Privacy Policy

When you interact with our WhatsApp messaging platform — or when your contact details are shared with us — we may collect the following categories of personal information:

• Contact information: WhatsApp phone numbers and display names
• Message content: Text messages, images, documents, audio, and video files sent to or received from our business WhatsApp number
• Media metadata: File type, file size, and where present in image files, embedded EXIF data including GPS location coordinates
• Communication metadata: Timestamps, message delivery status, and conversation identifiers
• Device and network information: Data provided automatically by the WhatsApp platform via Meta's Cloud API

We do not collect sensitive personal information (as defined under POPIA) unless strictly necessary and with appropriate consent.

We use the personal information we collect for the following purposes:

• To facilitate and manage communication between MQ Tech and its clients or contacts via WhatsApp
• To maintain records of business communications for operational, legal, and compliance purposes
• To process and respond to enquiries, requests, or documents submitted through our WhatsApp channel
• To improve and maintain the security, reliability, and functionality of our internal systems
• To comply with applicable legal and regulatory obligations

Under POPIA, we process personal information on the following grounds:

• Contractual necessity: Processing required to fulfil a service agreement or pre-contractual obligation with you or your organisation
• Legitimate interests: Processing necessary for our legitimate business interests, where these are not overridden by your rights and interests
• Legal obligation: Processing required to comply with a legal or regulatory requirement
• Consent: Where you have voluntarily provided information by initiating communication with us via WhatsApp

We do not share your personal information with third parties except in the following limited circumstances:

• Service providers: We use Meta Platforms, Inc. (Meta) as our WhatsApp messaging infrastructure provider. Messages transit Meta's Cloud API. Meta's own privacy policy governs their handling of this data.
• Legal requirements: We may disclose personal information where required to do so by law, court order, or regulatory authority.
• Business transfers: In the event of a merger, acquisition, or sale of assets, personal information may be transferred subject to equivalent privacy protections.

All third-party service providers are contractually obligated to handle personal information in a manner consistent with POPIA.

Your personal information is stored on secure, access-controlled servers located within our internal infrastructure. We implement appropriate technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, or destruction, including:

• Encrypted communications (TLS) between all system components
• Access controls and authentication requirements for all internal systems
• Regular security assessments of our platform infrastructure
• Audit logging of system access and data processing activities

While we take all reasonable precautions, no method of electronic storage or transmission is completely secure. We encourage you not to send highly sensitive information via WhatsApp messaging.

We retain personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law. Our general retention guidelines are:

• Message content and media: Retained for the duration of the business relationship plus a period of up to 5 years for legal and compliance purposes
• Contact records: Retained while the contact is active and for 12 months following the last interaction
• System logs: Retained for a maximum of 90 days for operational security purposes

Upon expiry of the applicable retention period, personal information is securely deleted or anonymised.

Under the Protection of Personal Information Act, you have the following rights in respect of your personal information:

• Right of access: You may request confirmation of whether we hold personal information about you and obtain a copy of that information
• Right to correction: You may request that we correct or update inaccurate or incomplete personal information
• Right to deletion: You may request that we delete your personal information, subject to our legal retention obligations
• Right to object: You may object to the processing of your personal information on grounds of legitimate interests
• Right to lodge a complaint: You have the right to lodge a complaint with the Information Regulator of South Africa if you believe your rights have been infringed

To exercise any of these rights, please contact our Information Officer using the details in Section 11. We will respond within 30 days of receiving your request.

Our WhatsApp platform integrates with the following third-party services. Each has its own privacy policy that governs their data practices:

• Meta Platforms, Inc. (WhatsApp Cloud API)
  Used to send and receive WhatsApp messages. Messages are processed through Meta's infrastructure. Refer to Meta's WhatsApp Privacy Policy.

We are not responsible for the privacy practices of third-party services and encourage you to review their policies independently.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the effective date at the top of this page.

We encourage you to review this policy periodically. Continued use of our services following any changes constitutes your acknowledgement of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact our Information Officer: