Legal

Privacy Policy

Name: T-ERP
Availability: InStock
Author: T-ERP Technologies

T-ERP Technologies (Pty) Ltd is committed to protecting your personal information. This policy explains how we collect, use, store, and protect your data across all T-ERP products and services.

Effective Date: 10 April 2026Last Updated: 26 May 2026Version: 2.0

1. Introduction

T-ERP Technologies (Pty) Ltd ("T-ERP", "we", "us", or "our") operates a comprehensive enterprise resource planning platform designed for logistics, mining, construction, and industrial companies across Southern Africa. Our products include the T-ERP web platform, the T-ERP mobile applications (Driver App and Manager App), the T-ERP Support AI assistant, and the T-ERP website at www.t-erp.co.za.

This Privacy Policy applies to all personal information processed by T-ERP across these products and services. We are committed to processing personal information lawfully, fairly, and transparently in accordance with the Protection of Personal Information Act, 2013 (POPIA) and other applicable data protection legislation.

Important - Data Controller vs. Data Processor

For the T-ERP website and ERP platform, T-ERP Technologies acts as the data controller - we determine the purpose and means of processing. For the T-ERP mobile application used by employees of our client companies, T-ERP acts as a data processor on behalf of the transport company (your employer), who is the data controller. This distinction is explained further in Section 3.

2. Who We Are

T-ERP Technologies (Pty) Ltd is a South African technology company that develops and operates enterprise resource planning software for the transport, logistics, mining, and industrial sectors. Our platform integrates fleet management, freight operations, maintenance, compliance, people management, HR, payroll, accounting, and AI automation into a single connected system.

Registered Details

Company: T-ERP Technologies (Pty) Ltd

Country: South Africa

Email: info@t-erp.co.za

Website: www.t-erp.co.za

Our products and services include:

T-ERP Web Platform - the full ERP system accessible via browser
T-ERP Driver App - mobile application for drivers (iOS and Android)
T-ERP Manager App - mobile application for fleet managers and supervisors
T-ERP Support AI - AI-powered support assistant integrated into the platform
T-ERP Website (www.t-erp.co.za) - our marketing and information website
T-ERP Middleware Server - real-time data synchronisation layer

3. Information We Collect

3.1 Website Visitors

When you visit www.t-erp.co.za, we may collect:

Contact form submissions: name, email address, company name, phone number, and message content
Newsletter subscriptions: email address and subscription preferences
Demo requests: name, email, company, phone, operation type, and fleet size
Analytics data: pages visited, time on site, referral source, device type, and browser (via Google Analytics 4 - anonymised)
Technical data: IP address (anonymised), browser type, and operating system

3.2 ERP Platform Users

When your organisation subscribes to the T-ERP platform, we process the following categories of personal information on behalf of your organisation:

Identity information: full name, employee ID, job title, and role
Contact information: email address, phone number, and physical address
Authentication data: username, encrypted password, and session tokens
Employment information: department, employment dates, salary details (for payroll), leave records, and performance data
Financial data: bank account details (for payroll), expense claims, and tax information (PAYE, UIF, SDL)
Operational data: trip records, freight orders, vehicle assignments, duty hours, and performance metrics
Compliance data: licence numbers, certification records, training history, and incident reports

3.3 Mobile App Users (Drivers and Managers)

The T-ERP mobile applications collect the following information on behalf of your employer (the transport company):

Location Data

Real-time GPS coordinates during active duty hours and trips
Trip routes: start points, waypoints, destinations, and travel paths
Geofencing data: entry and exit from designated locations (depots, delivery points)
Location accuracy measurements and timestamps

Location is only tracked when you are clocked in for duty or have an active trip. Location tracking stops when you clock off.

