faq-banner.jpg

Privacy Policy

HiProfile is a data-driven social media app designed to give an opportunity to individuals to discover new people and places on the go and streamline their social media networking experience.

We recommend that you read the privacy Policy so that you understand our approach towards the use of your personal information.

By submitting your information to us, you will be treated as having given your permission-where applicable and appropriate- for disclosures referred to in this policy and agree that we may collect, use and transfer your Personal information in accordance with the GDPR Standards/POPI Act.

If you do not agree with these terms, you may choose not to use our app.  Kindly, do not provide us with any personal information. This Privacy policy forms part of our terms and conditions of use and such shall be governed by and construed in accordance with the laws of South Africa. This notice explains how we obtain, use and disclose your personal information as is required under the Protection of Personal Information Act, 2013(POPI Act) and the GDPR Standards.

What Personal Information is Collected

When you create an account, HiProfile may collect your full credentials of your social media accounts to make the registration process easy.

  • We may collect full credentials such as the name, contact details, gender, and social media accounts of the user to make the registration process easy.

The type of information we collect will depend on the purpose for which it was collected and used. We will only collect information that we need for that purpose.
We collect information directly from you where you provide us with your personal information. We also collect information about you from other sources explained below.
With your consent, we may also supplement the information that you provide to us with information we receive from other companies in our industry in order to offer you a more consistent and personalized experience in your interactions with HiProfile.

  • After logging in to the system, a user will get an option to connect their social media profiles through the application. Initially the system will have the provision to connect with Facebook, Instagram and Twitter.
  • The system will capture the social media profile information and save the number of friends and followers each user has.
  • HiProfile intends to transfer personal data to a recipient in a third country or international organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers referred to in Article 46 or 47, or the second subparagraph of Article 49(1), reference to the appropriate or suitable safeguards and the means to obtain a copy of them or where they have been made available. Click here   for more details on Article 46 and 47.

How Personal Information is Used

To provide the Services and personalize your experience we will authenticate you when your log in, provide customer support, and operate and maintain the Services. For example, we use the name and picture you provide in your account to identify you to other Service users. Our Services also include tailored features that personalize your experience, enhance your productivity, and improve your ability to collaborate effectively with others by automatically analyzing the activities of your team to provide search results, activity feeds, notifications, connections and recommendations that are most relevant for you and your team. We may use your email domain to infer your affiliation with a particular organization or industry to personalize the content and experience you receive on our websites. Where you use Trello and other Atlassian owned or operated services, we may combine information about you and your activities to provide an integrated experience, such as to allow you to find information from one service while searching from another or to present relevant product information as you travel across our websites.

  • We may also use your Data to communicate with you, including by email, text (only if you opt-in), or in our Apps, about new deals,  updates,  or anything else we think may be of interest to you.
  • We use your information in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business to protect our legitimate business interests and legal rights to protect our legal rights, interests and the interests of others.
  • We may use your Data in our Enterprise Services and in other services that we may provide to businesses.
  • We never rent nor sell Data about users unless it is anonymized. Though, as described more fully in this Privacy Policy, we may license or otherwise provide certain other Data to third parties, provided we have received your consent to do so.

Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing HiProfile shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.
Associations and other bodies representing categories of HiProfile or processors may prepare codes of conduct, or amend or extend such codes, for the purpose of specifying the application of this Regulation, such as with regard to:

i) fair and transparent processing;
ii) the legitimate interests pursued by controllers in specific contexts;
iii) the collection of personal data;
iv) the pseudonymisation of personal data;
v) the information provided to the public and to data subjects;
vi) the exercise of the rights of data subjects;the notification of personal data breaches to supervisory authorities and the communication of such personal data breaches to data subjects;
viii) the transfer of personal data to third countries or international organisations; or
ix) out-of-court proceedings and other dispute resolution procedures for resolving disputes between controllers and data subjects with regard to processing, without prejudice to the rights of data subjects pursuant to Articles 77 and 79.

Transborder flow of information

We may transfer your information to foreign countries mainly for retention purposes or if our service providers are cross border or use systems cross border. If you continue to use our App, you expressly agree that we may transfer the information cross border for these purposes. We will only share information cross border with recipients who have laws similar to POPI/GDPR Standards which apply to them, or who entered into an agreement with us to include the relevant POPI principles/GDPR Standards.

Legal Bases for Processing (for EEA Users)

HiProfile shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed. That obligation applies to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. In particular, such measures shall ensure that by default personal data are not made accessible without the individual’s intervention to an indefinite number of natural persons.

HiProfile shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the Regulation prescribed under Article 28 GDPR and ensure the protection of the rights of the data subject.

