top of page

Privacy policy

PayDay (Pty) Ltd

Registration number: 2024/653418/07
Effective date: 29 April 2025 | Version: 3.0

 

This Privacy Policy explains how PayDay (Pty) Ltd (“PayDay”, “we”, “us”, “our”) collects, uses, discloses and protects personal information when you use the PayDay mobile application and related services, including Earned Wage Access (EWA), and when we interact with participating employers, service providers and other stakeholders. It is drafted for South African law, including the Protection of Personal Information Act, 4 of 2013 (POPIA) and the Promotion of Access to Information Act, 2 of 2000 (PAIA).

1. WHO WE ARE AND HOW TO CONTACT US

Controller: PayDay (Pty) Ltd. Physical address: Inanda Greens Business Park, Ground Floor, 54 Wierda Road West, Wierda Valley, Sandton. Primary email: notices@payday.fund | Information requests: notices@payday.fund

Information Regulator (South Africa): JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001 | PO Box 31533, Braamfontein, 2017 | Tel: +27 10 023 5200 | Email: enquiries@inforegulator.org.za | Website: https://inforegulator.org.za

2. WHAT THIS POLICY COVERS

This Policy applies to our processing of personal information relating to users (employees of participating employers), employer representatives, suppliers, and other persons interacting with PayDay. It covers our mobile application, in-app education modules, payments and disbursements (including PayShap transactions), referral partner usage, customer support, analytics and security activities.

3. TYPES OF PERSONAL INFORMATION WE PROCESS

We process identification and contact details; employment details and payroll data authorised by your employer (for example earnings-to-date, payroll number, bank account for disbursement, authorised deductions); transaction information relating to EWA withdrawals and repayments; device and usage information (including app telemetry, identifiers, and security logs); support correspondence and complaint records; and limited partner/referral redemption data where you engage with referral offers in-app.

4. WHERE WE COLLECT YOUR INFORMATION FROM

We collect information directly through the app and support channels; from your participating employer under an onboarding integration and your Payroll Deduction Authorisation; from payment and banking partners (including PayShap participants) for disbursement and settlement; from referral partners and participating merchants in respect of offers you redeem and any in-app purchases you make (for example transaction date and time, amount, discount applied, and merchant or spend category, but not your full card details); and from service providers operating our technology stack. We also generate information from your use of the app such as technical logs, usage metrics, interaction with education modules, and security signals.

5. PURPOSES FOR WHICH WE USE YOUR INFORMATION

We use personal information to verify identity and eligibility, calculate and provide EWA availability, process withdrawals and disbursements, reconcile payroll recoveries, provide customer support, deliver education modules, prevent fraud and misuse, maintain security and integrity of Our System, comply with law (including FICA/AML where relevant), conduct service analytics using aggregated or de-identified data where practicable, manage relationships with employers and service providers, and send required service and security notices. In addition, we use information about your referral redemptions and in-app purchases to understand spending patterns at a category level, to personalise and improve the referral marketplace and educational content, to measure offer effectiveness, and to detect potentially risky usage or abuse of promotions. We do not receive or process your full bank statements. Any profiling for personalisation relates to in-app offers and education only.

6. LEGAL JUSTIFICATION GROUNDS UNDER POPIA

We rely on one or more of the following justification grounds as contemplated in POPIA: your consent where required (for example certain optional features or marketing); processing necessary to conclude or perform in terms of the agreement with you; processing required by law; processing for a legitimate purpose of the responsible party or a third party that does not unfairly infringe your privacy; and where the information has been made public by you or is otherwise public as contemplated by POPIA.

7. SPECIAL PERSONAL INFORMATION AND CHILDREN

We do not intentionally collect Special Personal Information or information about children for EWA. If Special Personal Information is processed, it will be limited to circumstances permitted by POPIA (for example where required by law or with your explicit consent). The service is intended for adults in employment with participating employers.

