Privacy Policy
Last updated: 2026-01-19
1. Introduction
DevMetrix (Pty) Ltd, trading as RepairMate ("we", "our", or "us"), is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service business management platform ("Service").
2. Information We Collect
Account Information
When you register, we collect: organization name, subdomain, administrator name, email address, and phone number (optional).
Client Data (Tenant Data)
As a Subscriber, you may store information about your clients, including names, contact details, addresses, service history, and assets. This data belongs to you, and we process it solely to provide the Service.
Payment Information
Payment processing is handled by Paystack, a PCI-DSS compliant payment processor. We do not store your full credit card details. We retain only a reference to your payment method and basic card information (last 4 digits, card type) for display purposes.
Usage Information
We automatically collect certain information including IP addresses, browser type, device information, pages visited, and feature usage patterns to improve our Service.
3. Legal Basis for Processing
Under POPIA, we process your personal information based on:
Contract: To fulfill our agreement to provide the Service to you
Legitimate Interest: To improve our Service, prevent fraud, and communicate with you
Legal Obligation: To comply with applicable laws and regulations
Consent: For marketing communications, which you can opt out of at any time
4. How We Use Your Information
We use your information to:
Provide, maintain, and improve the Service
Process payments and manage subscriptions
Send transactional emails (account verification, password resets, invoices)
Provide customer support
Analyze usage patterns to improve user experience
Detect and prevent fraud or security threats
Comply with legal obligations
5. Data Sharing and Third Parties
We share your information only with:
Payment Processor (Paystack)
To process subscription payments. Paystack is PCI-DSS compliant and processes data in accordance with their privacy policy.
Cloud Infrastructure Providers
We use secure cloud hosting services to store and process data. These providers maintain industry-standard security certifications.
Email Service Providers
To send transactional and marketing emails on our behalf.
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
6. Multi-Tenant Data Isolation
RepairMate uses a multi-tenant architecture where each Subscriber's data is logically isolated in its own Tenant. Your Tenant Data is never accessible to other Subscribers. We implement strict database-level isolation and access controls to ensure data separation.
7. Data Retention
Active Accounts: We retain your data for as long as your account is active or as needed to provide the Service.
Cancelled Accounts: After subscription cancellation, we retain your data for 30 days to allow for reactivation or data export, after which it is permanently deleted.
Legal Requirements: We may retain certain data longer if required by law or for legitimate business purposes (e.g., resolving disputes).
8. Your Rights Under POPIA
As a data subject, you have the right to:
Access: Request a copy of your personal information we hold
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information (subject to legal requirements)
Objection: Object to processing of your information for direct marketing
Portability: Request your data in a structured, machine-readable format
Complaint: Lodge a complaint with the Information Regulator of South Africa
To exercise these rights, contact us at admin@devmetrix.co.za.
9. Cookies and Tracking
We use essential cookies to:
Maintain your login session
Remember your preferences
Ensure security and prevent fraud
These cookies are strictly necessary for the Service to function and cannot be disabled.
10. Data Security
We implement appropriate technical and organizational measures to protect your data, including:
Encryption of data in transit (TLS/SSL) and at rest
Secure password hashing
Regular security assessments and updates
Access controls and audit logging
Secure cloud infrastructure
11. International Transfers
Your data may be transferred to and processed in countries outside South Africa where our service providers operate. When we transfer data internationally, we ensure adequate safeguards are in place in compliance with POPIA requirements.
12. Children's Privacy
The Service is intended for business use and is not directed to children under 18. We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us immediately.
13. Information Officer
Our designated Information Officer can be contacted at admin@devmetrix.co.za for any privacy-related inquiries or to exercise your rights under POPIA.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service at least 30 days before they take effect. Your continued use of the Service after the changes take effect constitutes acceptance of the updated policy.
15. Contact Us
For questions or concerns about this Privacy Policy or our data practices, please contact us at: