Privacy Policy

We collect different types of information to provide and improve our services:

Data Type	Information Collected
Account Information	Name, email address, username, encrypted password, profile image
Transactional Data	Credit purchases, top-ups, search history, account activity logs
Device & Log Data	IP address, browser type, operating system, pages accessed, timestamps
Verification Data	OTP verification codes, verification timestamps, verification status
Phone Number	Mobile number for SMS OTP verification (required for search functionality)
Optional Data	Third-party login data (Google, Facebook) if you choose to use social login
Currency Preference	Your preferred display currency (22+ currencies supported)

We use the information we collect for the following purposes:

• Account Management: To create and manage your account, and provide our services
• Payment Processing: To process credit purchases and allocate credits to your account
• Identity Verification: To verify your identity via OTP and email verification
• Service Improvement: To improve site functionality and customer experience
• Communication: To send important service updates and notifications
• Security: To prevent fraud, abuse, and misuse of the platform
• Legal Compliance: To comply with applicable laws and regulations

Your financial security is our priority. Here's how we handle payment data:

• Payment transactions are processed securely via PayFast and Stripe
• We do not store credit card numbers, CVV codes, or banking details on our servers
• PayFast and Stripe handle all sensitive financial data in compliance with PCI-DSS standards
• We only receive confirmation of successful payments from payment processors
• In-app purchases redirect to our secure website for payment processing

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for the website to function properly (login sessions, security)
• Analytics Cookies: Help us understand how visitors interact with our website (Google Analytics)
• Preference Cookies: Remember your settings and preferences

You can manage cookie preferences in your browser settings. However, disabling essential cookies may affect the functionality of our website.

We implement robust security measures to protect your data:

• Encryption: All data transmission is encrypted using SSL/TLS technology
• Password Hashing: Passwords are securely hashed using industry-standard algorithms
• Access Controls: Strict access controls limit who can access your data
• Activity Logging: Sensitive actions are logged for security monitoring
• Regular Audits: We conduct regular security assessments of our systems

We retain your personal data for as long as necessary to provide our services:

• Active Accounts: Data is retained while your account remains active
• Inactive Accounts: May be archived or deleted after extended periods of inactivity
• Transaction Records: Kept for legal and accounting purposes as required by law
• Deletion Requests: Processed within 7 business days upon valid request

You can request deletion of your account and personal data at any time by contacting our support team.

Under the Protection of Personal Information Act (POPIA), you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Deletion: Request deletion of your personal data
• Right to Object: Object to certain processing of your data
• Right to Withdraw Consent: Withdraw consent for data processing at any time
• Right to Complaint: Lodge a complaint with the Information Regulator

To exercise any of these rights, please contact us using the details provided below.

We may disclose your personal information in the following circumstances:

• To comply with a legal obligation, court order, or government request
• To protect and defend the rights, property, or safety of PGM Recycling
• To prevent or investigate possible wrongdoing in connection with our services
• To protect the personal safety of users or the public

Our mobile application (available on iOS App Store and Google Play Store) collects and processes data as described in this policy. Additional app-specific information:

10.1 App Permissions

Permission	Purpose	Required
Camera	Scan part reference numbers using your device camera	Optional
Internet	Fetch live prices, search, sync cart and account data	Yes
Local Storage	Store login token, currency preference, and settings on device	Yes

10.2 Data Stored Locally on Device

• Authentication Token: Keeps you logged in securely (encrypted, expires after 365 days)
• Currency Preference: Your selected display currency
• Price Adjustment: Your custom pricing percentage (PRO users)

All locally stored data is cleared when you log out or uninstall the app.

10.3 Push Notifications

We may send push notifications for price alerts, credit balance updates, promotions, and new features. You can disable notifications at any time through your device settings (iOS: Settings > Notifications > PGM Recycling, Android: Settings > Apps > PGM Recycling > Notifications).

10.4 App Version Checking

The app periodically checks for available updates to ensure you have the latest features and security patches. This sends your current app version and device platform (iOS/Android) to our server. No personal data is included in this check.

We use the following third-party services to provide our platform. Each service processes data under its own privacy policy:

Service	Purpose	Data Shared
Google OAuth	Social sign-in (website & app)	Email, name, profile picture
Facebook Login	Social sign-in (website & app)	Email, name, profile picture
PayFast	Credit purchase payments	Email, transaction amount
Stripe	Credit purchase payments	Email, transaction amount
BulkSMS	Phone number verification (OTP)	Phone number only
CloudFlare	Security, DDoS protection, CDN	IP address, browser headers
Metals-API	Live precious metal prices	None (server-side only)
Expo / EAS	Mobile app distribution & updates	Device type, app version

Our Service is intended for users aged 18 years and older. We do not knowingly collect personal information from children under the age of 18.

If we become aware that we have collected personal data from a child under 18 without parental consent, we will take steps to delete that information as quickly as possible.

If you believe a child under 18 has provided us with personal information, please contact us at [email protected].

You have the right to request complete deletion of your account and all associated personal data.

How to request data deletion:

• 送信 an email to [email protected] with the subject line "Data Deletion Request"
• Include the email address associated with your account
• We will process your request within 7 business days

What gets deleted:

• Account information (name, email, phone number, password)
• 検索 history and credit transaction records
• Cart 件s and saved preferences
• Authentication tokens and session data

What may be retained:

• Transaction records required by South African tax law (up to 5 years)
• Anonymized usage statistics that cannot identify you