal compliance processes.

11.6 Third-Party Verification and Safety Providers

ClickDone may engage third-party service providers to assist with identity verification, fraud prevention, security monitoring, screening, moderation support, or related trust and safety functions. Where this occurs, such providers may process Personal Information on our behalf and subject to contractual and legal safeguards. Their processing will be limited to authorised purposes related to the operation, safety, integrity, and compliance of the Platform.

11.7 Accuracy and User Responsibility

Users are responsible for ensuring that information and documents submitted for verification or trust and safety purposes are accurate, current, complete, and not misleading. Providing false, fraudulent, altered, misleading, or unauthorised information may result in rejection of verification, restriction of access, suspension or termination of the account, withholding of payments, or other action permitted under ClickDone's Terms and Conditions, Acceptable Use Policy, or applicable law.

11.8 No Guarantee of User Conduct

While ClickDone may implement verification, screening, monitoring, and trust and safety measures, no platform can guarantee the identity, conduct, quality, legality, or reliability of any user, task, service, communication, or transaction. Users remain responsible for exercising appropriate caution, judgment, and due diligence when interacting with others through the Platform.

ClickDone may enable Customers and Specialists to communicate with one another through the Platform in connection with tasks, service requests, offers, bookings, payments, updates, and other platform-related matters.

12.1 User Communications Through the Platform

Users may communicate through features such as in-app messaging, chat, notifications, attachments, support channels, or other communication tools made available through the Platform. These communications may include:

• questions and responses about tasks or services;
• quotations, offers, and pricing discussions;
• scheduling and availability discussions;
• updates regarding progress or completion of a task;
• files, images, documents, or other content shared between users; and
• communications relating to disputes, complaints, cancellations, or payment issues.

12.2 Collection and Storage of Communications

ClickDone may collect, store, access, and process communications exchanged through the Platform, as well as related metadata, where reasonably necessary for the operation of the Platform and for lawful business purposes. This may include:

• message content;
• attachments and files;
• date and time records;
• sender and recipient information;
• communication status information; and
• technical logs or related records.

12.3 Purposes for Processing Communications

ClickDone may process communications between users for purposes including:

• enabling and facilitating communication through the Platform;
• supporting service delivery and task coordination;
• maintaining records of platform activity;
• responding to support requests and user enquiries;
• investigating disputes, complaints, or incidents;
• detecting, preventing, and investigating fraud, scams, abuse, harassment, policy violations, or unlawful conduct;
• enforcing our Terms and Conditions, Acceptable Use Policy, and other platform rules;
• improving platform functionality, communication tools, and support processes; and
• complying with legal or regulatory obligations.

12.4 Monitoring and Review

ClickDone does not generally seek to actively monitor every communication between users on a continuous basis. However, we may review, access, analyse, or disclose communications where reasonably necessary for trust and safety purposes, customer support, fraud prevention, dispute resolution, legal compliance, enforcement of our policies, or protection of ClickDone, its users, or third parties.

12.5 User Responsibility in Communications

Users are responsible for the content of their communications and for using communication tools lawfully, respectfully, and in accordance with ClickDone's Terms and Conditions, Acceptable Use Policy, and other applicable rules. Users must not use Platform communications to:

• harass, abuse, threaten, or mislead others;
• send unlawful, fraudulent, defamatory, or offensive content;
• impersonate another person or misrepresent their identity or authority;
• share malicious software, harmful files, or unlawful content;
• engage in spam, unsolicited promotions, or prohibited off-platform solicitation; or
• share another person's Personal Information without appropriate authority or lawful basis.

12.6 Sensitive and Confidential Information

Users should avoid sharing unnecessary sensitive, confidential, or highly personal information through Platform communications unless this is strictly necessary for a legitimate and lawful purpose connected with the relevant task or service. While ClickDone takes reasonable steps to protect Personal Information, no communication system can be guaranteed to be completely secure, and users should exercise caution when sharing information through the Platform.

