Privacy Policy
Last updated: 3 Mar 2026
This policy explains what data we collect, why we need it, and how we protect it. We've tried to keep it readable — no walls of legal jargon.
The short version: We collect only what we need to run batapp. We don't sell your data. You own your data and can delete it anytime.
By using batapp, you also agree to our Terms & Conditions.
Who we are
batapp is provided by Albertec IT Solutions CC (Reg No: 2008/017765/23), a South African company.
- Information Officer: Theuns Alberts
- Email: support@batapp.co.za
- Website: https://batapp.co.za
We're the "responsible party" under POPIA (South Africa's data protection law).
What we collect and why
Information you give us
| What | Why we need it |
|---|---|
| Name & email | To create your account and contact you about your service |
| Password | To secure your account (we store it encrypted, never in plain text) |
| Company details | To set up your organisation in batapp |
Your asset data
Everything you add to batapp — assets, categories, locations, custom fields, check-out records — belongs to you. We store it to provide the service.
Photos you upload
When you attach photos to assets, we store them in cloud storage. Photos are linked to your organisation and deleted when you delete the asset or your account.
Location data (mobile app)
If you enable GPS on the mobile app:
- We capture coordinates when you tag an asset's location
- We use this for the "locate asset" feature and address lookup
- You can disable this in your device settings anytime
We don't track your location in the background — only when you explicitly capture an asset location.
Barcode & camera access
The mobile app uses your camera to:
- Scan barcodes and QR codes for quick asset lookup
- Take photos of assets
We don't access your camera roll or other photos — only what you explicitly capture in the app.
Payment information
When you subscribe to a paid plan:
| What | How it's handled |
|---|---|
| Card details | Processed by our PCI-DSS compliant payment provider — we never see or store your full card number |
| Billing name & address | Stored for invoicing and tax purposes |
| Transaction history | We keep records of payments for accounting |
| Payment method tokens | Stored securely to process recurring payments |
We do not:
- Store your full card number, CVV, or PIN
- Have access to your banking credentials
- Share payment data with anyone except our payment processor
Our payment processor is certified to the highest security standards (PCI-DSS Level 1) and handles all sensitive card data directly.
Automatic technical data
We automatically collect:
- Usage data: Which features you use, how often, error logs
- Device info: Browser type, operating system, screen size
- Mobile specifics: App version, device ID, push notification tokens
This helps us fix bugs, improve the app, and provide support.
How we use your data
We use your information to:
- Run batapp — deliver features, sync data between devices, process your requests
- Provide support — respond when you contact us, troubleshoot issues
- Improve the service — understand usage patterns, fix bugs, develop new features
- Keep things secure — detect fraud, prevent unauthorized access
- Send important updates — service changes, maintenance notices, security alerts
- Marketing — only with your consent, and you can opt out anytime
We process your data based on:
- Contract: We need it to provide the service you signed up for
- Consent: Where you've specifically agreed (like marketing emails)
- Legitimate interest: For security, fraud prevention, and improving the service
- Legal obligation: Where the law requires it
Who can see your data
Within your organisation
batapp has role-based access. What people see depends on their role:
| Role | What they can see |
|---|---|
| Viewer | Read-only access to assets |
| Scanner | View assets + scan barcodes |
| Editor | Add, edit, and manage assets |
| Admin | Everything + organisation management + user management |
| Support | Full but typically temporary access for troubleshooting |
Admins in your organisation control who has access. We don't share data between different organisations.
Check-out records
When assets are checked out/in, we record who, when, and any notes. This is visible to users with appropriate access in your organisation.
Third-party services
We use trusted services to run batapp:
- Cloud hosting & storage — for your data and photos
- Email delivery — for notifications and support
- Analytics — to understand how the app is used
- Payment processing — for subscriptions (PCI-DSS Level 1 certified)
Our payment processor receives only what's needed to process your payment: card details, billing address, and transaction amount. They may use this data for fraud prevention as required by card networks.