Trip and Duty Information

Trip details: pickup and delivery locations, cargo information, trip status, and timestamps
Duty sessions: start and end times, total hours worked, and break durations
Odometer readings at duty start and end
Performance metrics: trip completion times, fuel efficiency, and compliance scores

Documents and Media

Proof of delivery (POD): digital signatures, photos, timestamps, and recipient information
Vehicle inspection photos and checklists (pre-trip and post-trip DVIR)
Weighbridge ticket photos and weight measurements
Fuel receipt photos processed via AI (OpenAI) for data extraction
Document metadata: file creation dates and GPS coordinates where media was captured

Device and Technical Information

Device model, operating system (iOS or Android), and OS version
T-ERP app version, installation date, and last update
IP address, device ID, and network connection type
App usage data, session duration, and error logs

Communication Data

In-app messages between drivers and managers
Emergency alerts and help requests
Push notification delivery and read receipts

3.4 Biometric Data

Biometric Data - Device Only

If you enable biometric login (fingerprint or face recognition) on the T-ERP mobile app, your biometric data is stored exclusively on your device using your device's secure hardware (Apple Secure Enclave or Android Trusted Execution Environment). This data never leaves your device and is never transmitted to T-ERP servers or your employer. T-ERP only receives a confirmation that authentication was successful. You can disable biometric login at any time in the app settings.

Under POPIA, biometric data is classified as "special personal information" (Section 26). Explicit consent is required before enabling this feature.

4. How We Use Your Information

Service Delivery

Providing and operating the T-ERP platform and mobile applications
Processing freight orders, trip management, and automated invoicing
Fleet tracking, asset management, and maintenance scheduling
Payroll processing including PAYE, UIF, and SDL calculations
Compliance management including RTMS framework and SANS 1395 requirements
HR lifecycle management from recruitment through to separation

Safety and Emergency Response

Enabling the emergency alert feature in the mobile app (one-tap alert with live GPS to management)
Monitoring driver fatigue and duty hours to prevent accidents
Incident management and root cause analysis
Vehicle inspection tracking and defect management

AI and Automation Features

AI document scanning (OCR) to extract data from fuel receipts, weighbridge slips, and delivery documents
Predictive maintenance analysis to forecast asset failures before they occur
Automated trip generation and invoicing based on configured rules
Support AI assistant to answer operational questions and guide users
Smart notifications and context-aware alerts

Analytics and Improvement

Fleet performance analytics, driver scorecards, and cost-per-kilometre reporting
Compliance dashboards and audit-ready reporting
Website analytics to improve our marketing content and user experience
Platform usage analytics to improve product features and performance

Communication

Responding to demo requests, support queries, and contact form submissions
Sending newsletters and product updates to subscribers (with opt-out available)
Push notifications for trip assignments, alerts, and operational updates
WhatsApp notifications for trip updates and reminders (where configured)

Legal and Compliance

Meeting our obligations under South African tax law, labour law, and transport regulations
Maintaining audit trails and records as required by law
Responding to lawful requests from regulatory authorities

5. Legal Basis for Processing (POPIA)

Under POPIA, we must have a lawful basis for processing personal information. We rely on the following grounds:

Contractual Necessity

Processing is necessary to perform our contract with you or your organisation - for example, operating the ERP platform, processing payroll, or managing freight operations.

Legitimate Interest

Processing is necessary for our legitimate business interests or those of your employer, including fleet management, safety monitoring, performance analytics, and fraud prevention, provided these interests are not overridden by your rights.

Legal Obligation

Processing is required to comply with South African law, including the Income Tax Act (PAYE), Unemployment Insurance Act (UIF), Skills Development Levies Act (SDL), Road Traffic Act, National Road Traffic Act, and applicable labour legislation.

Consent

For optional features such as biometric authentication, newsletter subscriptions, and certain analytics, we rely on your explicit consent. You may withdraw consent at any time without penalty.

Vital Interests

In emergency situations, we may process location data and contact information to protect the life or safety of a driver or other person.

6. Data Sharing and Disclosure

6.1 Within Your Organisation

Data collected through the T-ERP platform is accessible to authorised users within your organisation based on their role. Fleet managers can access driver location and performance data. HR administrators can access employee records. Finance users can access payroll and financial data. Access is controlled by role-based permissions configured by your system administrator.