12.7 Communications with ClickDone Support

Where users communicate with ClickDone support, trust and safety teams, or other ClickDone representatives, such communications may be recorded, stored, and processed for support, training, quality assurance, incident handling, dispute resolution, fraud prevention, legal compliance, and related operational purposes.

ClickDone may make certain profile information, ratings, reviews, and other reputation-related content visible to other users of the Platform in order to support transparency, trust, informed decision-making, and the effective operation of the Platform.

13.1 Public and Visible Profile Information

Depending on how the Platform functions and the type of account you create, certain information associated with your profile may be visible to other users or, in some cases, to the public. This may include:

• your first name, display name, or business name;
• profile photo;
• profile description or biography;
• service categories, skills, qualifications, licences, certifications, or experience;
• service area or general location information;
• badges, verification indicators, or profile status markers;
• completed task history or task-related summary information;
• ratings, reviews, feedback, and response metrics; and
• other information you choose to include in your public-facing profile. The extent to which profile information is visible may depend on your account type, the relevant platform feature, and the privacy or profile settings available from time to time.

13.2 Ratings and Reviews

ClickDone may enable Customers and, where applicable, Specialists to leave ratings, reviews, feedback, or other forms of reputation-related content following a completed task, transaction, or interaction on the Platform. Ratings and reviews may include:

• star ratings or similar scoring systems;
• written feedback;
• comments on quality, reliability, communication, responsiveness, or overall experience; and
• other content submitted through the Platform's review features. Such ratings and reviews may be displayed on a user's profile, in task-related contexts, or elsewhere on the Platform to help other users make informed choices.

13.3 Use of Reviews, Ratings, and Profile Information

ClickDone may collect, use, store, display, process, and share reviews, ratings, profile information, and related content for purposes including:

• operating profile and reputation features of the Platform;
• promoting transparency and accountability between users;
• helping Customers and Specialists assess one another before entering into transactions;
• highlighting experience, responsiveness, or reliability indicators;
• supporting trust and safety processes;
• investigating complaints, misuse, fraud, manipulation, or policy violations; and
• improving the functionality, fairness, and usefulness of our reputation systems.

13.4 Accuracy and Responsibility for User-Generated Content

Users are responsible for ensuring that ratings, reviews, profile content, and other feedback submitted by them are accurate, lawful, fair, and not misleading. Users must not post content that is false, defamatory, abusive, discriminatory, unlawful, threatening, harassing, fraudulent, or otherwise in breach of ClickDone's Terms and Conditions, Acceptable Use Policy, or applicable law. Users must also not manipulate, falsify, buy, sell, fabricate, or otherwise improperly influence reviews, ratings, profile metrics, or reputation features.

13.5 Moderation and Removal

ClickDone may review, moderate, restrict, remove, redact, or refuse to publish ratings, reviews, profile content, or other user-generated content where reasonably necessary to:

• enforce our Terms and Conditions, Acceptable Use Policy, or other platform rules;
• address unlawful, harmful, abusive, misleading, irrelevant, or inappropriate content;
• prevent fraud, manipulation, impersonation, or review abuse;
• protect the rights, safety, reputation, or legitimate interests of ClickDone, its users, or third parties; or
• comply with legal or regulatory obligations. ClickDone is not obliged to pre-screen all reviews, ratings, or profile content, but reserves the right to take action where appropriate.

13.6 Retention and Continued Display

Reviews, ratings, and certain profile-related content may remain visible on the Platform for as long as reasonably necessary for the operation of the Platform, trust and safety purposes, recordkeeping, dispute resolution, legal compliance, or legitimate business interests, subject to applicable law. Even where an account is suspended, deactivated, or closed, ClickDone may retain and, where lawful and appropriate, continue to display certain historic ratings, reviews, or limited profile-related information where this is necessary to maintain the integrity of the Platform, preserve transaction history, prevent fraud, or comply with legal obligations.

13.7 No Guarantee of Accuracy

Although ClickDone may take reasonable steps to support the integrity of ratings, reviews, and profile information, we do not guarantee that any review, rating, badge, verification marker, or profile statement is complete, accurate, current, or free from error. Users remain responsible for exercising their own judgment and due diligence when relying on reviews, ratings, profile information, or other reputation indicators on the Platform.

