This Privacy Policy explains how Takat (Pty) Ltd ("MeetMica", "we", "us", "our") collects, uses, shares and protects personal information when you use the MeetMica platform at meetmica.com (the "Service").
We are committed to complying with the Protection of Personal Information Act, 2013 ("POPIA") and, where applicable, the EU General Data Protection Regulation ("GDPR").
1. Who we are
Registration number: 2015/294016/07
Registered in the Republic of South Africa
Information Officer: Antoine Paillusseau
Contact: privacy@meetmica.com
2. Scope of this Policy
This Policy applies to personal information we process about:
- Broker Users — licensed insurance professionals and their colleagues who hold a MeetMica account
- Website Visitors — anyone visiting meetmica.com
- Prospects and Recipients — individuals contacted via demos, sales or marketing
It does not cover personal information of insurance policyholders or end-clients that Broker Users process through MeetMica. For that data, the Broker User is the Responsible Party / Controller and MeetMica acts as their Operator / Processor. See our Data Processing Agreement for those terms.
3. What information we collect
3.1 Account information
Name, work email address, mobile number, company name, role, FSP licence details where applicable, and password (stored hashed).
3.2 Usage information
Login timestamps, IP address, browser type, device identifiers, pages visited, feature interactions and API request logs.
3.3 Communications
Messages you send to us via support channels, email, WhatsApp or in-app chat.
3.4 Billing information
Where applicable: billing contact details and payment metadata. We do not store full payment card details — these are handled by our payment processor.
3.5 Cookies and similar technologies
Essential cookies for authentication and session management. Analytics cookies (opt-in). See section 11.
4. Why we collect it (purpose and lawful basis)
| Purpose | Lawful basis under POPIA |
|---|---|
| Providing the Service to you | Performance of a contract (s11(1)(b)) |
| Account management, support, billing | Performance of a contract (s11(1)(b)) |
| Service security, fraud prevention, audit logs | Legitimate interest of the Responsible Party (s11(1)(f)) |
| Service improvement and product analytics | Legitimate interest (s11(1)(f)) |
| Compliance with legal obligations | Legal obligation (s11(1)(c)) |
| Marketing communications | Consent (s11(1)(a)), withdrawable at any time |
We will not use your information for any new purpose without first informing you and, where required, obtaining your consent.
5. Where we get the information
We collect information directly from you when you sign up, use the Service, contact us, or otherwise interact with us. We may also receive limited information from:
- Single sign-on providers you choose to use (e.g. Google)
- Business contact databases and publicly available sources (for B2B prospecting)
- Referral partners who introduce you to MeetMica
6. Whether providing information is voluntary
Most information is provided voluntarily. However, providing your account information is mandatory to use the Service — without it, we cannot create or operate your account.
7. Who we share it with
We share personal information only as described below. We do not sell personal information.
7.1 Sub-processors
We use trusted third-party service providers ("Operators" under POPIA) to deliver the Service. They process personal information only on our documented instructions and under written agreements that impose POPIA and, where relevant, GDPR-grade safeguards. The current list of sub-processors is published at meetmica.com/subprocessors.
7.2 Professional advisors
Our auditors, lawyers and insurers, bound by confidentiality.
7.3 Authorities
Where required by law, court order or to protect our legal rights.
7.4 Business transfers
In the event of a merger, acquisition or sale of assets, subject to confidentiality and continuity of this Policy.
8. Cross-border transfers
Some of our sub-processors are located outside the Republic of South Africa, including in the European Union, the United Kingdom and the United States.
Where we transfer personal information outside South Africa, we do so on one or more of the following bases under POPIA s72:
- The recipient is subject to a law, binding corporate rules or binding agreement providing an adequate level of protection
- The transfer is necessary for the performance of a contract with you
- You have consented to the transfer
For transfers from the European Economic Area, we rely on the EU Standard Contractual Clauses or equivalent safeguards where required.
9. How long we keep it
We keep personal information only as long as necessary for the purposes set out in this Policy, including to satisfy legal, accounting or reporting requirements.
| Category | Retention |
|---|---|
| Active account data | Duration of the account + 90 days |
| Billing and tax records | 5 years (as required by SARS / Companies Act) |
| Support correspondence | 3 years |
| Marketing consents | Until withdrawn + 12 months audit trail |
| Backups | Rolling cycle, max 35 days |
On account closure, we delete or de-identify personal information within 90 days unless retention is required by law.
10. Security
We apply technical and organisational measures appropriate to the risk, including encryption in transit and at rest, role-based access controls, multi-factor authentication for staff, audit logging and incident response procedures. See our Security page for an overview.
No system can be guaranteed 100% secure. If a security compromise occurs, we will notify the Information Regulator and affected data subjects as soon as reasonably possible, in line with POPIA s22.
11. Cookies
We use:
- Strictly necessary cookies — for authentication, session integrity and security. These cannot be disabled.
- Analytics cookies — to understand how the Service is used. Only set with your consent.
You can manage your cookie preferences at any time via the cookie banner or your browser settings.
12. Your rights under POPIA
You have the right to:
- Be informed about how we process your personal information (this Policy)
- Access the personal information we hold about you
- Correct or delete information that is inaccurate, irrelevant, excessive, out-of-date, incomplete, misleading or unlawfully obtained
- Object to processing, on reasonable grounds, in certain circumstances
- Object to direct marketing at any time, free of charge
- Withdraw consent where processing is based on consent
- Not be subject to a decision based solely on automated processing that has legal consequences for you
- Lodge a complaint with the Information Regulator
To exercise any of these rights, email privacy@meetmica.com. We will respond within a reasonable time, normally 30 days. We may need to verify your identity before acting on a request.
Information Regulator (South Africa)
complaints.IR@justice.gov.za
inforegulator.org.za
EU residents
If you are in the EEA or UK, you also have rights under the GDPR / UK GDPR, including the right to lodge a complaint with your local supervisory authority.
13. Children
The Service is intended for use by professional insurance brokers and is not directed at persons under 18. We do not knowingly collect personal information from children. If you believe we have, contact us at privacy@meetmica.com.
14. Marketing communications
We send service emails (account, billing, security) regardless of marketing preferences — these are necessary for operating your account.
Marketing emails are sent only with your consent. You can unsubscribe at any time via the link in each email or by emailing privacy@meetmica.com.
15. Changes to this Policy
We may update this Policy from time to time. Material changes will be notified by email or via prominent notice in the Service at least 14 days before they take effect. The "Last updated" date at the top reflects the latest version.
16. Contact us
Email: privacy@meetmica.com
Information Officer: Antoine Paillusseau
Postal: Takat (Pty) Ltd, REVIEW: registered address
MeetMica is a product of Takat (Pty) Ltd, Reg. 2015/294016/07.