T
TaxxsaBack to Home

Privacy Policy

Last Updated: 21 November 2025

1. Introduction

This Privacy Policy describes how Taxxsa ("Taxxsa", "we", "us" or "our") collects, uses, and shares your personal information when you use:

  • Our website at taxxsa.com
  • Our WhatsApp-based AI assistant and related tools (the "Service").

We are committed to protecting your personal information and your right to privacy. We process personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) and other applicable South African laws.

If you have any questions about this Privacy Policy or our privacy practices, please contact us at support@taxxsa.com

2. Information We Collect

We collect information that you provide to us directly, that is generated through your use of the Service, and that we receive from third parties.

2.1 Information You Provide to Us

When you use Taxxsa, you may provide:

Account and contact information

  • Name and surname
  • Email address
  • Mobile number (including WhatsApp number)
  • Business name and registered details
  • Business address and contact details

Business and invoicing information

  • Client names, contact details and addresses
  • Invoice line items (descriptions of goods/services)
  • Invoice amounts, payment terms, due dates
  • Internal reference numbers or notes you provide
  • Tax-related identifiers you choose to store (e.g. VAT number, company registration number)

Communications and support

  • Messages you send to our WhatsApp bot
  • Emails or support requests you send us
  • Feedback, queries and complaints

You should not include unnecessary sensitive information in invoice descriptions or free-text fields.

2.2 Information Automatically Collected

When you access or use the Service, we may automatically collect:

Usage information

  • Interactions with our WhatsApp assistant (message timestamps, flows followed, errors encountered)
  • How you interact with our website (pages viewed, time on page, clicks)

Device and technical information (primarily from the website)

  • IP address
  • Browser type and version
  • Device type and operating system

Cookies and similar technologies (website only)

We may use cookies or similar technologies to maintain sessions, improve performance, and understand usage patterns.

2.3 Information from Third Parties

We may receive information from:

  • WhatsApp / Meta Platforms – limited technical and routing information required to deliver messages. We do not control how WhatsApp processes your WhatsApp account data. Their use of your data is governed by WhatsApp's own terms and privacy policy.
  • Payment service providers – limited details about payment status, payment method (e.g. card type, last four digits), and transaction IDs.
  • Cloud hosting and analytics providers – aggregated or pseudonymised usage analytics.

3. How We Use Your Information

We use your information for the following purposes:

3.1 Providing and Operating the Service

  • Creating and managing your Taxxsa account (if applicable)
  • Generating, formatting and storing invoices and related records
  • Sending you and your clients invoice-related messages via WhatsApp or other channels you select
  • Maintaining logs and records required for the proper functioning of the Service
  • Providing customer support and answering your questions

3.2 Improving and Securing the Service

  • Monitoring and analysing usage to maintain and improve performance
  • Debugging issues and preventing errors
  • Training and fine-tuning internal systems and models (where legally permitted and in line with this Policy)
  • Detecting, preventing and responding to fraud, abuse and security incidents

3.3 Communication

  • Sending you service-related messages (e.g. feature updates, outage notices, security alerts)
  • Responding to your support requests and feedback
  • With your consent, sending you optional product updates, tips, or marketing communications (you may opt out at any time)

3.4 Legal and Compliance

  • Complying with applicable laws and regulations
  • Responding to lawful requests from regulators, law enforcement, or courts
  • Enforcing our Terms of Service and protecting our rights, property and users

4. Legal Basis for Processing

Where POPIA applies, we process personal information on one or more of the following grounds:

  • Your consent
  • Performance of a contract with you (e.g. providing the Service)
  • Compliance with a legal obligation (e.g. tax or accounting laws)
  • Legitimate interests that are not overridden by your privacy rights (e.g. securing our systems, improving our Service)

Where other laws apply (such as GDPR for EEA users), we rely on equivalent legal bases, including consent, contract performance, legal obligations and legitimate interests.

5. How We Share Your Information

We do not sell your personal information. We share it only as described below.

5.1 Service Providers ("Operators" under POPIA)

We share information with trusted third parties who assist us in operating the Service, such as:

  • Cloud hosting providers
  • WhatsApp Business Solution Providers (if used)
  • Payment processors
  • Analytics and error-logging services
  • Customer support tools

These providers are bound by contractual obligations to protect your information and use it only for the services they provide to us.

5.2 With Your Direction

We may share information when you explicitly direct us to do so, for example:

  • Sending invoices to the client contact details you provide
  • Exporting data or reports to a system or email address you specify

5.3 Legal and Safety

We may disclose information where we reasonably believe it is necessary to:

  • Comply with applicable law, regulation, or legal process
  • Respond to valid requests by public authorities
  • Protect the rights, property, or safety of Taxxsa, our users, or others

5.4 Business Transfers

If we are involved in a merger, acquisition, restructuring, or sale of assets, your information may be transferred as part of that transaction, subject to continued protection consistent with this Policy.

6. Data Retention

We retain personal information for as long as:

  • Your account is active or we are providing the Service to you;
  • It is reasonably necessary to fulfil the purposes described in this Policy;
  • It is required by applicable law (e.g. tax and accounting record-keeping obligations); or
  • It is necessary for legitimate business purposes (e.g. enforcing our rights, resolving disputes).

You may request that we delete certain information, subject to legal or contractual retention requirements.

7. International Data Transfers

We are based in South Africa, but we may store and process your information in other countries where our service providers operate.

Where we transfer personal information to another country, we take reasonable steps to ensure that it is afforded a level of protection substantially similar to that under POPIA, for example through:

  • Appropriate contractual safeguards; and
  • Working with reputable service providers who implement strong security measures.

8. Your Rights and Choices

Depending on applicable law (including POPIA and, where relevant, GDPR), you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Request deletion of your personal information (subject to legal retention obligations)
  • Object to or restrict certain types of processing
  • Withdraw consent where we rely on your consent
  • Lodge a complaint with a relevant data protection authority

To exercise your rights, please contact us at support@taxxsa.com. We may need to verify your identity before responding.

If you are in South Africa and believe your rights under POPIA have been infringed, you may lodge a complaint with the Information Regulator (South Africa) after first contacting us.

9. Data Security

We implement reasonable technical and organisational measures to protect your personal information, including:

  • Encryption of data in transit (e.g. HTTPS) and, where appropriate, at rest
  • Access controls and authentication
  • Monitoring and logging for security purposes
  • Regular security reviews and improvements

However, no system is completely secure. You are responsible for safeguarding your own devices and WhatsApp account.

10. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided personal information, we will take reasonable steps to delete it.

11. Third-Party Services and Links

Our Service may interact with or contain links to third-party services, including WhatsApp and other Meta products. We do not control the privacy practices of these third parties, and their policies govern their use of your data.

We encourage you to review WhatsApp's and any other third party's privacy policies before using their services.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

  • We will update the "Last Updated" date at the top of this page; and
  • Where appropriate, we may provide additional notice (for example via email or a prominent notice in the Service).

Your continued use of the Service after we publish changes will constitute your acceptance of the updated Policy.

13. Contact Us

If you have any questions, concerns or requests regarding this Privacy Policy or our handling of your personal information, please contact:

Taxxsa

Email: support@taxxsa.com