Data Privacy Terms and Conditions

Duration

Regardless of whether the Agreement has terminated or expired, these Terms will remain in effect until, and automatically expire when EslyQurity deletes all Customer Data after 3 months.

Scope of Data Protection Law

Application of South African Law

The parties acknowledge that South African Data Protection Law will apply to the processing of Customer Personal Data, if, for example:

  • the processing is carried out in the context of the activities of an establishment of Customer in the territory of South Africa; and/or
  • the Customer Personal Data relates to data subjects who are in South Africa and the processing relates to the offering of goods or services in South Africa, or monitoring their behavior in South Africa.

Application of Terms

Except to the extent these Terms state otherwise, these Terms will apply irrespective of whether South African Data Protection Law or Non-South African Data Protection Law applies to the processing of Customer Personal Data.

Roles and Regulatory Compliance; Authorization

Processor and Controller Responsibilities

  • The subject matter and details of the processing are described in Appendix 1;
  • EslyQurity is a processor of Customer Personal Data under South African law;
  • Customer is a controller or processor, as applicable;
  • Each party will comply with obligations applicable under South African Data Protection Law.

Customer's Instructions

Customer instructs EslyQurity to process Customer Personal Data in accordance with applicable law only to provide, secure, and monitor the Services.

Location

EslyQurity collects your device location to help monitor and protect you in real time. Your location is included as part of detecting unusual activity, provide security alerts, and improve safety features within the app. Location data is collected even when the app is running in the background. Collection is active when Sensor Mode is toggled ON and when "While using the app" is selected in your settings. Your location is shared with your Emergency Contacts whenever a security alert is triggered. All data is processed according to our Privacy Policy.

EslyQurity's Compliance

EslyQurity will comply with the Instructions unless prohibited by applicable laws.

Instruction Notifications

EslyQurity will immediately notify Customer if any Instruction cannot be complied with due to legal restrictions.

Additional Products

If Customer uses any Additional Product, such product may access Customer Personal Data as needed to interoperate with the Services. Separate agreements may be required.

Data Deletion

The customer retains the right to delete information and may recover said information within three (3) months from deletion. After this period, the information becomes irrevocably deleted.

Data Security

EslyQurity's Security Measures

EslyQurity will implement and maintain technical, organizational, and physical measures to protect Customer Data.

Excluded Data Categories

  • Financial account information – excluded from storage.
  • Government-issued identifiers – not stored.
  • Protected Health Information – excluded from processing.

Encryption and Data in Transit

Low-sensitivity data is encrypted in transit using HTTPS/TLS.

System & Encryption Architecture – Audit Findings

  • No visible key management documentation.
  • No explicit TLS configuration enforcement file observed.
  • No explicit "in transit" vs "at rest" encryption policy defined.
  • No encryption-specific audit logging present.

Access and Compliance

EslyQurity will authorize access only as necessary and ensure confidentiality.

Additional Security Controls

EslyQurity will make additional controls available to help secure Customer Data.

Security Assistance

EslyQurity will help Customer comply with applicable legal obligations.

Data Incidents

  • Notification without undue delay.
  • Description of incident details.
  • Notifications through the registered email.
  • No obligation to identify legal requirements in data.

Customer Security Responsibilities

Customer is responsible for using the Services securely, managing credentials, and backing up data.

Impact Assessments and Consultations

EslyQurity will assist Customer in meeting its obligations by providing documentation, security controls, and additional materials.

Access, Data Subject Rights, Data Export

Access & Portability

EslyQurity enables Customer to access, rectify, restrict, delete, and export data.

Data Subject Requests

  • Requests will be redirected to Customer.
  • EslyQurity will notify Customer when applicable.
  • EslyQurity will assist with required functionality.

Data Centre Information

We use Google Cloud services available in South Africa through a dedicated region.

Subprocessors

Customer authorizes Subprocessor engagement as listed by EslyQurity.

EslyQurity Data Protection Team & Records

Customer may contact EslyQurity representative for inquiries on data processing.

Liability

Liability limits follow the Agreement and applicable South African or non-SA laws.

Interpretation

Where inconsistencies exist, these Terms take precedence over the Agreement.

Changes to these Terms

EslyQurity may update URLs, entity names, or Terms as required by law or security.