These providers only access what they need to provide their service. We don't sell or rent your data to anyone.
Legal requirements
We may share data if required by law, court order, or to protect our legal rights. We'll notify you if legally permitted.
Where your data lives
Your data may be processed outside South Africa (for cloud hosting and services). When this happens, we ensure appropriate protections are in place — either the destination has adequate data protection laws, or we have contractual safeguards.
How we protect your data
- Encryption: All data is encrypted in transit and server-side data at rest
- Access controls: Staff access is limited and logged
- Secure authentication: We use industry-standard security practices
- Regular monitoring: We watch for suspicious activity
No system is 100% secure, but we take reasonable precautions to protect your information.
How long we keep your data
| Data type | Retention period |
|---|---|
| Account data | While you're subscribed + 30 days after cancellation |
| Asset data & photos | While your account is active + 30 days after cancellation (so you can export) |
| Audit trail (asset history, check-outs) | 7 years (for compliance) |
| Payment & billing records | 5 years (required by tax law) |
| Support messages | 3 years from last contact |
| Usage analytics | 2 years |
| Security logs | 1 year |
After cancellation: You have 30 days to export your data before it's permanently deleted. Audit trails and financial records are retained longer for compliance but are anonymised where possible.
Your rights
Under POPIA (and GDPR if you're in Europe), you have the right to:
- Access — request a copy of your data
- Correction — fix inaccurate information
- Deletion — have your data removed
- Object — stop certain processing (like marketing)
- Portability — get your data in a usable format
- Complain — lodge a complaint with the Information Regulator
How to delete your account
To permanently delete your account and all associated data:
- Email support@batapp.co.za with subject "Account Deletion Request"
- Include your name and account email
- Confirm you understand this is permanent
We'll verify your identity and process the request within 30 days. Your data will be fully deleted except for:
- Audit trail records (7 years — anonymised, for compliance)
- Transaction records (5 years — required by tax law)
- Security logs (1 year — for security purposes)
- Anonymised statistics
Deleting specific data
Want to delete specific data without closing your account? Email us at support@batapp.co.za with subject "Partial Data Deletion Request" and describe what you'd like removed.
Making a request
For any data request, email support@batapp.co.za. We'll respond within 30 days.
Cookies
On the web app
We use cookies for:
- Essential functions — keeping you logged in, remembering preferences
- Analytics — understanding how the app is used
You can control cookies through your browser settings.
On the mobile app
We use:
- App analytics to improve performance
- Crash reporting to fix bugs
- Push notification tokens for alerts
Control these through your device's privacy settings.
Mobile app permissions
| Permission | Why we ask |
|---|---|
| Camera | To scan barcodes and take asset photos |
| Storage | To save photos locally before upload |
| Location | For GPS asset tracking (optional) |
| Notifications | To send important updates |
You can revoke any permission in your device settings. Some features won't work without their required permissions.
Offline mode and sync
When you work offline:
- Data is stored locally on your device
- It syncs automatically when you reconnect
- Local data has the same security protections
Conflict resolution: If you and another user edit the same asset while offline, the most recent change wins (last-write-wins). When this happens, you'll see a notification showing what changed and who made the change. You can review conflicts and re-apply your changes if needed.
Children
batapp is for business use. We don't knowingly collect data from anyone under 18. If we discover we have, we'll delete it immediately.
Beta testing
batapp is currently in beta. During this phase, we may collect additional diagnostic data to improve the service. Your participation is voluntary.
Changes to this policy
We'll update this policy when our practices change. For significant changes:
- We'll email you
- We'll note the change on our website
- Continued use means you accept the changes
Questions or complaints
Contact us:
- Email: support@batapp.co.za
- Information Officer: Theuns Alberts
Information Regulator South Africa:
- Website: https://inforegulator.org.za
- Email: complaints.ir@justice.gov.za