Privacy Policy

Afritivity Privacy Notice

This privacy notice forms part of your agreement with Afritivity.

During our interactions, you share personal information with Flava Machines (Pty) Ltd, trading as Afritivity, registration number 2017/159198/07.

This notice tells you what to expect when we collect information from you and how we use it.

It is part of our agreement with you, and we may need to update it occasionally. When we do, we will inform you. You should read this notice along with our terms and conditions that apply to the products and services you use.

If you have any questions about this policy, please contact us by email at support@ativitygroup.com 

We collect your information:

We collect your information in the circumstances outlined below. Sometimes we are required by law to collect your information, for instance, if tax legislation forces us to collect personal information.

When you sign up for and / or implement products and services on our platform

We need some general information before we can enter into an agreement and you can begin to use system and online services.

We collect your:

  1. company name
  2. contact details
  3. VAT number
  4. banking details
  5. details related to your operating processes and offerings
  6. details contained in your company registration documents

We use this information to:

  1. load you on our services and configure the system
  2. communicate with you
  3. provide training
  4. process orders
  5. provide your offerings to clients via afritivity.com
  6. provide support
  7. send you statements, receipts, invoices or any other legal documents that relate to your transaction
  8. fulfill our legal obligation to use or disclose your information
Legal basis for processing:Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. In other instances, we are required by law to collect your information, for instance tax legislation forces us to collect personal information.

When you use our service

In order for our service to function properly, ‘customer data’ is generated and collected. This includes your, and your clients’ personal information. We collect your clients’ names, contact details, and details about their bookings.

We use customer data to process bookings and reservations on our reservation system and distribution service, to analyse and improve our services and to identify and solve problems where they may appear.

Legal basis for processing:Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you.

When you contact us, we collect information from your message

When you contact us by social media, email, our support service or telephone with a query, complaint, or request, we collect the information contained in your message. We use the information we collect to reply to, investigate, and resolve your query, complaint, or request.

Legal basis for processing:Data protection legislation allows us to process personal information when it is in our interest and we have chosen the least invasive way to process the information. It is in both our interest to reply to, investigate, and resolve your queries, complaints, and requests.

We use your information to send you our newsletter

We have a monthly newsletter that is delivered by email.

We’ll ask you whether you want to receive the newsletter, if you agree it is important that you know you can unsubscribe at any time by following the unsubscribe link at the bottom of the email or by contacting us.

Legal basis for processing:Data protection legislation allows us to process personal information when you have given us your express consent.

What about children’s information?

We do not knowingly collect the personal information of children without the consent of a parent or guardian.

We share your information with trusted service providers

We use service providers and suppliers who we trust to assist us in providing our services to you. They have agreed to keep your information secure and confidential, and to only use it for the purposes for which we have sent it to them.

We share your information with service providers when they help us to:

  1. store information
  2. process payments
  3. ensure you have access to the services you paid for
  4. deliver our newsletter
  5. help monitor the effectiveness of our promotions and advertising
  6. help us manage our business, for instance accountants and professional advisors.
  7. maintain our website
  8. find and fix errors and performance issues on our website

Sometimes we will be required by law to share your information. For instance, we may be required to share your information with the South African Fraud Prevention Services. We will not sell your information or share information with third parties for the purposes of direct marketing (we don’t like spam either).

We send your information to other countries

Some of the service providers that we use may be located in other countries; for instance, our cloud storage service. These countries may not have the same levels of protection of personal information as South Africa. If this is the case, we require that they undertake to protect the personal information of our customers to the same level that we do.

We don’t keep your information longer than we need to

We will not retain your information for longer than we need to, unless we are legally required to do so. Most of your personal information will be retained for 5 years from the date of your last transaction with us. However, we may keep your contact details for longer for marketing and mailer purposes.

We have taken reasonable steps to minimise the impact of a breach

We have implemented reasonable security measures based on the sensitivity of the information we hold. These measures are in place to protect the information from being disclosed, from loss, misuse, and unauthorised access, and from being altered or destroyed.

We regularly monitor our systems for possible vulnerabilities and attacks, but no system is perfect and we cannot guarantee that we will never experience breach of any of our physical, technical, or managerial safeguards. If something should happen, we have taken steps to minimise the threat to your privacy. We will let you know of any breaches that affect your personal information and inform you how you can help minimise the impact.

You also have a role to play in keeping your information secure. For example, you should never share personal information with us in an email, because while our servers are protected, it is still possible that email can be intercepted. Instead, contact the Afritivity support team at support@ativitygroup.com, and we will connect you to our information officer.

