PROTECTION OF PERSONAL INFORMATION ACT (POPIA)

Privacy Policy

Effective Date: 15 March 2025

Masterarts Connect (Pty) LtdSouth Africa

Paturn ("Paturn", "we", "us", or "our") is a restaurant technology platform owned and operated by Masterarts Connect (Pty) Ltd, a company registered in the Republic of South Africa.

We are committed to protecting the privacy, confidentiality, and security of personal information belonging to restaurants using our platform ("Merchants") and customers placing orders ("Diners").

This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you access or use the Paturn website, application, QR code ordering system, and related services ("Platform"), in accordance with the Protection of Personal Information Act, 2013 (POPIA).

By using the Platform, you consent to the practices described in this Privacy Policy.

1. Information We Collect

We collect only the information necessary to operate, secure, and improve the Platform.

1.1 Information Collected from Diners

When you access the Platform or place an order, we may collect:

Personal Information
  • Name
  • Email address
  • Phone number
  • Table number (if applicable)

This information is optional and typically used for receipts and order updates.

Order Information
  • Items ordered
  • Special instructions
  • Dietary preferences
  • Order history

Payment Information

Payments are processed securely by third-party payment providers such as Yoco, Paystack, or Peach Payments.

Paturn does NOT store:

  • Full credit or debit card numbers
  • CVV numbers

We only receive:

  • Payment confirmation tokens
  • Transaction identifiers
  • Payment status
Technical and Device Information
  • IP address
  • Browser type
  • Device type
  • Operating system
  • Usage data

This information helps ensure security and performance.

1.2 Information Collected from Merchants

To provide ordering, POS, and KDS services, we collect:

Business Information
  • Business name
  • Company registration details
  • VAT number (if applicable)
  • Physical address
  • Contact information
Staff Account Information
  • Staff names
  • Login credentials
  • Account roles and permissions
Financial & Billing
  • Banking details for payouts
  • Billing and subscription information

2. Cookies and Tracking Technologies

We use cookies and similar technologies to improve functionality and user experience.

Essential Cookies

Required for core functionality, including session management, login authentication, and cart functionality.

Analytics Cookies

Used to understand how users interact with the Platform to improve performance and usability.

Preference Cookies

Used to remember user preferences such as language or display settings.

You may disable cookies in your browser settings. However, doing so may limit certain functionality.

3. How We Use Your Information

We use personal information for legitimate business purposes, including:

Service Delivery
  • Processing orders
  • Transmitting orders to Merchant systems
  • Facilitating payment processing
Communication
  • Sending receipts
  • Providing order updates
  • Responding to support requests
Platform Improvement
  • Improving system performance
  • Fixing technical issues
  • Enhancing features
Security & Fraud Prevention
  • Detecting fraud
  • Preventing unauthorized access
  • Maintaining platform integrity
Legal Compliance
  • Complying with South African law
  • Meeting financial and tax obligations
  • Responding to lawful requests

4. How We Share Your Information

We do NOT sell personal information.

We only share information when necessary.

With Merchants

When a Diner places an order, the Merchant receives order details, table number, name and contact details (if provided). This is required to fulfill the order.

With Service Providers

We may share information with trusted service providers, including:

  • Payment processors
  • Cloud hosting providers
  • Infrastructure providers
  • Technical service providers

These providers are contractually obligated to protect personal information.

Legal Requirements

We may disclose personal information if required by law, by court order, to protect legal rights, or to prevent fraud or illegal activity.

5. Data Retention

We retain personal information only as long as necessary to:

  • Provide services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements

Data is securely deleted or anonymized when no longer required.

6. Data Security

We implement appropriate technical and organizational safeguards, including:

Encryption
Secure Servers
Access Controls
Authentication Systems

If a data breach occurs that affects personal information, we will notify affected users and the Information Regulator in accordance with POPIA.

7. Your Rights Under POPIA

Under POPIA, you have the right to:

Access Your Personal Information — Request a copy of personal data we hold about you.
Correct Personal Information — Request correction of inaccurate or incomplete information.
Request Deletion — Request deletion of personal information, subject to legal obligations.
Withdraw Consent — Withdraw consent where processing is based on consent.
Object to Processing — Object to certain uses of your personal information.

To exercise these rights, contact our Information Officer.

8. International Data Storage and Transfers

Your information may be stored on secure servers located outside South Africa.

Where this occurs, we ensure appropriate safeguards consistent with POPIA requirements.

9. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time.

Updates become effective upon publication.

Continued use of the Platform constitutes acceptance of any updates.

10. Contact Information

For privacy-related questions or to exercise your rights, contact:

Masterarts Connect (Pty) Ltd

Information Officer

privacy@masterarts.co.za
FREQUENTLY ASKED QUESTIONS

Privacy FAQs

Have privacy concerns?

Our Information Officer is ready to assist with any questions about your data.

Contact Privacy Officer