Privacy Policy

Last Updated: December 2, 2025

What We Do

PropelMapper provides software-as-a-service to professional advisory teams, enabling them to manage client relationships, capture field observations, and streamline advisory workflows.

Our Role Under POPIA

PropelMapper Has Two Roles

We act in different capacities depending on what information we're handling. This is important to understand:

1

We Are the Responsible Party For Your Account

For information about you and your business, PropelMapper is the responsible party (data controller under POPIA). This includes:

  • Your name, email, and contact details
  • Your team members' account information
  • Payment and billing information
  • How you use the PropelMapper platform
  • Your business information (company name, registration)

What this means: We decide how to collect and use this information to provide you with PropelMapper services. We're responsible for protecting it and ensuring POPIA compliance for this data.

2

We're Your Operator For Client Data

For information about your clients and the people you serve, PropelMapper is the operator (data processor under POPIA). This includes:

  • Client contact information
  • Business locations and operational data
  • Field observations and voice notes
  • Service information and recommendations
  • Any other client information you enter

What this means: You control this information and decide how it's used. You're responsible for getting proper consent from your clients. We process it only to provide our platform services to you. We keep it secure and confidential, but you remain responsible for POPIA compliance for your client relationships.

In Simple Terms

Your account info: PropelMapper is responsible

Your client data: You're responsible, we process it for you

Your Information

Your team's information belongs only to your team

No other teams can see your information

We store everything securely in the European Union

We keep your information while your account is active, and for 90 days after closure

Information We Handle

Business information about your clients and their operations

Team member information for account access

Voice notes and location data for field work

Third Party Services We Use

What We Use

We use carefully selected service providers to help run PropelMapper:

  • AI services for voice transcription
  • EU-based cloud hosting providers
  • Payment processors

How They Handle Your Data

All third party services:

  • Keep data for 30 days or less (just for processing)
  • Don't use your data to train AI models
  • Have strong security standards (SOC 2 certified)
  • Are contractually required to protect your data

How We Use Data for Product Improvement

Anonymized and Aggregated Data

We may use anonymized and aggregated data for internal analysis and product improvement. This means data that:

  • Has been stripped of all identifying information (names, contact details, specific locations)
  • Is combined into statistical summaries across many users
  • Cannot be linked back to you or your clients

Examples: Feature usage rates, average number of field visits, technical performance metrics, and aggregate platform statistics.

What We Will Never Do

Use identifiable client data to train PropelMapper's own AI models without obtaining separate, explicit consent from you first

Sell or share identifiable data with third parties for their own purposes

Use your client data to benefit other PropelMapper customers in any identifiable way

Your Control

If you prefer that even anonymized data from your account not be used for product improvement, contact us at support@propelmapper.com and we will exclude your data from anonymized analytics.

How We Keep Your Data Safe

Your data is encrypted when traveling between your device and our servers

Each team's data is completely separated - no team can access another team's information

Only your team and authorized PropelMapper support staff can access your information

We store your data in secure EU-based facilities with regular backups

All our team members are trained in data protection and sign confidentiality agreements

If Something Goes Wrong

If we discover a security incident that affects your data, we'll notify you within 24 hours. This gives you time to inform the Information Regulator and your clients if required under POPIA.

Your Rights

Basic Rights

See your information

Fix incorrect information

Export your data

Delete your account

Additional Rights

Object to how we handle your information

Lodge a complaint with the Information Regulator

Cookies and Website Tracking

What We Track

On our public website (propelmapper.com), we use cookies and tracking tools to:

  • Keep you signed in to your account
  • Understand how visitors use our website
  • Improve our marketing and measure ad effectiveness

Your Choice

We use an opt-in approach for marketing cookies. When you first visit our website, we'll ask for your permission before setting any marketing or analytics cookies. You can:

  • Accept all cookies
  • Accept only essential cookies (required for the site to work)
  • Change your mind later through your browser settings

Inside the Application

Inside the PropelMapper application (after you log in), we only use essential cookies needed to keep you signed in and make the platform work. We don't track your activity for marketing purposes inside the application.

Questions or Concerns?

Information Officer

Reghardt Pretorius

Email: reghardt@propelmapper.com

Phone: +27 82 317 5111

Information Regulator

Website: www.justice.gov.za/inforeg

Email: inforeg@justice.gov.za

Summary of Changes

December 2, 2025

Added clarity on how PropelMapper uses data for product improvement:

  • NEW: Added "How We Use Data for Product Improvement" section explicitly addressing anonymized and aggregated data usage
  • CLARIFIED: PropelMapper may use anonymized, non-identifiable data for internal analysis and product improvement
  • CONFIRMED: Identifiable client data will never be used to train PropelMapper's own AI models without separate, explicit consent
  • ADDED: Opt-out option for customers who prefer their data excluded from anonymized analytics
  • UPDATED: Security incident notification timeframe changed from 48 hours to 24 hours for consistency with Operator Agreement

November 5, 2025

Major update to provide comprehensive POPIA compliance information and transparency:

  • NEW: Added detailed "Our Role Under POPIA" section explaining PropelMapper's dual role as both Responsible Party (for your account information) and Operator (for your client data)
  • NEW: Added "Third Party Services We Use" section detailing AI services, cloud hosting, and payment processors, including data retention periods and security standards
  • NEW: Added "Data Breach Notification" section committing to 24-hour notification in case of security incidents
  • NEW: Added comprehensive "Cookies and Website Tracking" section explaining opt-in cookie approach for marketing cookies
  • Expanded: "Security" section now includes five detailed points covering encryption, data separation, access controls, EU storage with backups, and staff training
  • Updated: "What We Do" section expanded from "agricultural sales teams" to "professional advisory teams" to better reflect platform scope
  • Updated: "Information We Handle" section updated from "farms and agricultural activities" to "your clients and their operations" for broader B2B context
  • • Improved formatting and readability throughout with consistent icon usage and visual hierarchy

December 4, 2024

Initial privacy policy published.