6.2 Third-Party Service Providers

We share data with trusted third-party providers who assist in operating our platform. All providers are contractually bound to process data only as instructed, implement appropriate security measures, and comply with applicable data protection laws.

Google Maps Platform

Purpose: Route planning, navigation, distance calculation, and address autocomplete

Data shared: Location coordinates only - no personal identifiers shared

Firebase (Google)

Purpose: Push notifications (Firebase Cloud Messaging) and app performance analytics

Data shared: Device tokens for notifications; anonymised usage data for analytics

OpenAI

Purpose: AI-powered document scanning (OCR) to extract text from fuel receipts, weighbridge slips, and delivery documents

Data shared: Document images are processed temporarily and not stored by OpenAI. No personal identifiers are included in processing requests.

Google Analytics 4

Purpose: Website analytics to understand visitor behaviour and improve our marketing content

Data shared: Anonymised browsing data - IP addresses are anonymised. No personal identifiers.

Cloud Infrastructure (AWS / Azure)

Purpose: Secure data storage, backup, and disaster recovery

Data shared: All platform data - stored encrypted at rest (AES-256)

Plaid

Purpose: Automated bank feeds for real-time financial reconciliation (where configured)

Data shared: Bank transaction data only - no personal banking credentials stored by T-ERP

WhatsApp Business API

Purpose: Automated operational notifications for trip updates and alerts (where configured)

Data shared: Phone numbers and message content for configured notifications only

6.3 Legal Requirements

We may disclose personal information if required to do so by law, court order, or regulatory authority, or where we believe disclosure is necessary to protect the safety of any person, prevent fraud, or protect our legal rights.

6.4 Business Transfers

If T-ERP Technologies is acquired by or merges with another company, personal information may be transferred as part of that transaction. Affected parties will be notified in advance and the acquiring entity will be bound by this Privacy Policy.

We Do Not Sell Your Data

T-ERP Technologies does not sell, rent, trade, or otherwise transfer your personal information to third parties for marketing or commercial purposes. Your data is used solely to operate and improve our services.

7. Data Security

We implement industry-standard technical, organisational, and physical safeguards to protect your personal information against unauthorised access, disclosure, alteration, or destruction.

Technical Safeguards

AES-256 encryption at rest
TLS 1.3 for all data transmission
Role-based access controls
Multi-factor authentication for admin access
Regular security patches and updates
Automated vulnerability scanning

Organisational Safeguards

Employee confidentiality agreements
Regular security awareness training
Strict vendor data processing agreements
Incident response procedures
Access auditing and logging
Principle of least privilege

Physical Safeguards

Enterprise-grade data centre facilities
Environmental controls and backup power
Physical access controls and monitoring
Encrypted geographically distributed backups
24/7 security monitoring

In the event of a personal information breach that poses a risk to your rights and freedoms, we will notify the Information Regulator and affected individuals within 72 hours of becoming aware of the breach, as required by POPIA.

8. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The following retention periods apply:

Data Category	Retention Period	Reason
Financial and payroll records	7 years	South African tax law (Income Tax Act)
Trip and freight records	5 years	Transport regulations and audit requirements
Location data (operational)	90 days	Operational use and dispute resolution
Location data (compliance)	7 years	RTMS and regulatory compliance
Document images (scanned)	90 days, then archived	Extracted data retained for 7 years
Employee records (active)	Duration of employment	Employment contract
Employee records (post-employment)	5 years	Labour law and CCMA requirements
Authentication and access logs	12 months	Security auditing
Performance and compliance data	3 years	Performance management
Website contact form data	2 years	Business correspondence
Newsletter subscriber data	Until unsubscribed + 1 year	Marketing consent records
Incident and safety records	10 years	RTMS and safety legislation

After retention periods expire, data is securely deleted or irreversibly anonymised. Data subject to a legal hold (e.g. litigation or regulatory investigation) may be retained beyond the standard period until the hold is lifted.

