← trustsquare.co

TrustSquare Privacy Policy

Effective 2 July 2026 · Responsible party: Trustsquare (Pty) Ltd (Reg No. 2026/340128/07), 6 Villa Christiaan, 98 Manie Road, Elarduspark, Pretoria, Gauteng, 0181 · Governing law: Republic of South Africa (POPIA)

1. Who we are

TrustSquare (trustsquare.co) is an anonymity-first online marketplace operated by Trustsquare (Pty) Ltd. This policy explains what personal information we collect, why, and your rights under the Protection of Personal Information Act, 2013 (POPIA). It is incorporated by reference into our Terms of Use / EULA.

2. What we collect

Sellers provide an email address and the content of their listings at registration; proof of address or professional credentials may be requested as verification tiers apply. Buyers can browse without an account; a buyer account is created only when you initiate a seller introduction, using the contact details you provide. We also keep transaction and Tuppence ledger records, support correspondence, and standard technical logs (IP address, device/browser information) needed to run and secure the service.

3. Why we process it

We process personal information to operate the marketplace and deliver introductions you request (performance of our agreement with you), with your consent where required (for example marketing emails you opted into at account creation), and in our legitimate interest in keeping the Platform secure and preventing fraud. Identity verification follows our deferred-KYC model described in the Terms of Use: browsing is anonymous, and verification applies as engagement deepens.

4. Payments

Card payments are processed by Paystack, our payment service provider. Card details are captured by Paystack and are not stored on TrustSquare servers.

5. Sharing and cross-border transfers

We do not sell personal information. We share it only with service providers who process it on our behalf under written agreements: payment processing (Paystack), cloud hosting and backups (servers hosted in the European Union with Hetzner, encrypted backups on Cloudflare R2 with 14-day retention), email delivery, and content-assistance services. Where information is stored outside South Africa, we rely on jurisdictions and contractual safeguards that provide an adequate level of protection consistent with section 72 of POPIA.

6. Security

The Platform employs TLS 1.3 encryption in transit, server-side encryption at rest, role-based access controls, and daily encrypted backups with 14-day retention. Security controls are reviewed periodically.

7. Data breach notification

If a breach affecting your personal information occurs, we will notify affected users and the Information Regulator as required by POPIA, and in any event within 30 days of becoming aware of the breach.

8. Retention

We keep personal information for as long as your account is active and thereafter only as long as required for legitimate business records, dispute resolution, and statutory retention periods (including tax and financial-reporting laws), after which it is deleted or de-identified.

9. Your rights

Under POPIA you may request access to the personal information we hold about you, ask for correction or deletion, object to processing, and withdraw consent to direct marketing at any time. Write to [email protected]. You may also lodge a complaint with the Information Regulator (South Africa) — inforegulator.org.za.

10. Direct marketing

By creating an account you opt in to introduction notification emails and Platform updates. Every promotional email contains an unsubscribe link; opt-out requests are processed within 5 business days.

11. Cookies and local storage

The Platform uses only functional browser storage (session state and preferences). We do not run third-party advertising or tracking cookies.

12. Age

The Platform is intended for users aged 18 and over.

13. Changes

We may update this policy from time to time. The current version always lives at trustsquare.co/privacy; material changes will be announced on the Platform.