YetoPayBack to Home

Privacy Policy

Last updated: June 2026

YetoPay (Pty) Ltd ("YetoPay", "we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share your information when you use the YetoPay payment platform.

1. Why Do We Have a Privacy Policy?

We are required by the Protection of Personal Information Act 4 of 2013 ("POPIA") and other applicable laws to protect your personal information. This Privacy Policy explains how we handle your data in compliance with these laws.

2. What Information Do We Collect?

When you use YetoPay to make a payment, we may collect:

  • Identity information — your name, email address, and contact details as provided by the merchant.
  • Transaction information — payment amount, merchant reference, transaction status, and timestamps.
  • Technical information — IP address, browser type, device information, and session data for security and fraud prevention.
  • Banking interaction data — we facilitate the connection to your bank but do not store your banking credentials. Your bank login details are transmitted directly to your bank via encrypted channels.

3. How Do We Use Your Information?

We use your personal information to:

  • Process and facilitate your payment transactions.
  • Verify your identity and prevent fraud.
  • Comply with legal and regulatory requirements, including the Financial Intelligence Centre Act ("FICA") and anti-money laundering ("AML") obligations.
  • Provide transaction confirmations and receipts.
  • Improve our services and troubleshoot technical issues.
  • Communicate with you about your transactions when necessary.

4. Legal Basis for Processing

We process your information on the following grounds:

  • Contractual necessity — to fulfil the payment transaction you have initiated.
  • Legitimate interest — to prevent fraud, maintain security, and improve our services.
  • Legal obligation — to comply with financial regulations, tax laws, and law enforcement requests.
  • Consent — where you have explicitly agreed, such as accepting these terms on the payment page.

5. Who Do We Share Your Information With?

We may share your personal information with:

  • Your bank — to initiate and complete the payment transaction.
  • The merchant — transaction status, reference, and confirmation details.
  • Payment processors and banking partners — to facilitate the payment flow.
  • Fraud prevention services — to detect and prevent fraudulent activity.
  • Regulatory authorities — when required by law or regulation.
  • Service providers — who assist us with hosting, analytics, and communications, subject to strict data processing agreements.

We do not sell your personal information to third parties for marketing purposes.

6. How Do We Protect Your Information?

We implement industry-standard security measures including:

  • TLS encryption for all data in transit.
  • Encryption at rest for stored personal data.
  • Strict access controls and role-based permissions.
  • Regular security audits and vulnerability assessments.
  • Banking credentials are never stored — they are transmitted directly to your bank and discarded after the session.

7. How Long Do We Keep Your Information?

We retain your personal information only as long as necessary for the purposes described in this policy, or as required by law. Transaction records are retained for the period required by financial regulations (typically 5 years). Technical logs are retained for up to 12 months for security purposes.

8. Cookies

Our payment pages use essential cookies and session storage to maintain your payment session. We do not use tracking cookies or third-party advertising cookies on our payment pages. No personally identifiable information is stored in cookies.

9. Your Rights

Under POPIA and applicable data protection laws, you have the right to:

  • Access — request a copy of the personal information we hold about you.
  • Correction — request that we correct inaccurate or incomplete information.
  • Deletion — request that we delete your personal information, subject to legal retention requirements.
  • Object — object to the processing of your personal information in certain circumstances.
  • Data portability — receive your personal information in a structured, commonly used format.

To exercise any of these rights, please contact us using the details below.

10. Third-Party Links

Our platform may contain links to third-party websites, including your bank's website. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal information, please contact us:

  • Email: support@yetopay.co.za
  • Website: www.yetopay.co.za