POPIA Compliance
Protection of Personal Information Act (Act 4 of 2013) — How we protect your personal data.
Our POPIA Commitment
As a “Responsible Party” under POPIA, Slip a Tip is committed to processing personal information lawfully, minimally, and securely. We collect personal data only as required by law (FICA) and for the operation of our tipping platform.
Minimality
We only collect what is legally required
Security
All data encrypted at rest and in transit
Transparency
Clear purposes for all data processing
Right to Delete
Delete your data when you leave
The 8 Conditions of Lawful Processing
POPIA sets out eight conditions for the lawful processing of personal information. Here is how Slip a Tip complies with each:
Accountability
Slip a Tip ensures that all conditions for the lawful processing of personal information are complied with at the time of determining the purpose and means of processing, and during the processing itself. We have appointed an Information Officer responsible for ensuring compliance.
Processing Limitation
Personal information is processed lawfully and in a reasonable manner that does not infringe on the privacy of data subjects. We only process personal information with the consent of the data subject, or where it is necessary to fulfil a contractual obligation (providing the tipping platform service).
Purpose Specification
Personal information is collected for a specific, explicitly defined, and lawful purpose: (a) to facilitate digital tipping between customers and service workers, (b) to comply with FICA and AML regulations, and (c) to process payouts to verified bank accounts. Data is not retained longer than necessary, except where required by law (5-year AML retention).
Further Processing Limitation
Personal information is not processed for a secondary purpose incompatible with the original purpose of collection. We do not sell, trade, or share personal information with third parties for marketing purposes.
Information Quality
We take reasonable steps to ensure that personal information is complete, accurate, not misleading, and updated where necessary. Users can update their information via the dashboard at any time.
Openness
We maintain documentation of all personal information processing activities. This policy and our PAIA manual are publicly available. We notify users at the time of collection about what data we collect and why.
Security Safeguards
We implement appropriate, reasonable technical and organisational measures to protect personal information against loss, damage, unauthorised access, and unlawful processing. This includes PCI-DSS Level 1 encryption (via our payment gateway), encrypted storage, and strict access controls.
Data Subject Participation
Data subjects (users) have the right to: request confirmation of whether we hold their personal information; request access to their personal information; request correction or deletion of their personal information; and object to the processing of their personal information.
Personal Information We Collect
Identity Information
Full name, South African ID number, selfie (for Tier 2 FICA verification)
Contact Information
Phone number, email address
Financial Information
Bank account details (for payouts only — we never store card details)
Verification Documents
Proof of address (triggered at R3,000 cumulative threshold)
Transaction Data
Tip amounts, timestamps, payment references, QR code scan locations
Technical Data
IP address, device fingerprint, browser type (for fraud prevention)
Third-Party Disclosure
We only share your personal information with the following third parties, strictly for the purposes stated:
To process payments and EFT payouts securely. PCI-DSS compliant with 3D Secure authentication.
To issue OTT Vouchers for cash-out withdrawals delivered via WhatsApp (Meta Business Partner).
To verify identity documents (real-time ID validation for FICA Tier 1).
Only if required by law or lawful demand.
To report suspicious transactions as required under the FIC Act.
Exercise Your Rights
You have the right to access, correct, or delete your personal information at any time.
Contact: legal@slipatip.co.za