You have the right to be informed about the personal information we have, and what we do with it

You have the right to know what kind of personal information we have about you, to correct it, and to opt out of marketing.

You have the right to

  1. ask us what we know about you;
  2. ask what information was sent to our suppliers, service providers, or any other third party;
  3. ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you;
  4. unsubscribe from any direct marketing communications we may send you; and
  5. object to the processing of your personal information.

You can request access to the information we have about you, or correct your personal information by contacting our deputy information officer at support@ativitygroup.com. It can take us up to 21 days to respond to your request because there are procedures that we need to follow. In certain cases, we may require proof of your identity, and sometimes changes to your information may be subject to additional requirements such as valid proof of residence.

Your rights in terms of the GDPR:

If you are in the European Union, you have these rights in terms of the GDPR:

  1. The right to be informed about the collection and use of your personal information.
  2. The right to access your personal information. You may make such a request from us by contacting support@afritivity.com. We may take one month to respond to your request and may charge a fee in some circumstances. We will let you know if this is the case.
  3. You have a right to have inaccurate personal information corrected or completed if it is incomplete. You may make such a request from us by contacting support@afritivity.com. We may take one month to respond to your request and may refuse in certain circumstances.
  4. You have the right to have your personal information erased, also known as the ‘right to be forgotten’. You may make such a request from us by contacting support@afritivity.com. We may take one month to respond to your request and may refuse in certain circumstances.
  5. You have the right to request that we restrict or suppress your personal information. You may make such a request from us by contacting support@afritivity.com. We may take one month to respond to your request and may refuse in certain circumstances.
  6. You have the right to reuse your personal information for your own purposes across different services, also known as the right to data portability.
  7. You have the right to object to us processing your personal information in certain circumstances. You may make your objection by contacting support@afritivity.com. We may take one month to respond to your request. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.
  8. You have the right to complain to a supervisory authority in the Member State where you live or work, or where the infringement took place.
  9. You have the right to object to automated decision-making and profiling.
  10. You may ask that a human review any automated decisions that we make about you, express your point of view about it, and obtain an explanation of the decision. You may challenge any automated decision made about you by contacting support@afritivity.com. We may take one month to respond to your request.

POPIA Compliance & Protection of Personal Information

This section applies to users located in the Republic of South Africa and governs the processing of personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (“POPIA”).

1. Responsible Party

Afritivity (“Afritivity”, “we”, “us”, “our”) is the Responsible Party for personal information processed through the Afritivity platform, except where Vendors act as independent Responsible Parties in relation to their own customer data.

2. Information We Collect

We may collect and process the following categories of personal information:

2.1 Account Information

  • Full name
  • Email address
  • Phone number
  • Business details (for Vendors)
  • Identity or company registration details (where required)

2.2 Transaction & Billing Information

  • Subscription billing details (processed via FastSpring as Merchant of Record)
  • Transaction references
  • VAT information (where applicable)

Afritivity does not store full credit card details.

2.3 Vendor Marketplace Data

Vendors may collect:

  • Customer names
  • Contact details
  • Booking details
  • Digital purchase records
  • Uploaded documents (e.g., waivers or agreements)

Vendors act as independent Responsible Parties for such customer data.

2.4 Technical Information

  • IP address
  • Device information
  • Browser type
  • Usage data
  • Cookies

3. Lawful Basis for Processing

We process personal information in accordance with POPIA based on:

  • Consent
  • Contractual necessity
  • Legal obligation
  • Legitimate business interests
  • Protection of legitimate interests of the data subject

By using Afritivity, you consent to the processing of your personal information as described in this policy.

4. Purpose of Processing

We process personal information to:

  • Create and manage user accounts
  • Provide access to platform features
  • Process subscriptions via FastSpring
  • Enable vendor listings and bookings
  • Facilitate communication between customers and vendors
  • Comply with legal and tax obligations
  • Prevent fraud and abuse
  • Improve platform performance

5. Sharing of Personal Information

We may share information with:

5.1 FastSpring

For subscription billing, tax compliance, fraud monitoring, and payment processing.

5.2 Vendors

Customer information is shared with Vendors when a booking or purchase is made.

5.3 Service Providers

Hosting providers, analytics services, email providers, and support tools.

5.4 Legal Authorities

Where required by law or court order.

We do not sell personal information.

6. Cross-Border Data Transfers

Personal information may be transferred outside South Africa where:

  • Our service providers operate internationally
  • FastSpring processes payments internationally
  • Cloud infrastructure is located outside South Africa

Where cross-border transfers occur, we take reasonable steps to ensure adequate protection consistent with POPIA requirements.

