Capitec app privacy notice

We will only collect your information in line with relevant regulations, laws and any applicable guidelines of any competent authority. The information we collect, and process could include:

• Personal details, for example, your name, surname, previous names/surnames, gender, date of birth, occupation, or similar information of your registered entity;
• Information concerning your identity, for example, an identification number for instance your South African ID number, Passport number, Registration number, Tax Identification number, Photographic identification (selfie) for authentication purposes;
• Contact details, for example, your home/work/postal/email addresses and telephone or cell phone numbers;
• Demographic information, for example, your gender and/or marital status, your race or ethnicity, or health-related information for insurance purposes;
• Credit bureau information, for example, data held at a registered credit bureau;
• Transactional behaviour data, for example, data about how you interact with our products and services and the actions you perform in relation to any Capitec service or product;
• User login data, for example, your login credentials for the Capitec App and an userID at the time of login;
• Location information, for example, the geographic location at the time of using the Capitec App, your IP address; and
• Financial information, for example bank account details.

Depending on the products and services that you use, we may also collect or generate the following information about you:

• Information about the devices you use to access the Capitec App, including the device identifiers and network information, for example, Internet Protocol (“IP”) address.
• Information about how mobile applications on your device interact with the Capitec App for security and fraud purposes, for example, installed applications, app launches, taps, clicks, scrolling information, or other information about how the user interacts with the Capitec App.
• We collect data and information on your device to allow us to secure your communication with Capitec and prevent fraud. This data includes information about your device, network connection, and current call status while using the Capitec App.
• Diagnostic data for example crash logs, and app performance data that help us to troubleshoot and monitor the performance of the app.

We will only process your personal information where we have a lawful reason for doing so and on a justifiable ground.

• Entering into or performance of a contract

We need to process your personal information to carry out the obligations of our agreement with you. This includes all the processing and pre-assessment activities that are required to enable us to sign you up for one or more of our Capitec products or services and managing the client relationship for the duration of the agreement and as required after termination of the client relationship.

To use some of our services, we need to confirm you are in South Africa. This is due to legal and app store requirements. For example, we need your location to let you play Lotto on our Capitec App and to accept payments with our Merchant Device. We also use location services to monitor for fraud and risk. You might need to allow the Capitec App to access your location while using it. We will never monitor or track your location other than during your use of the Capitec App.

• Compliance with Law and Regulatory Compliance Obligations

We may need to process your personal information to comply with specific legal obligations. We operate in a highly regulated environment of banking, insurance, financial services, credit and other goods and services, which means that there are several laws, regulations and directives that require us to perform certain processing activities (for example, FICA, the Income Tax Act, the VAT Act).

This may include using your personal information to help detect or prevent crime (including terrorism financing, money laundering and other financial crimes). We will only do this on the basis that it’s needed to comply with a legal obligation or it’s in our legitimate interests and/or that of others.

• Product and Service Improvement and Development

We may use your personal information as a Capitec client to personalise existing and new products and services to benefit you. Our analysis includes data analytics, statistical or other analysis and profiling to better understand how you use our services, and to respond to any service issues you may have. You can opt out of this personal information usage at any time for direct marketing and personalised offers by changing the consent settings and communication preferences on your app or through the client care centre.

Opting out of direct marketing or personalised offers will only opt you out of product offer communications based on consent and not where the processing of your personal information is necessary when required by law or when required to carry out the obligations of an agreement we have with you. Where the processing of your personal information is required by law or when carrying out the obligations of an agreement, you cannot opt out of this communication.

Where you have consented to us doing so:

• We may analyse the type of transactions you perform to provide you with personalised offers to improve existing and create new products that could benefit you. (Personalised offers)
• We may send you our latest offers and products through electronic communication. (Direct Marketing)
• We may send you financial educational information to assist you in improving your financial life.

These services aim to keep you informed about and offer you new products, services and benefits that help you to live better, but also to educate you about good financial behaviours based on your previous actions or needs.

The Capitec App does not share your personal information collected when using the Capitec App with any third parties through e.g. third party libraries or SDK. As an organisation your data is processed on our infrastructure from the Capitec App, after which it may be processed on our behalf by our contracted operators.   

We retain your information in line with the required regulations. You can exercise your POPIA rights related to the retention of your personal information at any time here.

We will take the appropriate, reasonable, technical and organisational steps to protect your personal information in line with industry best practices. This includes, for example:

• We ensure that known threats are accounted for. We have implemented administrative, technical, personnel and physical measures to protect your personal information against loss, theft, access, and unauthorised use or changes.
• We have implemented appropriate security controls to prevent the processing of your personal information from being accidentally or deliberately compromised. This includes physical and organisational security measures for example, restricted user access, responsible information handling, malware controls, encryption or obfuscation or masking, vulnerability, and penetration testing.
• We always use secure methods of transfer when storing or sharing your personal information.
• Only approved Capitec employees or consultants acting on behalf of Capitec are allowed access to your personal information to perform their daily tasks for Capitec.
• We ensure that if we do share your personal information with third parties, the necessary safeguards, written agreements, and due diligence are in place to protect your personal information.

We regularly review our practices to make sure your personal information is safe and used responsibly. Sometimes, we may need to update our data privacy policies. This may affect clauses in our contracts or terms and condition. If we do, we’ll let you know by posting a notice on our website or the Capitec App, or through another communication method. These notices will show what changes we made and when they start.