SetuTau NetworkSetuTau Network

This policy applies to SETUTAU.

Privacy Policy – SetuTau Network

Last updated: March 2026

1. Introduction

SetuTau Network ("Platform", "we", "us") respects your privacy. This Privacy Policy explains how we collect, use, and protect personal data.

2. Data We Collect

2.1 Account Data

  • Email, full name – for authentication and account management
  • Profile role – customer, merchant_admin, or platform_admin
  • Merchant association – for users who become merchants

2.2 Merchant Data

  • Business name, slug, description
  • Branding – logo, images, colors (stored as URLs)
  • PayFast credentials – encrypted; we do not access plaintext except to facilitate split payments as configured

2.3 Transaction Data

  • Customer email and name – for bookings, purchases, subscriptions
  • Amounts, commission, merchant net – for platform and merchant dashboards
  • Transaction type – booking, purchase, subscription

2.4 Usage Data

  • Logs, IP addresses, and analytics as necessary for security and operation

3. How We Use Data

  • To provide and improve the Platform
  • To process payments (via PayFast)
  • To display merchant pages and facilitate transactions
  • To communicate with users (e.g. confirmation emails)
  • To comply with legal obligations and enforce our Terms

4. Data Sharing

  • PayFast – payment data is shared with PayFast for processing
  • Merchants – see customer email/name for their own transactions
  • Platform admins – see aggregated and per-merchant data for platform operation
  • We do not sell personal data to third parties

5. Security

  • Merchant PayFast credentials are encrypted with industry-standard encryption
  • Access is restricted by role (RLS, authentication)
  • Sensitive operations use server-side, secure keys only

6. Retention

  • Account and transaction data are retained for as long as the account is active and as required for legal, tax, or operational purposes
  • Deleted accounts: data is removed within a reasonable period, subject to legal retention requirements

7. Your Rights

  • Access, correction, and deletion of your personal data where applicable
  • Opt-out of marketing communications
  • Complaints to the relevant data protection authority (e.g. Information Regulator in South Africa under POPIA)

8. International Use

  • The Platform may be used globally. Data may be processed in jurisdictions where our services operate. We take steps to protect data in line with this policy.

9. Children

  • The Platform is not intended for users under 18. We do not knowingly collect data from children.

10. Changes

  • We may update this Privacy Policy. Continued use after changes constitutes acceptance. Material changes will be communicated where practicable.

11. Contact

  • For privacy inquiries, contact the Platform administrator.

Terms & ConditionsRefund PolicyAcceptable Use Policy