Privacy Policy

Last Updated: December 2025

1. Introduction

ZIZWE IT LIMITED ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services, including:

• Our website (zizwe.it)
• Revalidator mobile application
• RentLink Mzansi mobile application
• Future applications (OrderEase, StockEase, Ezethu izitori)
• Any other services we provide

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

• Create an account or register for our services
• Make a purchase or subscription
• Contact us for support or inquiries
• Sign up for newsletters or waitlists
• Participate in surveys or beta testing

This may include:

• Name and contact information (email address, phone number)
• Account credentials (username, password)
• Payment information (processed securely by Stripe)
• Professional information (NMC PIN for Revalidator users)
• Business information (for OrderEase and StockEase)
• Communications you send to us

2.2 Information Collected Automatically

When you use our services, we automatically collect certain information:

• Device information (type, operating system, unique identifiers)
• Usage data (features used, time spent, interaction patterns)
• Log data (IP address, browser type, access times)
• Cookies and similar technologies (see our Cookie Policy)

2.3 Application-Specific Data

Revalidator

• CPD Records: Voice recordings, transcriptions, and reflective accounts you create
• Professional Data: Practice hours, evidence of practice, feedback records
• NMC Forms: Completed revalidation forms and supporting documentation
• Storage: All healthcare-related data is stored locally on your device and encrypted

RentLink Mzansi

• Personal Information: Name, email, phone number, WhatsApp number, profile photo
• Property Data: Property listings, addresses, photos, GPS coordinates (for landlords)
• Location Data: Used for property searches and location verification
• Usage Data: Search history, favourites, property views
• Payment Data: Subscription and contact unlock transactions (processed by RevenueCat/Google Play)
• Storage: Data is stored in Supabase cloud infrastructure with row-level security

OrderEase & StockEase (When Available)

• Business information (name, address, contact details)
• Inventory and sales data
• Customer orders and preferences
• Transaction records

3. How We Use Your Information

We use your information to:

• Provide Services: Deliver, maintain, and improve our applications and features
• Process Transactions: Handle payments and subscriptions
• Customer Support: Respond to inquiries and provide technical assistance
• Communications: Send important updates, security alerts, and service notifications
• Product Development: Analyze usage patterns to improve features and user experience
• Legal Compliance: Comply with legal obligations and enforce our terms
• Security: Detect, prevent, and address fraud, abuse, and security issues

4. How We Share Your Information

We never sell your personal data. We may share your information only in the following circumstances:

4.1 Service Providers

We use trusted third-party services that process data on our behalf:

• Stripe: Payment processing for Revalidator (PCI-DSS compliant)
• RevenueCat / Google Play: Payment processing for RentLink Mzansi
• Supabase: Backend infrastructure and authentication
• OpenAI: AI-powered features (voice transcription, text generation)
• Sentry: Error tracking and crash reporting
• PostHog: Product analytics
• Cloud Storage: Secure data storage and backup

These providers are contractually obligated to protect your data and use it only for specified purposes.

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

• Valid legal processes (court orders, subpoenas)
• Requests from government authorities
• Protection of our rights and safety
• Investigation of fraud or security issues

4.3 Business Transfers

If ZIZWE IT LIMITED is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change and your choices regarding your data.

5. Data Storage and Security

5.1 Where We Store Data

• Revalidator: Healthcare data is stored locally on your device. Only minimal account data is stored on our servers.
• RentLink Mzansi: Data is stored in Supabase cloud infrastructure with row-level security policies. Property photos are stored in secure cloud storage.
• Website & Future Apps: Data is stored in secure cloud infrastructure within the European Economic Area (EEA) or UK.

5.2 How We Protect Data

• End-to-end encryption for sensitive data
• Secure HTTPS connections for all communications
• Regular security audits and vulnerability assessments
• Strict access controls and authentication
• Data minimization (we collect only what's necessary)
• Regular backups with encryption

5.3 Data Retention

• Account Data: Retained while your account is active and for a reasonable period after deletion for legal/business purposes
• Healthcare Data (Revalidator): Stored on your device and deleted when you delete the app or manually delete records
• Transaction Records: Retained as required by law (typically 6-7 years for tax purposes)
• Analytics Data: Aggregated and anonymized after 90 days

6. Your Rights

Under the UK GDPR and Data Protection Act 2018, POPIA (South Africa), and PDPA (Botswana), you have the following rights:

6.1 Right to Access

Request a copy of all personal data we hold about you.

6.2 Right to Rectification

Request correction of inaccurate or incomplete data.

6.3 Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data, subject to legal obligations.

6.4 Right to Data Portability

Receive your data in a structured, machine-readable format and transfer it to another service.

6.5 Right to Restrict Processing

Request limitation of how we process your data in certain circumstances.

6.6 Right to Object

Object to processing based on legitimate interests or direct marketing.

6.7 Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

6.8 Right to Lodge a Complaint

File a complaint with the UK Information Commissioner's Office (ICO) if you believe we've mishandled your data.

To exercise your rights, contact us at: support@zizweit.uk

We will respond within 30 days of your request.

7. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

8. International Data Transfers

We primarily store and process data within the UK and EEA. If data is transferred outside these regions, we ensure adequate safeguards are in place through:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for the destination country
• Your explicit consent where required

9. Cookies and Tracking Technologies

We use cookies and similar technologies for functionality, analytics, and improvements. For detailed information, see our Cookie Policy.

10. Third-Party Links

Our website and apps may contain links to third-party services. We are not responsible for their privacy practices. Please review their privacy policies before providing any information.

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via:

• Email to your registered address
• In-app notifications
• Prominent notice on our website

Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions, concerns, or to exercise your data rights, contact us:

• Email: support@zizweit.uk
• Phone: +44 7344 218841
• Company: ZIZWE IT LIMITED
• Location: United Kingdom

Data Protection Officer: Lloyd (Founder)

13. Legal Basis for Processing (GDPR)

We process your data based on:

• Contractual Necessity: To provide services you've requested
• Legitimate Interests: Improving services, fraud prevention, security
• Legal Obligation: Compliance with laws and regulations
• Consent: Where you've explicitly agreed (e.g., marketing emails)