ClickDone may use cookies and similar technologies on its website, mobile application, and related services to support the operation of the Platform, improve user experience, analyse usage, enhance security, and deliver relevant content and communications where permitted by law.

14.1 What Are Cookies and Similar Technologies

Cookies are small text files placed on your device when you visit a website. Similar technologies may include pixels, tags, web beacons, software development kits (SDKs), local storage, device identifiers, and other technologies that collect or store information on or about your device or your interactions with the Platform. In this Privacy Policy, references to "cookies and similar technologies" include these related tools where applicable.

14.2 How We Use Cookies and Similar Technologies

ClickDone may use cookies and similar technologies for purposes including:

• enabling core Platform functionality;
• recognising users and maintaining login sessions;
• remembering user preferences and settings;
• improving site and app performance;
• understanding how users interact with the Platform;
• measuring traffic, engagement, and feature usage;
• supporting troubleshooting, diagnostics, and security;
• detecting fraud, abuse, or suspicious activity;
• improving content, navigation, and overall user experience; and
• supporting marketing, campaign measurement, and communications, where permitted by law.

14.3 Types of Cookies and Similar Technologies We May Use

Depending on the Platform and the relevant functionality, we may use the following categories of cookies and similar technologies: Strictly Necessary Cookies These are required for the operation of the Platform and enable essential functions such as account login, authentication, security, navigation, and access to secure areas. Functional Cookies These help remember your preferences, settings, and choices, and allow the Platform to provide enhanced and more personalised features. Analytics and Performance Cookies These help us understand how users interact with the Platform, including which pages or features are used, how users move through the Platform, and whether errors occur. This helps us improve performance, usability, and service quality. Security and Fraud Prevention Technologies These may be used to help detect suspicious activity, maintain account integrity, prevent abuse, and protect the Platform and its users. Advertising or Campaign Technologies Where applicable and permitted by law, we may use cookies and similar technologies to measure the effectiveness of campaigns, understand referrals, and improve the relevance of marketing communications or promotional content.

14.4 Information Collected Through Cookies and Similar Technologies

Cookies and similar technologies may collect or help us infer information such as:

• IP address;
• device type and identifiers;
• browser type and settings;
• operating system;
• pages or screens viewed;
• date and time of access;
• interactions with features, content, or communications;
• referral source;
• language and regional settings;
• session information; and
• general usage and performance data.

14.5 Third-Party Cookies and Technologies

Some cookies and similar technologies used on the Platform may be provided by third-party service providers, such as analytics providers, communications service providers, payment providers, security partners, or marketing and advertising partners. These third parties may collect information through their own technologies in accordance with their own privacy policies and contractual arrangements with ClickDone. ClickDone does not control third-party cookies or technologies used on third-party websites or services.

14.6 Your Choices and Controls

You may be able to control or limit the use of certain cookies and similar technologies through:

• your browser settings;
• device settings;
• in-app permissions;
• cookie banners or consent tools, where available; and
• other privacy or preference controls made available by ClickDone or your device/platform provider. Please note that disabling or blocking certain cookies or similar technologies may affect the functionality, security, performance, or availability of some parts of the Platform.

14.7 Consent Where Required

Where required by applicable law, ClickDone will request your consent before placing or using non-essential cookies or similar technologies on your device. Where consent is used as the lawful basis, you may withdraw it at any time through the available settings or controls, subject to the technical limitations of the relevant platform or device.

14.8 Updates to Our Use of Cookies

ClickDone may update its use of cookies and similar technologies from time to time as the Platform develops, new tools are introduced, or legal requirements change. Further information may be provided in this Privacy Policy, through cookie notices, or in a separate Cookie Policy if adopted in the future.

ClickDone may transfer, store, access, or process Personal Information outside the Republic of South Africa where reasonably necessary for the operation of the Platform, the provision of services, the use of third-party service providers, or other lawful business purposes.

