Protecting your privacy is extremely important to us. The following information will help you understand the purposes for which we collect, store, and use your information. We will keep your information confidential and will only share it if we are legally required to do so, if we must do so in order to fulfill our agreement with you, or if you have given your consent.

We have tried to make this notice as clear as possible, but if there is something we have not explained well, please contact us at

The last time this notice was changed: April 2024

1. What is this notice about

We want you to understand who we are, what kind of personal information (“PI”) we collect, and what we do with it. This notice is part of our contract with you and it may change from time to time.

1.1 In your day-to-day dealings with us we obtain PI about you. We want you to understand who you are sharing your PI with, what kind we are collecting, and how we use it.

1.2 PI does not include any anonymous, de-identified, or statistical information – provided that it cannot be linked back to you.

1.3 This privacy notice forms part of our contract with you. You should read it along with the terms applicable to services you use.

1.4 From time to time we may have to amend this notice to accommodate changes in our services, or if legal requirements change.

1.5 You agree to our information practices, including the collection, use, processing, and sharing of your information as described in this Privacy notice, as well as the transfer and processing of your information to the United States and other countries globally where we have or use facilities, service providers, or partners, regardless of where you use our services. You acknowledge that the laws, regulations, and standards of the country in which your information is stored or processed may be different from those of your own country.

2. Who are you sharing your information with?

You are sharing your information with Bigfoot-IT Consulting. Sometimes we may need to share your PI with others in order to provide our services to you or if we are legally required to.

2.1 Bigfoot-IT is a South African based company.

2.2 We do not sell or otherwise share your information with third parties aside from the sharing described in this section. In particular, we do not share information with third parties for their direct marketing purposes unless you have given us explicit consent. This consent is not given by means of accepting our standard terms and conditions and/or our privacy policy.

2.3 In order to deliver our services, we will have to share information with other communications service providers to enable them to transmit your communications. We only do so on your instruction, and we will only share the information which is needed to fulfill our service obligation to you.

2.4 We also make use of third-party service providers or consultants who need access to information in order to do their jobs. An example of this is when we share information with service providers so they can store the data in our primary facility at Silicon Sky Johannesburg. These service providers are not entitled to use the information for any other purposes, must keep it confidential, and have given us reasonable assurances that the information is safe.

2.5 Sometimes we may need to disclose your information to a third party:

2.5.1 if we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or a government request;

2.5.2 to enforce our contracts and policies;

2.5.3 to protect the security and integrity of our services;

2.5.4 to fulfill our legal obligation in connection with data subject requests;

2.5.5 to protect ourselves, our other customers, and the public from illegal activities; or

2.5.6 to respond to an emergency which we believe in good faith requires us to disclose information.

2.6 If we go through a corporate sale, merger, reorganization, dissolution or similar event, your information may be part of the assets transferred or shared in connection with the due diligence for any such transaction.

2.7 We will require anyone that we share your PI with to honor this policy in terms of applicable law.

3. Where is the information going?

3.1 Bigfoot-IT’s primary data locations are in one area:

3.1.1 Siliconsky Johannesburg South Africa – all messaging and transaction services

3.2 Bigfoot-IT makes use of service providers that process some of the data that forms part of the fulfillment of our services to you. Some of the data related to this third-party processing may be transferred from Bigfoot-IT to the service provider. As an example: for the processing of online payments on Bigfoot-IT’s web portal, we may need to transfer some of the data to our payment processor.

3.3 Bigfoot-IT makes use of vendors such as legal firms to perform operational tasks, which may require access to some PI. The sharing of information with vendors will always be limited to what is necessary for Bigfoot-IT to deliver its services.

3.4 You consent to us processing your personal information in a foreign country with less stringent data protection laws than the country in which it was collected, to the extent allowed by applicable law.

3.5 Bigfoot-IT does not sell any customer data to any third parties.

3.6 Bigfoot-IT collects data from Bigfoot-IT customers in the following manner:

Customer sends data to Bigfoot-IT to transit to a mobile phone, mobile subscriber, or third party.

Bigfoot-IT may transit the data to sub-processors to participate in the transit of this data. During this transit, only the minimum required information is shared to fulfill the obligation to our customers.

Bigfoot-IT is not aware of the information content or categories of information, as we only transit the content or information. It is possible that the content our customers request us to transit is highly sensitive information; however, we do not collect any of these sensitive categories of information in our own capacity.

Bigfoot-IT collects information in our own capacity in the event of a customer registration.

4. What information we collect and why

We collect personal information when you set up your account with us. We also pick up some information during the course of our interactions with you. Some personal information is generated and collected through your use of our services and sometimes we will collect personal information from another source. We also use cookies on our website.

*Please note: Certain Bigfoot-IT service(s) and/or products(s) inherently retain items of information submitted by the user(s) during use – for instance, Whatsapp Platform offering(s) retain a history of the chat in order to provide context for the chat agent/user in order to assist with follow-up inquiries. There are instances where such information will be of a nature to fall within the scope of PI (as defined herein). The continued use of these services accepts on the part of the user that such submitted PI will be retained for period(s) longer than the standard stated retention period for such PI, as without such data being present, the efficacy of the service requested is materially undermined. Be that as it may, Bigfoot-IT is actively working on the wider implementation of shorter retention periods for such products (without degradation of the service) and these initiatives will be rolled out in due course. Should you be concerned in this respect, kindly reach out to us for more information.

