Privacy Policy

Last updated: 13 April 2026

1. Who we are

WhatsBooking ("we", "us") is a booking and communication platform for South African service businesses, operated by Hannes Opperman. This policy complies with the Protection of Personal Information Act 4 of 2013 (POPIA).

2. Information we collect

  • Account info: name, email, phone, business name, password (hashed).
  • Client data you upload: your customers' names, phone numbers, booking history, invoices.
  • Usage data: IP address, browser, pages visited, feature usage — to improve the Service.
  • WhatsApp metadata: message timestamps and delivery status, not message content beyond what you send.

3. How we use it

  • Provide and maintain the Service (legitimate interest & contract).
  • Send service emails (booking confirmations, invoices, billing).
  • Improve features and fix bugs (aggregated, anonymised where practical).
  • Comply with legal obligations under POPIA, ECTA and tax law.

We do not sell your data or your clients' data. Ever.

4. Who has access

Your client data is yours. Our staff access it only to provide support when you request it, or as required by law. Sub-processors we use:

  • Hetzner Online GmbH — hosting (Germany, EU)
  • Zoho Corporation — transactional email
  • Meta Platforms — WhatsApp Business delivery
  • Yoco / PayFast — payment processing (only when you enable them)

5. International transfer

Our servers are in Germany. Transfers of personal information outside South Africa are protected by contracts imposing POPIA-equivalent safeguards, as allowed under section 72 of POPIA.

6. Retention

We keep your data for as long as your account is active, plus 30 days after cancellation (to allow restoration). Backups are retained for 30 days. Invoicing records may be kept for 5 years per SARS requirements.

7. Your rights (POPIA)

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Request deletion (subject to legal retention periods).
  • Object to direct marketing at any time.
  • Lodge a complaint with the Information Regulator (inforegulator.org.za).

To exercise any right, email privacy@whatsbookings.co.za.

8. Security

Passwords are hashed (bcrypt). Data is encrypted in transit (TLS 1.3). Backups are encrypted at rest. Access to production systems requires 2FA. We will notify affected users within 72 hours of a material data breach, as required by POPIA.

9. Cookies

We use essential cookies to keep you signed in. We use privacy-friendly analytics (Umami, self-hosted, cookie-less) to understand usage. No third-party tracking, no Facebook pixels, no Google Ads retargeting.

10. Contact

Information Officer: Hannes Opperman
Email: privacy@whatsbookings.co.za
WhatsApp: +27 82 565 1069

← Back to home