15.1 When Cross-Border Transfers May Occur

Personal Information may be transferred to, stored in, or accessed from jurisdictions outside South Africa in circumstances including where:

• ClickDone uses cloud hosting, infrastructure, storage, or backup providers located outside South Africa;
• third-party service providers, operators, or contractors process information from outside South Africa;
• payment, verification, security, analytics, customer support, messaging, or technical service providers operate internationally;
• ClickDone personnel, advisers, or authorised representatives access information from another jurisdiction; or
• a user accesses the Platform from outside South Africa or interacts with service providers or systems located abroad.

15.2 Purpose of Cross-Border Transfers

ClickDone may transfer Personal Information across borders for purposes including:

• hosting and maintaining the Platform;
• storing and securing data;
• providing app, website, messaging, and support functionality;
• processing payments and payouts;
• carrying out identity verification, fraud prevention, and trust and safety functions;
• performing analytics, diagnostics, and product improvement activities;
• obtaining professional, legal, regulatory, audit, or compliance support; and
• otherwise operating the Platform and related services efficiently and lawfully.

15.3 Safeguards for Cross-Border Transfers

Where Personal Information is transferred outside South Africa, ClickDone will take reasonable steps to ensure that such transfer is carried out in accordance with applicable law, including POPIA where applicable. Such steps may include, where appropriate:

• transferring Personal Information to a recipient that is subject to laws, binding corporate rules, or an agreement that provide an adequate level of protection;
• entering into contractual arrangements with recipients requiring them to protect Personal Information and process it only for authorised purposes;
• assessing the nature of the information, the purpose of the transfer, and the risks associated with the transfer;
• implementing reasonable technical and organisational safeguards; and
• relying on another lawful basis for transfer permitted by applicable law.

15.4 Service Providers and International Operations

Some of ClickDone's service providers, operators, or partners may operate from multiple jurisdictions or may use systems and infrastructure distributed across different countries. As a result, Personal Information may be processed in countries that may not have the same data protection laws as South Africa. Where this occurs, ClickDone will seek to ensure that Personal Information remains subject to appropriate protections consistent with applicable law and the requirements of this Privacy Policy.

15.5 User Acknowledgement

By using the Platform or providing Personal Information to ClickDone, you acknowledge that your Personal Information may be transferred to, stored in, or processed in countries outside South Africa, subject to the safeguards and protections described in this Privacy Policy and as permitted by applicable law.

15.6 Limits and Risk

While ClickDone takes reasonable steps to protect Personal Information in connection with international and cross-border transfers, no method of transmission, storage, or cross-border processing can be guaranteed to be completely secure. ClickDone will nevertheless implement reasonable safeguards designed to protect Personal Information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

ClickDone retains Personal Information only for as long as is reasonably necessary to fulfil the purposes for which it was collected, including for the operation of the Platform, the provision of services, trust and safety, dispute resolution, legal compliance, and legitimate business purposes.

16.1 General Retention Principle

We retain Personal Information for no longer than is necessary to achieve the lawful purposes described in this Privacy Policy, unless a longer retention period is required or permitted by applicable law, or is necessary for a lawful business purpose. In determining the appropriate retention period, ClickDone may take into account factors such as:

• the nature and sensitivity of the Personal Information;
• the purpose for which the information was collected and processed;
• whether the information is needed to provide ongoing services or maintain an account;
• legal, regulatory, tax, accounting, audit, or reporting obligations;
• fraud prevention, security, trust and safety, and risk management needs;
• the possibility of disputes, complaints, investigations, or legal claims; and
• operational requirements and the legitimate interests of ClickDone.

16.2 Account and Profile Information

ClickDone may retain account registration information, profile information, preferences, and related records for as long as your account remains active and for a reasonable period thereafter where necessary to:

• maintain business and transaction records;
• respond to complaints, disputes, or legal claims;
• detect and prevent fraud, abuse, or repeat misconduct;
• enforce our Terms and Conditions and platform policies; and
• comply with legal or regulatory obligations.