8. MARKETING AND COMMUNICATIONS

We may send you service messages, security alerts and transactional notifications which are required for the app to function and cannot be opted out of. We may send optional promotional messages about new features or referral offers where allowed by law; you can manage these preferences in the app. If you unsubscribe from optional marketing, we will still send necessary service communications.

9. COOKIES, SDKs AND SIMILAR TECHNOLOGIES

The app and our websites may use cookies, SDKs and similar technologies for functionality, security and analytics. You can manage certain settings in your device or browser. Disabling some technologies may affect app performance.

10. DISCLOSURES AND SHARING

We may share personal information with: (a) participating employers for payroll recoveries and eligibility; (b) banking and payment partners, including PayShap participants, to process disbursements and settlements; (c) service providers acting as operators under contract to host, support and secure Our System; (d) regulators and law enforcement where required by law or to protect legitimate interests; and (e) referral partners only when you choose to engage with their offers, limited to what is necessary for redemption and support. We require operators to implement appropriate security and to process information only on our instructions.

11. TRANS-BORDER FLOWS

We may transfer personal information outside South Africa for hosting, support or processing by service providers. In such cases we will ensure an adequate level of protection as required by POPIA, using appropriate safeguards such as contracts incorporating recognised data protection commitments or by obtaining your consent where appropriate.

12. SECURITY

We implement reasonable and appropriate technical and organisational measures to protect personal information, including encryption in transit and at rest where applicable, multi-factor authentication, access controls, monitoring, and incident response. No system is entirely secure; however, we continually assess and improve our safeguards. You are responsible for protecting access to your device and credentials.

13. RETENTION

We retain personal information only for as long as necessary to fulfil the purposes set out in this Policy and to meet legal, accounting, reporting and audit requirements. Retention periods vary by record type and may be extended where required for the establishment, exercise or defence of legal claims.

If you delete your account, we will take steps to close or deactivate your account and delete, destroy or de-identify personal information associated with that account where it is no longer necessary for us to retain it. Certain information may continue to be retained after account deletion where this is necessary to comply with legal, accounting, reporting, audit or regulatory obligations, to complete outstanding transactions or payroll reconciliations, to prevent fraud or misuse, or to establish, exercise or defend legal claims. Once continued retention is no longer necessary or permitted, we will delete, destroy or de-identify the relevant personal information.

14. YOUR RIGHTS

You have rights under POPIA, including to request access to personal information we hold about you; to request correction, destruction or deletion where legally permissible; to object to certain processing; and to lodge a complaint with the Information Regulator. Requests should be submitted to the Information Officer using the procedures in our PAIA Manual.

15. ACCESS REQUESTS UNDER PAIA

Access requests should be made on the prescribed form and delivered to the Information Officer. Our PAIA Manual explains the process and applicable fees. Where a request relates to health or other sensitive records, we may apply the safeguards contemplated in PAIA.

16. CHILDREN’S INFORMATION

Our services are not directed at children. If we become aware that we have collected personal information of a child in contravention of POPIA, we will take steps to delete such information unless a justification ground applies.

17. CHANGES TO THIS POLICY

We may update this Policy from time to time. The latest version will be available in the app. Where changes materially affect your rights, we will notify you through the app or by email. If you continue to use the app after the effective date of changes, you will be deemed to have read and understood the updated Policy.

18. CONTACT AND COMPLAINTS

If you have questions about this Policy or our processing of personal information, please contact our Information Officer at notices@payday.fund. You may also lodge a complaint with the Information Regulator using the contact details above.

Ready to bring financial freedom to your workforce?

GET IN TOUCH

paydayfunddev@gmail.com
011 568 6629
Ground Floor, Andrews Building, Inanda Greens, 54 Wierda Rd W, Wierda Valley,

MAINTAINED BY:

SIVOXI®
AI-infused software. Built for you.
Copyright © 2025.  All Rights Reserved.

Pay Day is fully POPIA-aligned, operates under ISO 27001-certified controls, supports PCI-DSS for card-related functions, and provides immutable audit trails with enterprise-grade security and compliance documentation.

© 2025 PayDay. All rights reserved

bottom of page