Your Privacy Matters

Privacy Policy

Last updated: March 2026

Simunye ("we", "us", or "our") operates a membership platform for South African consumers. We are committed to protecting your personal information in line with the Protection of Personal Information Act, 2013 ("POPIA"). This policy explains what data we collect, why we collect it, how we store it, and what rights you have.

1. What Personal Information We Collect

When you sign up and use Simunye, we may collect the following:

  • Identity info — your full name and optional profile photo.
  • Contact info — your email address and mobile phone number.
  • Payment info — payment details are collected and processed by Paystack (our payment provider). We do not store your card number, CVV, or bank account details on our servers.
  • Referral data — your position in the Simunye Tree (who referred you and who you refer).
  • Wallet & transaction data — your Simunye Wallet balance and transaction history.
  • Raffle data — your raffle entries, win history, and cooldown status.
  • Usage data — how you interact with the platform, including login times, pages visited, and device information.

2. Why We Process Your Information

We only use your data for specific, lawful purposes:

  • Membership management — to create and maintain your account, process your subscription (R99/month or R989/year), and give you access to member benefits.
  • Referral tree — to track referral relationships and calculate referral bonuses.
  • Wallet — to manage your Simunye Wallet balance, including referral earnings and platform credits.
  • Raffle — to enter you into monthly raffles automatically and manage winner selection.
  • Communication — to send you important account updates, receipts, and (with your consent) marketing messages.
  • Improving the platform — to understand how the platform is used and make it better.
  • Legal compliance — to meet our obligations under South African law, including POPIA and consumer protection regulations.

3. Where Your Data Is Stored

Your personal data is stored using Supabase, a secure cloud database platform. Our Supabase instance is hosted in the EU West region, which has strong data protection laws similar to POPIA. Data is encrypted at rest and in transit.

Payments are handled by Paystack, which is PCI DSS compliant. This means your card details are processed to the highest industry security standard. Paystack operates under the Stripe group and stores payment data separately from our systems.

4. Your Rights Under POPIA

As a data subject in South Africa, you have the following rights:

  • Right to access — you can request a copy of the personal information we hold about you.
  • Right to correction — you can ask us to update or fix any inaccurate information.
  • Right to deletion — you can ask us to delete your personal information, subject to legal retention requirements.
  • Right to data export — you can request a machine-readable copy of your data so you can take it elsewhere.
  • Right to object — you can object to us processing your data for direct marketing.
  • Right to complain — if you believe we have violated your privacy rights, you may lodge a complaint with the Information Regulator of South Africa.

To exercise any of these rights, contact our Information Officer using the details in Section 8 below.

5. Consent and Withdrawal

By signing up for Simunye, you consent to us collecting and processing your personal information as described in this policy.

You may withdraw your consent at any time by contacting our Information Officer or by deleting your account through the platform settings. Please note that withdrawing consent may mean we can no longer provide certain services to you (for example, you would lose access to your membership benefits and Wallet balance).

Withdrawing consent does not affect the lawfulness of any processing we carried out before the withdrawal.

6. Cookies

We use cookies and similar technologies to:

  • Essential cookies — keep you logged in and remember your session. These are required for the platform to work.
  • Analytics cookies — help us understand how visitors use the platform so we can improve it. These are anonymised where possible.

We do not use advertising or third-party tracking cookies. You can control cookie settings in your browser at any time.

7. Data Retention

We keep your personal information only for as long as necessary:

  • Active members — your data is retained for the duration of your membership.
  • After cancellation — we retain your data for up to 12 months after you cancel, in case you want to reactivate or need transaction records.
  • Legal obligations — some records (such as payment transactions) may be retained for up to 5 years to comply with South African tax and financial regulations.
  • Deletion requests — when you request deletion, we will remove your data within 30 days, except where retention is legally required.

8. Information Officer

If you have any questions about this policy, want to exercise your POPIA rights, or need to report a privacy concern, please contact our designated Information Officer:

Information Officer: Simunye Privacy Team

Email: privacy@simunye.mobi

We will respond to your request within 30 days as required by POPIA.

9. Changes to This Policy

We may update this privacy policy from time to time. When we make significant changes, we will notify you via email or an in-app notice. The "Last updated" date at the top of this page will always reflect the most recent version.

Read our Terms of Service →
Privacy Policy | Simunye