Privacy Policy

FinVeil collects personal information necessary to operate the payment orchestration platform, including business contact details (name, email, phone), transaction data (amounts, references, payment statuses), and technical data (IP addresses, browser metadata, API call logs). We collect only what is required to deliver the service and comply with South African law.

Personal information is used to process payment transactions, maintain audit trails, provide customer support, and improve the platform. We do not use personal information for advertising, profiling, or any purpose outside the scope of the service agreement. Analytics are generated only in aggregate form and are not sold to third parties.

Personal information is shared only with licensed payment providers (Stitch, Paystack) as required to execute transactions, and with infrastructure providers (Railway) for hosting. Each processor is contractually bound to handle data in accordance with POPIA. We do not sell, rent, or otherwise commercially share personal information with any third party.

Transaction records and audit logs are retained for the duration of the customer relationship and for a minimum of five years thereafter to meet regulatory requirements. Personal information is deleted or anonymised within 90 days of account closure, except where retention is required by law.

Under the Protection of Personal Information Act (POPIA), you have the right to access your personal information, request correction or deletion, object to processing, and lodge a complaint with the Information Regulator. All requests are acknowledged within 5 business days and resolved within 30 days.

For all privacy-related queries, data access requests, or complaints, contact our Information Officer at privacy@finveil.money.