16.3 Transaction and Payment Records

ClickDone may retain payment, payout, billing, refund, chargeback, and transaction-related records for as long as reasonably necessary for:

• financial administration and reconciliation;
• tax, accounting, and audit purposes;
• fraud prevention and risk management;
• dispute resolution and chargeback handling;
• legal or regulatory compliance; and
• the establishment, exercise, or defence of legal rights.

16.4 Communications and Support Records

Messages, chat records, support communications, complaint records, dispute submissions, and related communications may be retained for as long as reasonably necessary to:

• provide customer support;
• investigate incidents, complaints, or disputes;
• maintain trust and safety on the Platform;
• enforce our terms and policies;
• improve our services and support processes; and
• comply with legal obligations or respond to lawful requests.

16.5 Verification and Trust & Safety Information

Information collected for identity verification, fraud prevention, security monitoring, moderation, or trust and safety purposes may be retained for as long as reasonably necessary to:

• complete verification processes;
• maintain account integrity and platform security;
• investigate suspicious, unlawful, or harmful activity;
• prevent repeat abuse or fraud;
• support regulatory or legal obligations; and
• protect ClickDone, its users, and third parties.

16.6 Reviews, Ratings, and Reputation Information

Ratings, reviews, public profile information, and related reputation records may be retained for as long as reasonably necessary to preserve the integrity, transparency, and functionality of the Platform, including after account closure where lawful and appropriate. This may be necessary to:

• maintain historical transaction context;
• support trust and safety measures;
• prevent fraud or manipulation;
• respond to complaints or legal claims; and
• preserve legitimate platform records.

16.7 Deletion, De-Identification, and Anonymisation

When Personal Information is no longer reasonably required for the purposes for which it was collected, ClickDone will take reasonable steps to delete, destroy, de-identify, or anonymise such information, unless retention is required or permitted by law. In some cases, technical, legal, regulatory, operational, or backup-related constraints may mean that deletion is not immediate. In such cases, ClickDone will take reasonable steps to protect the information and limit further processing until deletion or de-identification can be completed.

16.8 Account Closure and Residual Retention

If you close your account or request deletion of your Personal Information, ClickDone may still retain certain information where necessary for lawful purposes, including:

• compliance with legal, regulatory, tax, or accounting obligations;
• fraud prevention and security;
• dispute resolution and enforcement;
• the establishment, exercise, or defence of legal claims;
• maintenance of transaction history and audit trails; and
• other lawful and legitimate business purposes.

16.9 Backups and Archived Systems

Personal Information may remain in backup systems, archived copies, logs, or disaster recovery environments for a limited period after deletion from active systems, subject to appropriate security safeguards and retention controls.

16.10 Retention Review

ClickDone may periodically review the Personal Information it holds and the retention periods applied to such information in order to ensure that information is not retained longer than reasonably necessary and that retention practices remain appropriate, lawful, and proportionate.

ClickDone takes the security of Personal Information seriously and implements reasonable technical, organisational, and administrative measures designed to protect Personal Information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

17.1 Security Measures

ClickDone may implement security measures including, where appropriate:

• access controls and authentication measures;
• role-based restrictions on access to Personal Information;
• secure hosting and infrastructure protections;
• encryption or other safeguards for data in transit and, where appropriate, at rest;
• monitoring, logging, and security review processes;
• secure backup and recovery procedures;
• malware protection, vulnerability management, and patching practices;
• fraud prevention and account protection measures; and
• internal policies, procedures, and staff awareness measures relating to data protection and information security. The specific security measures used by ClickDone may change from time to time depending on the nature of the Platform, the sensitivity of the information, technological developments, and evolving security risks.

17.2 Access Limitation

ClickDone seeks to limit access to Personal Information to those employees, contractors, operators, service providers, and authorised representatives who reasonably require such access for legitimate business, technical, operational, support, legal, compliance, trust and safety, or security purposes. Persons who process Personal Information on behalf of ClickDone are expected to be subject to appropriate duties of confidentiality and data protection obligations where applicable.

