Braiya Logo

Privacy Policy

Last Updated: January 15, 2025

At Braiya, we understand that managing your financial data requires the highest level of trust and transparency. This comprehensive privacy policy explains how we collect, use, protect, and manage your personal information when you use our debt management platform and related services. We believe you have the right to know exactly what happens with your data.

Information We Collect

When you engage with our debt management services, we collect several types of information to provide you with personalized financial guidance and support. This includes both information you directly provide and data we gather through your interactions with our platform.

Personal Information

  • Contact details including full name, email address, phone number, and residential address
  • Financial information such as income details, debt obligations, and credit history
  • Employment information including employer details and job stability factors
  • Banking information necessary for debt management plan implementation
  • Government-issued identification numbers as required by South African financial regulations

Usage and Technical Data

  • Website navigation patterns and feature usage statistics
  • Device information including IP address, browser type, and operating system
  • Session data and interaction timestamps for security and optimization purposes
  • Communication records between you and our financial advisors

How We Use Your Information

Your personal data serves specific purposes within our debt management ecosystem. We never use your information for purposes beyond what's necessary to provide our financial services and maintain regulatory compliance.

  • Creating and managing personalized debt management strategies tailored to your financial situation
  • Communicating with creditors and financial institutions on your behalf
  • Providing ongoing financial education and support through our learning programs
  • Monitoring your progress and adjusting strategies as your circumstances change
  • Complying with South African financial services regulations and reporting requirements
  • Improving our platform functionality and developing new debt management tools
  • Sending relevant updates about your debt management plan and important financial information

We never sell your personal information to third parties or use it for marketing purposes unrelated to your debt management journey.

Data Sharing and Third Parties

While we prioritize keeping your information secure within our organization, certain aspects of debt management require sharing specific data with authorized parties. All data sharing occurs under strict confidentiality agreements and regulatory oversight.

Authorized Financial Partners

We work with licensed financial institutions and credit bureaus to negotiate payment terms and update your credit status. These partners receive only the minimum information necessary to fulfill their specific role in your debt management plan.

Legal and Regulatory Requirements

South African financial regulations require us to share certain information with regulatory bodies including the National Credit Regulator and Financial Intelligence Centre when specific circumstances arise. We notify you of such disclosures whenever legally permitted.

Service Providers

Our technology infrastructure relies on carefully vetted service providers for data hosting, security monitoring, and communication systems. All providers operate under comprehensive data protection agreements that meet international security standards.

Your Privacy Rights

As a Braiya client, you maintain significant control over your personal information. These rights ensure you can make informed decisions about your data throughout your debt management journey.

  • Access your complete personal data file and understand how it's being used
  • Request corrections to inaccurate or outdated information in your profile
  • Withdraw consent for specific data processing activities where legally permissible
  • Request data portability to transfer your information to another service provider
  • Receive notifications about significant changes to how we handle your data
  • Lodge complaints with our privacy officer or relevant regulatory authorities

Some rights may be limited by ongoing legal obligations related to your debt management plan or South African financial regulations.

Data Security and Protection

Protecting your financial information requires multiple layers of security technology and operational procedures. We invest significantly in maintaining state-of-the-art protection systems.

Technical Safeguards

  • End-to-end encryption for all data transmission and storage
  • Multi-factor authentication for all user accounts and staff access
  • Regular security audits and penetration testing by independent firms
  • Automated monitoring systems that detect and respond to potential threats
  • Secure data centers with physical access controls and environmental monitoring

Operational Security

  • Comprehensive staff training on data protection and privacy procedures
  • Role-based access controls ensuring employees only access necessary information
  • Regular backup procedures with secure offsite storage and recovery testing
  • Incident response protocols for immediate action during security events

Data Retention and Deletion

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy and meet our legal obligations under South African law.

Retention Periods

  • Active debt management records: Duration of your plan plus 5 years
  • Financial transaction records: 7 years as required by tax and financial regulations
  • Communication records: 3 years from last contact for service quality purposes
  • Marketing preferences and website analytics: 2 years from last activity

When retention periods expire, we securely delete or anonymize your information using industry-standard data destruction methods. You can request early deletion of certain data types, subject to regulatory requirements and ongoing service obligations.

International Data Transfers

While we primarily store and process data within South Africa, certain technical services may involve international transfers to countries with adequate data protection standards. All international transfers occur under approved legal frameworks including adequacy decisions or appropriate safeguards such as standard contractual clauses.

We never transfer sensitive financial data to countries without adequate protection mechanisms, and all international service providers must meet our stringent security and privacy requirements.

Cookies and Website Analytics

Our website uses essential cookies to provide secure login functionality and remember your preferences. We also use analytics cookies to understand how visitors use our site and identify areas for improvement.

  • Essential cookies for login sessions and security features (cannot be disabled)
  • Preference cookies to remember your settings and customizations
  • Analytics cookies to measure website performance and user experience
  • Security cookies to detect fraudulent activity and protect your account

You can control non-essential cookies through your browser settings, though this may affect certain website functionality. We provide clear information about cookie purposes and obtain consent where required.

Children's Privacy

Our debt management services are designed for adults who can enter into financial agreements. We do not knowingly collect personal information from individuals under 18 years of age. If we discover that we have inadvertently collected such information, we will promptly delete it from our systems.

Parents or guardians who believe their child has provided us with personal information should contact us immediately using the details provided below.

Privacy Policy Updates

We review and update this privacy policy regularly to reflect changes in our services, technology, and regulatory requirements. Significant changes will be communicated through email notifications and prominent website notices at least 30 days before implementation.

Your continued use of our services after policy updates indicates acceptance of the revised terms. However, we will seek explicit consent for any changes that materially expand how we use your personal information.

Contact Our Privacy Team

For privacy-related questions, concerns, or to exercise your rights, contact us at:

Privacy Officer - Braiya
Lilyfontein Private School, Brakfontein
East London, 5259, South Africa

Email: info@quentavara.sbs
Phone: +27 82 827 8321

We respond to all privacy inquiries within 5 business days and provide resolution within 30 days where possible.