4.1 When you set up your account with us, we collect the following information directly from you:

4.1.1 your company names and names of your affiliates*, employees, account users and contact persons;

4.1.2 identifiers such as registration numbers, identity numbers and

4.1.3 contact details such as e-mail addresses, telephone numbers and fax numbers;

4.1.4 location information such as your country of incorporation and physical address;

4.1.5 financial information such as information held by credit bureaus, credit references, banking details, date of fiscal year end, the name of your auditor, date of the last audit, payment method; and

4.1.6 your username, password, and any other applicable authentication detail.

4.2 We collect this information for all the obvious reasons:

4.2.1 we want to provide our services to you;

4.2.2 bill you;

4.2.3 communicate with you about your account;

4.2.4 recognize you when you communicate with us or want access to your account;

4.2.5 comply with any legislation or regulation which requires us to collect the information; and to

4.2.6 We may also verify the information which you provided about your company for purposes of fraud prevention and to ensure the accuracy of the information you provided.

4.3 We also collect and store PI when you communicate with us – for instance, if you ask a question, request assistance, or forward us feedback about your experience with our services. We keep this PI to allow us to understand how your account has evolved and we use this information to improve our customer service.

4.4 When you make use of our services, we collect and generate PI as follows:

4.4.1 Communication meta-data. We collect information about your communication, such as the date and time of a message or call, the origin and destination of the communication, the route the communication followed, and the duration of the communication. This information is processed for purposes of delivery, performance measurement, fraud prevention, and for legal reasons such as data retention.

4.4.2 When you use our services, you create or provide us with data which we store on your behalf as part of the service. This includes: message meta-data as described above; and other message content, for instance, the contents of a message that you have requested us to transit or store for you, or a file attached to such message.

4.4.3 We may also generate data which is derived from the information described above. This data may include analytics or statistical data which is derived from the use of our services. This data does not relate to a particular individual or customer and cannot be linked to an individual or customer.

4.5 We may also collect PI from another source.

4.5.1 We may receive PI from another customer in circumstances where that customer has shared its data with you. For instance, where one customer provides you with access to its Bigfoot-IT account, you may generate data which we may process.

4.5.2 We may also receive PI from another third party – for instance, where we do a credit check, we may receive information from a credit bureau.

5. How long we keep your information

We keep PI for different periods of time depending on what it is and what we need it for. In each case, we retain the information for only as long as necessary to fulfill the purposes for which it was collected.

5.1 Transaction information: In the case of billing, payment, and transactional records we keep information for a period of five (5) years.

5.2 Support ticket information: We retain customer support tickets and their associated data for the duration of our relationship with the customer.

5.3 Communication data: We retain communication meta-data and communication content (e.g. message content) for the duration of our relationship with the customer.

5.4 Other information: For other types of PI, we retain it for as long as necessary to fulfill the purpose for which it was collected.

5.5 We may keep some PI longer if it is necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud, or enforce our agreements. If we keep it for any of these purposes, we will make sure that your privacy is protected and only use it for those purposes.

6. Your rights

You have certain rights when it comes to your PI. These rights are not absolute and may be subject to certain legal limitations. Here is an outline of your rights:

6.1 Right of access: You have the right to ask us whether we process any PI about you and, if so, to request access to that PI. This includes information about the categories of PI we process, the purposes of the processing, the recipients of the PI, and the period for which the PI will be stored.

6.2 Right to rectification: You have the right to ask us to correct any inaccurate PI we have about you.

6.3 Right to erasure: In some cases, you have the right to ask us to delete the PI we have about you. This right is not absolute and only applies in certain circumstances.

6.4 Right to restrict processing: In some cases, you have the right to ask us to restrict the processing of your PI. This right is not absolute and only applies in certain circumstances.

6.5 Right to data portability: In some cases, you have the right to receive the PI you provided to us in a structured, commonly used, and machine-readable format and to transmit that data to another controller. This right only applies if the processing is based on your consent or on a contract with you and the processing is carried out by automated means.

6.6 Right to object: In some cases, you have the right to object to the processing of your PI. This right is not absolute and only applies in certain circumstances.

6.7 Right to withdraw consent: If we rely on your consent to process your PI, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing based on your consent before you withdrew it.

6.8 Right to complain: You have the right to lodge a complaint with a data protection authority if you believe that our processing of your PI violates applicable data protection laws.

To exercise any of your rights, please contact us at We may need to verify your identity before we can fulfil your request.

7. How we protect your information

We take the security of your PI seriously and use appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction. These measures include:

7.1 Encryption: We use encryption to protect PI during transmission and storage.

7.2 Access controls: We restrict access to PI to employees, contractors, and service providers who need to know the information to perform their jobs. They are subject to strict confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

7.3 Security testing: We regularly test and assess our security measures to ensure they are effective.

7.4 Incident response: We have a dedicated team to respond to security incidents and data breaches. If we become aware of a data breach that affects your PI, we will notify you and the appropriate authorities as required by law.

8. Changes to this notice

We may update this privacy notice from time to time. If we make significant changes, we will notify you by email or by posting a notice on our website. Your continued use of our services after any changes to this notice will constitute your acceptance of the changes.

9. Contact us

If you have any questions or concerns about this privacy notice or our privacy practices, please contact us at or at +27 87 802 9000