Privacy Policy
1. Who we are
PlantLynk (“we”, “us”) is operated by [Registered company name (Pty) Ltd], registration number [CIPC reg no.], of [registered address]. We are the responsible party for the personal information described here.
Our Information Officer is James Engelbrecht, contactable at info@plantlynk.co.za for any privacy question, access request or complaint. (Our Information Officer is registered with the Information Regulator of South Africa.)
2. What we collect
- Equipment owners: name, company, WhatsApp number, email, base city, and machine details/photos you submit. For higher trust tiers, verification documents (company registration, ID, proof of address, insurance) which we store securely and access only to verify you.
- Contractors / hirers: name, company, phone number, site location and booking details you enter to request a machine.
- Technical: limited data needed to run and secure the service (e.g. IP address for rate-limiting/abuse prevention). We do not use third-party advertising trackers.
3. Why we use it (lawful basis)
We process personal information to: connect contractors with equipment owners; create and manage listings, bookings and reviews; verify owners; prevent fraud and abuse; manage subscriptions; and communicate with you about the service. Our basis is your consent and the performance of our agreement with you, and our legitimate interest in operating a safe marketplace.
4. Sharing
When you submit a booking request, the relevant details are shared with the equipment owner so they can respond — that is the purpose of the service, and you consent to it at the point of booking. We do not sell your personal information. We use trusted processors (e.g. hosting, database and messaging providers) bound to protect it. Contact details are never published publicly on the site.
5. Direct marketing
We only send marketing messages (email/SMS/WhatsApp) if you have opted in, and every message lets you opt out. Service messages (e.g. a booking confirmation) are not marketing.
6. Security & retention
We protect personal information with appropriate technical and organisational measures (encrypted connections, access controls, rate-limiting). Verification documents are stored privately and accessible only to authorised staff. We keep information only as long as needed for the purposes above or as the law requires, then delete it. If a breach affecting your information occurs, we will notify you and the Information Regulator as POPIA requires.
7. Your rights
Under POPIA you may ask us to confirm what we hold, correct or delete it, object to processing, or withdraw consent — contact our Information Officer above. You may also complain to the Information Regulator of South Africa (inforeg@inforegulator.org.za).
8. Cookies & local storage
We use your browser’s local storage only for essential functions (e.g. remembering your details so you don’t re-type them, and keeping you signed in to your dashboard). We do not currently use advertising or analytics cookies. If that changes we will ask for your consent first.
9. Changes
We may update this policy; the “last updated” date shows when. Material changes will be communicated where appropriate.