The processor and any person acting under the authority of HiProfile or of the processor, who has access to personal data, shall not process those data except instructed by HiProfile, unless required to do so by Union or Member State law.

How Information is Stored  

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“). It may also be processed by staff operating outside the EEA who works for us or for one of our suppliers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
HiProfile will maintain a record of processing activities under its responsibility that contains:

  • the purposes of the processing;
  • a description of the categories of data subjects and of the categories of personal data;
  • the categories of recipients to whom the personal data have been or will be disclosed including recipients in third countries or international organisations;
  • where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards;
  • where possible, the envisaged time limits for erasure of the different categories of data;
  • where possible, a general description of the technical and organisational security measures referred to in Article 32(1).
  • each processor and, where applicable, the processor’s representative shall maintain a record of all categories of processing activities carried out on behalf of a HiProfile that contains the name and contact details of the processor or processors and of each controller on behalf of which the processor is acting, and, where applicable, of HiProfile’s or the processor’s representative, and the data protection officer;
  • the categories of processing carried out on behalf of HiProfile;
  • where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards;
  • where possible, a general description of the technical and organisational security measures referred to in Article 32(1). Click here
    for more details.
  • the records referred to in paragraphs 1 and 2 shall be in writing, including in electronic form.
  • the obligations referred to in paragraphs 1 and 2 shall not apply to an enterprise or an organisation employing fewer than 250 persons unless the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the processing is not occasional, or the processing includes special categories of data as referred to in Article 9(1) or personal data relating to criminal convictions and offences referred to in Article 10.

Disclosure of personal information

We may disclose your information to our business partners who are involved in the delivery of products to you. We have agreements in place to ensure that they comply with these privacy terms.

We may share your personal information with, and obtain information about you from:

-The third parties for the purposes listed above

-other companies in our industry when we believe it will enhance the services we can offer to you, but only where you have not objected to such sharing.

We may also disclose your information where we have a duty or a right to disclose in terms of law or industry codes or where we believe it is necessary to protect your rights.

Access and Control of Personal information

You may access and update your Data at any time through the “Settings” tab.

You have a right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses listed herein and specify what information you would like, we will take all reasonable steps to confirm your identity before providing details of your personal information.

Please note that any such access request mat be subject to payment of a legally allowable fee, as laid down in the Protection of Personal Information Act.

You may also delete your account at any time on our Sites by clicking on the Delete Your Account link in your Privacy Settings page. If you delete your account, your profile, including your check-in history, tips and photos, badges and stickers received, will be removed from the Consumer Services, and you will no longer be able to access such Data.

The data subject shall have the right to obtain from HiProfile’s confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • Where personal data are transferred to a third country or to an international organisation, the data subject shall have the right to be informed of the appropriate safeguards pursuant to Article 46 relating to the transfer.
  • HiProfile shall provide a copy of the personal data undergoing processing. For any further copies requested by the data subject, HiProfile may charge a reasonable fee based on administrative costs. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
  • The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights and freedoms of others.

The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to HiProfile, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from HiProfile to which the personal data have been provided, where:

  • the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and
  • the processing is carried out by automated means.
  • in exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from HiProfile to another controller, where technically feasible.
  • the exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17 un GDPA. That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in HiProfile.

Policy towards children

Under the GDPR, the processing of personal data of a child below the age of 16 in relation to the offering of digital services will only be lawful where consent has been given by the person holding parental responsibility. The GDPR does not allow Member States to lower the age limit (provided it is 16 or more) at which parental consent is required. However, to the extent that this leads to a less harmonised approach, this may present challenges for companies as HiProfile may need to implement additional jurisdictional specific procedures to account for variable age limits.

Outside the context of digital services, the GDPR requires that particular attention must be paid to the clarity and accessibility of information provided to children in relation to the processing of their data. It also anticipates that sector specific codes of conduct will continue to be relevant in protecting the interest of children.

Children’s information and special personal information in accordance with the POPI Act

We do not intentionally collect or use information of children (persons under the age of 18 years) unless with consent. Our intention is to only process information of children with the consent of a competent person (someone like the parent or guardian or if the law otherwise allows or requires us to process such information).

Changes to our Privacy Policy

Privacy policy changes of HiProfile app is subject to the change in the GDPR standards and POPI Act and you will be advised accordingly.

Taking proper consent

If the data subject’s consent is given in the context of a written declaration which also concerns other matters, the request for consent shall be presented in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language. Any part of such a declaration which constitutes an infringement of this Regulation shall not be binding.

The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent.

When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.