9. Your Rights Under POPIA

If you are in South Africa, you have the following rights under the Protection of Personal Information Act, 2013 (POPIA):

Right to Access

You may request a copy of the personal information we hold about you. We will respond within 30 days.

Right to Correction

If your personal information is inaccurate, incomplete, or out of date, you may request that we correct it.

Right to Deletion

You may request that we delete your personal information, subject to our legal retention obligations and contractual requirements. To request deletion of your account and associated data, email privacy@t-erp.co.za with the subject line "Account Deletion Request", or navigate to Settings > Account > Delete Account within the T-ERP mobile app. We will process your request within 30 days and confirm deletion by email.

Right to Object

You may object to the processing of your personal information where we rely on legitimate interest as our lawful basis. You cannot object to processing that is essential to your employment or our contractual obligations.

Right to Data Portability

You may request a copy of your personal information in a structured, machine-readable format.

Right to Withdraw Consent

Where processing is based on your consent (e.g. biometric login, newsletter), you may withdraw consent at any time without penalty. Withdrawal does not affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

If you believe your privacy rights have been violated, you may lodge a complaint with the Information Regulator of South Africa.

Information Regulator - South Africa

If you are not satisfied with our response to a privacy complaint, you have the right to lodge a complaint with the Information Regulator:

Email: inforeg@justice.gov.za

Website: www.justice.gov.za/inforeg

To exercise any of these rights, please contact our Information Officer at privacy@t-erp.co.za. We will respond within 30 days. We may need to verify your identity before processing your request.

10. International Data Transfers

T-ERP primarily processes data within South Africa. However, some of our third-party service providers (including cloud infrastructure, Google services, and OpenAI) may process data in other countries, including the United States and European Union member states.

Where personal information is transferred outside South Africa, we ensure that appropriate safeguards are in place as required by POPIA Section 72, including:

Binding contractual obligations on the recipient to provide equivalent protection
Transfers to countries with adequate data protection laws as recognised by the Information Regulator
Standard contractual clauses where applicable
Your explicit consent where required

11. Special Personal Information

POPIA provides heightened protection for certain categories of "special personal information" (Section 26). T-ERP may process the following special categories:

Biometric Information

Fingerprint and face recognition data used for mobile app authentication. This data is stored exclusively on the user's device and never transmitted to T-ERP servers. Explicit consent is obtained before enabling this feature.

Health Information

Driver fatigue and wellness data collected as part of duty hour monitoring and RTMS compliance. This is processed on behalf of your employer for safety and regulatory compliance purposes.

Criminal Record Information

Where required for employment screening or compliance purposes, and only with explicit consent or as permitted by law.

12. Children's Privacy

T-ERP products and services are designed exclusively for business use by adults aged 18 and over. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected information from a minor, we will take immediate steps to delete that information. If you believe we have collected information from a minor, please contact us at privacy@t-erp.co.za.

13. Cookies and Analytics

Our website (www.t-erp.co.za) uses cookies and similar tracking technologies. The T-ERP mobile applications do not use cookies but use local device storage for caching and offline functionality.

For full details on the cookies we use and how to manage them, please see our Cookie Policy.

We use Google Analytics 4 on our website in cookieless mode with IP anonymisation enabled. We do not use advertising cookies or sell browsing data to third parties.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:

Update the "Last Updated" date at the top of this policy
Notify ERP platform users via in-system notification
Notify mobile app users via push notification and require acknowledgement on next login
Notify newsletter subscribers via email for significant changes

Your continued use of T-ERP products and services after the effective date of any changes constitutes your acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal information, please contact our Information Officer:

T-ERP Technologies - Information Officer

Privacy enquiries: privacy@t-erp.co.za

General enquiries: info@t-erp.co.za

Technical support: tech@t-erp.co.za

Website: www.t-erp.co.za

We will acknowledge your request within 5 business days and provide a full response within 30 days. If your request is complex or you have submitted multiple requests, we may extend this period by a further 30 days and will notify you accordingly.