17.3 User Responsibility for Account Security

Users are responsible for helping to protect the security of their own accounts and Personal Information. You should:

• keep your login credentials confidential;
• choose a strong password and update it where appropriate;
• not share your password or authentication details with others;
• log out of your account on shared or public devices;
• notify ClickDone promptly if you suspect unauthorised access to your account or any security incident; and
• take reasonable care when sharing Personal Information through the Platform. ClickDone is not responsible for losses arising from a user's failure to maintain the confidentiality or security of their account credentials, except to the extent required by law.

17.4 No Absolute Guarantee

Although ClickDone takes reasonable steps to protect Personal Information, no method of transmission over the internet, electronic storage, mobile platform, or security system can be guaranteed to be completely secure. Accordingly, while we strive to protect Personal Information using reasonable safeguards, ClickDone cannot guarantee absolute security and does not warrant that Personal Information will never be accessed, disclosed, altered, or destroyed in a manner inconsistent with our security measures.

17.5 Security Incidents and Response

If ClickDone becomes aware of a security incident affecting Personal Information, we may take such steps as we consider reasonably necessary in the circumstances, including investigating the incident, containing the risk, mitigating harm, restoring system integrity, and notifying affected persons and/or competent authorities where required by applicable law.

17.6 Third-Party Services

Where ClickDone uses third-party service providers, operators, or infrastructure partners, we take reasonable steps to work with providers that are expected to implement appropriate security safeguards. However, ClickDone is not responsible for the independent security practices of third-party providers, except to the extent required by law.

17.7 Ongoing Review

ClickDone may review and update its security practices from time to time in light of changes to the Platform, emerging threats, legal requirements, technological developments, and operational needs.

Subject to applicable law, including the Protection of Personal Information Act, 2013 ("POPIA"), you may have certain rights in relation to your Personal Information. ClickDone will consider and respond to requests to exercise these rights in accordance with applicable law and our legal obligations. POPIA provides for rights including access, correction or deletion in certain circumstances, objection to certain processing, and the right to complain to the Information Regulator.

18.1 Right of Access

You may request confirmation of whether ClickDone holds Personal Information about you and, where applicable, request access to such Personal Information and related information concerning how it is processed, subject to any limitations or procedures permitted by law. POPIA recognises a data subject's right to request access to records of personal information.

18.2 Right to Correction, Deletion, or Destruction

You may request that ClickDone correct, update, delete, destroy, or de-identify Personal Information about you where such information is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, unlawfully obtained, or where ClickDone is no longer authorised to retain it. The Information Regulator's regulations also state that such requests should be reasonably accessible and free of charge.

18.3 Right to Object to Processing

Where permitted by law, you may object to the processing of your Personal Information on reasonable grounds relating to your particular situation, unless legislation provides for such processing. You may also object to the processing of your Personal Information for purposes of direct marketing. POPIA recognises objection rights, and the Information Regulator states that complaints may also be lodged where an organisation fails to respond to an objection or related rights request.

18.4 Right to Withdraw Consent

Where ClickDone relies on your consent as the lawful basis for processing, you may withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal, and it may not affect processing that ClickDone is otherwise entitled or required to carry out on another lawful basis. The Information Regulator's guidance confirms that data subjects have the right to withdraw consent for direct marketing at any time.

18.5 Right to Opt Out of Direct Marketing

You have the right to object to or unsubscribe from direct marketing communications from ClickDone. POPIA regulates direct marketing by unsolicited electronic communications and the Information Regulator states that data subjects must be able to unsubscribe and that responsible parties must include contact details or an address to which the data subject may send a request that direct marketing must cease.

18.6 Right to Lodge a Complaint

If you believe that ClickDone has processed your Personal Information unlawfully or in breach of applicable law, you may lodge a complaint with ClickDone using the contact details set out in this Privacy Policy. You may also lodge a complaint with the South African Information Regulator. The Information Regulator provides a POPIA complaints process for issues including unlawful disclosure, inadequate security, collection without consent, unlawful processing of special personal information, or failure to respond to a rights request.