7. Data Security

We implement reasonable technical and organisational measures to protect personal information, including:

  • SSL encryption
  • Secure hosting environments
  • Role-based access controls
  • Limited administrative access
  • Secure payment processing via FastSpring

However, no system can guarantee absolute security.

8. Data Retention

We retain personal information:

  • For as long as your account remains active
  • As required by law (e.g., tax obligations)
  • As necessary to resolve disputes
  • To enforce agreements

Inactive accounts may be anonymised or deleted after a reasonable period.

9. Your Rights Under POPIA

Under POPIA, you have the right to:

  • Request access to your personal information
  • Request correction or deletion
  • Object to processing
  • Withdraw consent (where applicable)
  • Lodge a complaint with the Information Regulator

10. Vendor Data Responsibility

Vendors using Afritivity are independently responsible for complying with POPIA in relation to customer data they collect and process.

Afritivity is not responsible for a Vendor’s misuse, breach, or unlawful processing of personal information.

11. Data Breach Notification

In the event of a data breach affecting personal information, Afritivity will:

  • Investigate the incident
  • Take remedial steps
  • Notify affected users and/or the Information Regulator where legally required

12. Children’s Information

Afritivity does not knowingly collect personal information from children under 18 without appropriate consent from a parent or legal guardian.

13. Updates to This Section

We may update this POPIA section from time to time. Updated versions will be published on the platform.

Cookies

Last updated: Wednesday 14, 2026

This Cookie Notice explains how Flava Machines Pty Ltd and its group companies (“Afritivity”, “we”, “us” and “ours”) use cookies and similar tracking technologies, including SDKs (together, “cookies”) on or through our website at https://afritivity.com/ (“Platform”), or when you visit a Afritivity member’s profile (“User Profile”). It explains what these technologies are and why we use them, as well as your rights to control our use of them.

What are cookies?

Cookies are small data files that are placed on your computer or mobile device. Website owners can use cookies for a variety of reasons that can include enabling the website to work (or work more efficiently), providing personalised content and advertising, and creating analytics. Cookies set by the website owner (in this case, Afritivity) are called “first party cookies”. Only Afritivity can access the first party cookies it sets.

Cookies set by parties other than Afritivity are called “third party cookies”. Third party cookies enable third party features or functionality (e.g. like advertising, interactive content and social sharing) to be provided on or through the website. The parties that set these third party cookies on websites can recognise your device both when it visits the website in question and also when it visits other websites that have partnered with them.

Why do we use cookies?

We use first party and third party cookies for several reasons. Some cookies are required for technical reasons that are strictly necessary to provide Afritivity services, and we refer to these as “essential” cookies. Other cookies also enable us to carry out analytics, to personalise and enhance your experience and/or to show you more relevant content and advertising.

In addition to the cookies used by Afritivity for these Afritivity purposes, Afritivity Users can adjust their settings to set first and third party cookies on their User Profile for their own independent purposes of a similar nature.

The specific types of first and third party cookies that we serve through our Platform, and the purposes they perform are described in our cookie consent tool, which you can access with your cookie preferences. This tool also describes the third party cookies that Afritivity members may decide to use on their User Profile and the purposes that they perform.

‍What about other tracking technologies, like web beacons?

Cookies are not the only way to recognise or track visitors to a website. We may use other, similar technologies from time to time, like web beacons (sometimes called “tracking pixels” or “clear gifs”) on our website. These are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our Platform or opened an e-mail that we have sent them. This allows us, for example, to monitor the traffic patterns of users from one page within our Platform to another, to deliver or communicate with cookies, to understand whether you have come to our Platform from an online advertisement displayed on a third-party website, to improve site performance, and to measure the success of e-mail marketing campaigns. In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will often impair their functioning.

How can you control cookies?

In some countries (including where EU or UK law applies), you have the right to decide whether to accept or reject cookies. In any event you can exercise your cookie preferences through our cookie consent tool, which you can access by clicking Cookie Preferences. You can separately control whether to accept or reject cookies set by Afritivity Users on their User Profiles.

In relation to websites, you can also set or amend your web browser controls to accept or refuse cookies.

If you choose to reject cookies, you may still use our website or app though your access to some functionality and areas may be restricted.

How often will we update this Cookie Notice?

We may update this Cookie Notice from time to time in order to reflect, for example, changes to the cookies we use or for other operational, legal or regulatory reasons. Please therefore re-visit this Cookie Notice regularly to stay informed about our use of cookies and related technologies.

The date at the top of this Cookie Notice indicates when it was last updated.

Where can you get further information?

If you have any questions about our use of cookies or other technologies, please email us at support@ativitygroup.com