Quality and access to your information:

We want to ensure that your information is accurate and up to date. You may ask us to correct or remove any information that you think is inaccurate, by sending an e-mail to

Retention of information

We retain information in accordance with the required retention periods in law or for legitimate business purposes. We will only retain your information for the purposes explicitly set out in this policy. We may keep information indefinitely in a de-identified format for statistical purposes. This policy also applies when we retain your information

Right to the data subject

Where personal data relating to a data subject are collected from the data subject, HiProfile shall, at the time when personal data are obtained, provide the data subject with all of the following information:

  • the identity and the contact details of HiProfile and, where applicable, of HiProfile’s representative;
  • the contact details of the data protection officer, where applicable;
  • the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;
  • where the processing is based on point (f) of Article 6(1) under GDPA regulations, the legitimate interests pursued by the controller or by a third party;
  • the recipients or categories of recipients of the personal data, if any;
  • where applicable, the fact that HiProfile intends to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers referred to in Article 46 or 47, or the second subparagraph of Article 49(1) under GDPA regulations, reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.

Data Breaches

We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

We may receive Data about you from third parties such as unaffiliated apps and websites that integrate with our API, advertising exchanges, ad platforms, ad networks or from our partners. If you created your account using your Google, Twitter or Facebook account profile, we may receive certain information from these companies, such as your first name, last name, gender, birthday, email address and your Google, Twitter or Facebook ID.

Publicly available Data such as the Data available in your user public profile, tips, likes, saves, public photos, lists that you create and follow, tastes, badges/stickers, mayorships, and lists of friends and/or followers may be searchable by search engines and be shared with or disclosed to third parties, including through our Enterprise Services to our partners and customers.

When we partner with a business, we may share Data with them but only in aggregate or in some cases, we may share a non-identifying ID such as an advertising ID or a hashed identifier. When we share Data in a pseudonymized form, a unique identifier is shared so that our partner can measure conversion as to whether an individual has seen its ad, visited its website, or went to their brick and mortar location

If you consent or authorize a third party app to access your HiProfile account, we may share your Data with such third party app. You can revoke your consent at any time in your HiProfile account profile settings.

We may share your Data when we believe in good faith that such release is necessary to comply with law or a legal process, including laws outside your country of residence; to protect our rights and property.

We may share your Data as part or in anticipation of a business sale, merger, consolidation, investment, change in control, transfer of substantial corporate assets, reorganization, liquidation, or similar business transaction or corporate event.

Some features and functionality in our Apps may require that you provide your location. If you have your location services turned on, whenever you open and use or interact with our Apps (e.g. write a tip or check in to a restaurant) on your mobile device, we collect and use your location data from your mobile device (e.g., latitude and longitude) to tailor the Consumer Services to your current location (i.e. we’ll show you a list of nearby locations, and tips).

Security Breach

We will report any security breaches to the Information Regulator and to the individuals or companies involved.If you want to report any concerns about our privacy practices or if you suspect any breach regarding your information, kindly notify us by sending an email

Limitation of liability

You hereby agree that, subject to applicable law, we (including our directors and/or employees) will not be liable for:

i. any incorrect information or images provided on our App which you relied upon;
ii. any internet data usage charges incurred while using our App;
iii. any interruption, malfunction, downtime, off-line situation or other failure of our App or services, our systems, databases or any of its components;
iv. any loss directly or indirectly caused by malfunction of our system, third party systems, power failures, unlawful access to or theft of data, computer viruses or destructive code on our system or third party systems or programming defects; and/or
v. any interruption, malfunction, downtime or other failure of goods or services provided by third parties, including, without limitation, third party systems such as the public switched telecommunication service providers, internet service providers, electricity suppliers, local authorities and certification authorities, or any other event over which we have no direct control.
b. You indemnify and hold us harmless against all and any loss, liability, actions, suites, proceedings, costs, demands and damages of all and every kind (including direct, indirect, special or consequential damages), and whether in an action based on contract, or any other action, arising out of or in connection with the above, where we have not been grossly negligent or reckless.

Law and Disputes

These Terms will be governed by and interpreted in terms of South African laws. You consent that the Magistrates’ Court will have jurisdiction even if the proceedings are otherwise beyond its jurisdiction.

Contact Us

If you have any questions or concerns regarding this Privacy Policy, please send a detailed message to: support@hiprofile.live

Legal disclosure in terms of section 43 of the Electronic Communications and Transactions Act 25 of 2002. 

a. Site owner: HiProfile  (PTY) LTD
b. Legal status: HiProfile is a private company, duly incorporated in terms of the applicable laws of South Africa.
c. Registration No: 2017/358499/07
d. Director(s): Sahil Deonarain
e. Description of main business of HiProfile: Social Media; App Development
f. E-mail address: hiprofilesocial@hiprofile.live
g. Website addresses: www.hiprofile.live
h. Postal Address: P.O Box 65143 Reservoir Hills, Durban 4001, South Africa