18.7 How to Exercise Your Rights

You may exercise your rights by contacting ClickDone using the contact details set out in this Privacy Policy. We may request information reasonably necessary to verify your identity before acting on your request, in order to protect your Personal Information and the rights of others. When handling a request, ClickDone may:

• ask you to clarify the scope of your request;
• verify your identity or authority to act;
• request additional information reasonably required to locate relevant records or assess the request;
• comply with the request in whole or in part;
• refuse the request where permitted by law; or
• retain certain information where retention is required or permitted by law.

18.8 Limitations and Exceptions

The rights described in this section are not absolute. ClickDone may decline or limit a request where permitted by applicable law, including where the request is unfounded, impracticable, unlawful, prejudicial to the rights of others, or where ClickDone is required or entitled by law to retain or continue processing the relevant Personal Information.

18.9 Response Time

ClickDone will respond to rights requests within a reasonable time and in accordance with applicable law. The Information Regulator's current POPIA regulations state that, for correction, deletion, or destruction requests, a responsible party must notify the data subject in writing of the action taken within 30 days after receipt of the outcome of the request.

ClickDone is not intended for use by children under the age of 18 acting on their own. Users must be at least 18 years old to create an account, use the Platform independently, or enter into transactions through the Platform, unless such use is otherwise lawful and takes place with the involvement, consent, or authorisation of a parent, guardian, or other legally authorised adult, where applicable. ClickDone does not knowingly collect or process Personal Information directly from children under 18 in a manner that is unlawful or without any consent, authorisation, or other lawful basis required by applicable law. If ClickDone becomes aware that Personal Information relating to a child under 18 has been collected or processed in circumstances that are unlawful or not properly authorised, ClickDone may take reasonable steps to:

• verify the circumstances;
• request consent or authorisation from a parent, guardian, or other legally authorised adult where appropriate;
• restrict, suspend, or terminate access to the relevant account or service; and
• delete, de-identify, or otherwise deal with the relevant Personal Information as required or permitted by applicable law. Parents, guardians, or other persons who believe that a child may have provided Personal Information to ClickDone without proper authority or in breach of this Privacy Policy may contact us using the contact details set out in this Privacy Policy. Nothing in this section prevents ClickDone from processing Personal Information relating to a child where such processing is lawful, necessary, and properly authorised under applicable law.

The Platform may contain links to third-party websites, applications, tools, content, integrations, or services, and may also rely on third-party providers in connection with certain Platform features and functionality.

20.1 Third-Party Websites and Links

ClickDone may provide links to third-party websites or services for convenience, information, payment processing, verification, support, social media interaction, analytics, or other purposes. If you follow a link to a third-party website or service, your interaction with that third party will be governed by that third party's own terms, privacy policy, and practices. ClickDone does not control and is not responsible for the privacy practices, content, security, or operation of third-party websites or services. Users are encouraged to review the privacy policies and terms of any third-party websites or services before providing Personal Information to them.

20.2 Third-Party Services Used in Connection with the Platform

ClickDone may use third-party service providers, operators, or technology partners to support the operation of the Platform and related services. These may include, for example:

• payment processors and payout providers;
• cloud hosting and infrastructure providers;
• analytics and performance monitoring providers;
• communication and messaging service providers;
• identity verification and fraud-prevention providers;
• customer support tools;
• mapping, location, and search providers; and
• other technical, operational, compliance, or security service providers. Where third parties process Personal Information on behalf of ClickDone, such processing will be subject to appropriate contractual or legal safeguards where required.

20.3 Third-Party Collection of Information

Certain third-party services integrated into the Platform may independently collect, receive, or process Personal Information in accordance with their own privacy policies and legal obligations. For example, when you make a payment through a third-party payment provider, use a third-party login or verification service, interact with embedded content, or access external links, that third party may collect information directly from you or your device. ClickDone is not responsible for the independent data practices of such third parties, except to the extent required by applicable law.

20.4 No Endorsement

The inclusion of a third-party link, integration, or service on the Platform does not necessarily imply that ClickDone endorses, approves, or guarantees that third party, its services, or its privacy and security practices. Users remain responsible for exercising their own judgment when interacting with third-party services.

