Privacy Policy

Effective date: 1 June 2026 · Last updated: 1 June 2026

iNRECO ("we", "us", "our") is committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA"). This Privacy Policy explains how we collect, use, store, and protect personal information when you use DomestiSure.

1. Information We Collect

We collect the following categories of personal information:

• From household employers: name, email address, contact number, physical and postal address, account credentials, UIF/PAYE/COIDA reference numbers.
• From domestic worker records entered by employers: full name, ID number, employment start date, wage details, leave records, banking details (for payslips), and next-of-kin information.
• Technical data: IP addresses, browser type, device information, and usage logs for security and performance purposes.

2. Purpose of Processing

• To provide and maintain the DomestiSure service
• To generate payslips, contracts, UIF and COIDA declarations on your behalf
• To communicate with you regarding your account
• To comply with our legal obligations
• To improve the App's functionality and user experience

3. Lawful Basis for Processing

• Performance of a contract — to provide the services you have requested
• Legitimate interests — to maintain security, prevent fraud, and improve our services
• Legal obligation — where processing is required by law
• Consent — where you have given explicit consent

4. Domestic Worker Information

You, as the household employer and account holder, are the responsible party under POPIA for the personal information of your domestic worker(s) that you enter into the App. iNRECO acts as an operator processing that information on your behalf. You must ensure that your domestic worker(s) are aware that their information is being processed and for what purpose.

5. Cookies & Local Storage

We use browser local storage to keep you signed in (the Supabase auth session token). We do not use third-party advertising cookies or tracking pixels. Clearing your browser storage will sign you out.

6. Sub-processors

We rely on the following operators to deliver the service. Each is contractually bound to confidentiality and POPIA-equivalent obligations:

• Lovable Cloud / Supabase — database, authentication and file hosting.
• PayFast — payment processing for paid plans. Card details are entered on PayFast's site and never reach our servers.

7. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We may share information with:

• Trusted service providers who assist us in operating the App (subject to confidentiality obligations)
• Law enforcement or regulatory authorities where required by law
• Professional advisers such as auditors or attorneys, subject to confidentiality

8. Data Retention

We retain your personal information for as long as your account is active or as required to fulfil the purposes set out in this Policy, and thereafter for as long as required by applicable law. You may request deletion of your account and associated data at any time by contacting us at info@inreco.co.za.

9. Security

We implement appropriate technical and organisational measures to protect personal information against unauthorised access, loss, destruction, or alteration, including row-level security, encrypted transport (TLS), encrypted credentials at rest, and password strength checks against the Have I Been Pwned database. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

10. Your Rights

Under POPIA, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your information (subject to legal retention requirements)
• Object to the processing of your information
• Lodge a complaint with the Information Regulator of South Africa

To exercise any of these rights, contact us at info@inreco.co.za or +27 84 402 7029 on WhatsApp.

11. Information Regulator

If you believe we have not handled your personal information in accordance with POPIA, you may contact the Information Regulator of South Africa at inforeg@justice.gov.za.

12. Changes to this Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date at the top of this document. Continued use of the App constitutes acceptance of the revised Policy.