Privacy Policy & POPIA Compliance

Last updated: 2/28/2026

1. Introduction

Aloe Mediation (Pty) Ltd ("we", "us", or "our") is committed to protecting your privacy and complying with the Protection of Personal Information Act 4 of 2013 ("POPIA"). This policy explains how we collect, use, and safeguard your data when you use our platform.

2. Our Role: Responsible Party vs. Operator

It is important to distinguish how we handle data:

  • Aloe Mediation as Responsible Party: We are the responsible party for your Account Data (e.g., your name, email, subscription details) required to provide the Service to you.
  • Aloe Mediation as Operator: For Case Data (e.g., intake forms, financial disclosures, children's details) uploaded by Mediators or Clients, we act purely as an Operator processing data on behalf of the Mediator (who is the Responsible Party). We do not use Case Data for our own purposes.

3. Information We Collect

  • Account Information: Name, Email, Phone Number, Practice Details, and Billing Information.
  • Usage Data: Log files, IP addresses, and device information to ensure security and platform stability.
  • Special Personal Information: Through the course of mediation, the platform stores sensitive data including ID numbers, financial statements, and details regarding minors. This data is encrypted and accessible only to authorized participants.

4. How We Use Your Information

We use your data strictly to:

  • Provide and maintain the Aloe Mediation platform.
  • Process subscription payments via our payment gateway (Paystack).
  • Send transactional notifications (e.g., "New Mediation Request", "Invoice Received").
  • Ensure the security of the platform and prevent fraud.

5. Data Storage & Security

  • Encryption: All data is encrypted at rest (AES-256) and in transit (TLS/SSL).
  • Infrastructure: Our database is hosted by Supabase, a global leader in secure database infrastructure.
  • Access Control: We employ strict Row-Level Security (RLS) to ensure that Case Data is only accessible to the specific Mediator and Clients assigned to that matter.

6. Sharing of Information (Sub-Processors)

We do not sell your data. We share data only with trusted third-party service providers required to operate the platform:

  • Paystack: For payment processing (we do not store card details).
  • Resend: For delivering system emails.
  • Vercel: For web hosting and infrastructure.
  • Supabase: For database and file storage.

7. International Data Transfers

Some of our third-party infrastructure providers are cloud-based and may store data outside of South Africa. We ensure that these providers adhere to GDPR and international security standards that offer protection equivalent to or higher than POPIA.

8. Your Rights

Under POPIA, you have the right to:

  • Request access to the personal information we hold about you.
  • Request correction or deletion of your personal information (subject to legal retention requirements).
  • Object to the processing of your personal information.
  • Lodge a complaint with the Information Regulator (JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001).

9. Contact Information

For any privacy-related inquiries, please contact our Information Officer:

Name: Joshua Hearne
Email: info@aloemediation.co.za