20.5 Third-Party Terms and Policies

Your use of certain third-party services connected to the Platform may be subject to additional third-party terms, privacy notices, and conditions. By using such features, you may also be entering into a direct relationship with the relevant third party. ClickDone recommends that users review any applicable third-party terms and privacy policies carefully.

20.6 Changes to Third-Party Services

The third-party services, integrations, and links used in connection with the Platform may change from time to time as the Platform evolves. ClickDone may add, remove, or replace third-party providers or integrations without separately updating this section in each instance, provided that Personal Information continues to be handled in accordance with this Privacy Policy and applicable law.

ClickDone recognises that requests for access to records may, where applicable, be governed by the Promotion of Access to Information Act, 2000 ("PAIA") of South Africa. At this stage, requests for access to records held by ClickDone should be directed to ClickDone using the contact details provided in this Privacy Policy.

21.1 Requests for Access to Records

Where a person wishes to request access to a record held by ClickDone, such request may need to be made in accordance with PAIA, to the extent that PAIA applies to the relevant request. Access to records is not automatic and may be subject to applicable legal requirements, procedures, limitations, and grounds for refusal.

21.2 Information Required for a Request

A person submitting a request for access to records should provide sufficient information to enable ClickDone to understand and assess the request, including, where applicable:

• the identity of the requester;
• the record or category of records requested;
• the contact details of the requester; and
• where required by law, the right that the requester seeks to exercise or protect and an explanation of why the requested record is required for that purpose. ClickDone may request additional information reasonably necessary to verify identity, confirm authority, clarify the request, or assess the request in accordance with applicable law.

21.3 How ClickDone May Respond

Where ClickDone receives a request for access to records, ClickDone may, subject to applicable law:

• acknowledge receipt of the request;
• request clarification or additional information;
• consider the request in light of applicable legal requirements;
• grant access in whole or in part; or
• refuse access where permitted or required by law.

21.4 Limits on Access

Access to records may be refused, restricted, or limited where permitted or required by applicable law, including where disclosure would unlawfully affect the rights of another person, disclose confidential or commercially sensitive information, prejudice legal or regulatory processes, or otherwise fall within a recognised ground for refusal.

21.5 Relationship with Personal Information Requests

Requests relating specifically to your own Personal Information may, depending on the circumstances, be dealt with under POPIA, PAIA, or both, as applicable.

21.6 Future PAIA Compliance Materials

ClickDone may prepare and publish additional PAIA-related materials, processes, or guidance in future, including a PAIA manual, where required or considered appropriate.

ClickDone may update, amend, or replace this Privacy Policy from time to time in order to reflect changes to the Platform, our services, our data processing practices, applicable law, regulatory requirements, or other operational, legal, or business developments. Any updated version of this Privacy Policy will be published on the Platform and will take effect from the date of publication, unless a different effective date is stated. Where required by applicable law, or where we consider it appropriate, ClickDone may also notify users of material changes by additional means, such as through the website, mobile application, email, in-app notification, or other reasonable communication channels. Your continued access to or use of the Platform after an updated Privacy Policy becomes effective may constitute your acknowledgement of the updated Privacy Policy, to the extent permitted by applicable law. We encourage users to review this Privacy Policy periodically to remain informed about how ClickDone collects, uses, shares, and protects Personal Information.

If you have any questions, concerns, or requests relating to this Privacy Policy or the way ClickDone processes your Personal Information, you may contact us using the details below: ClickDone Email: info@clickndone.co.za Phone: +27 76 078 25 74 Where applicable, requests relating to access, correction, deletion, objection, withdrawal of consent, direct marketing, or other privacy-related matters may be submitted using the contact details above. ClickDone may request information reasonably necessary to verify your identity before responding to certain requests, in order to protect your Personal Information and the rights of others. If you are not satisfied with our response, you may have the right to lodge a complaint with the Information Regulator of South Africa or any other competent authority, where applicable.