Start saving time

Sidekick Data Privacy & Cookies Policy

Last updated: 16 April  2025 



1. WHO WE ARE

We are Sidekick (Pty) Ltd, a South African company that operates a platform connecting independent contractors ("PAs") with clients who require part-time personal assistant services. Throughout this Privacy Policy, "Sidekick," "we," "us," or "our" refers to Sidekick (Pty) Ltd.



2. OUR POLICY

Client data protection policy

This Client Data Protection policy ("Policy") applies to personal information about you, any of your employees, officers, directors, agents, contractors or consultants or any of your customers, suppliers or any other relevant individual that you engage with in the ordinary course of business ("Business or Personnel") held by Sidekick (Pty) Ltd and, to the extent that the Data Protection Legislation applies to the processing of such information, held by other members of the Sidekick (Pty) Ltd. For all intended purposes, the company hereto refers to any and all business operations being conducted within South Africa, United Kingdom, Europe and Africa in terms of our overseas offices (where so applicable).

In this Policy:

"Data Protection Legislation" means all applicable legislation relating to privacy or data protection in force from time to time, including any statute or statutory provision which amends, extends, implements, consolidates or replaces the same, and in particular to the extent applicable and without limitation the EU General Data Protection Regulation 2016/679 (“GDPR”), the GDPR as it forms part of the domestic law of the United Kingdom by virtue of the European Union (Withdrawal) Act 2018, the Data Protection Act 2018 and the South African Protection of Personal Information Act, 2013 (“PoPIA”). The terms “personal data”, “controller", and “process” (and its derivatives) shall have the meanings given to them in the Data Protection Legislation. 

"The Company" means Sidekick (Pty) Ltd and other partnerships, corporations and undertakings which are authorised to carry the name "Sidekick (Pty) Ltd"; and a "member of the Sidekick (Pty) Ltd has a corresponding meaning.

This Privacy Policy explains how Sidekick collects, uses, shares, and protects personal information when users engage with our services via our website, mobile platforms, or communication channels (collectively referred to as the "Platform"). It also informs you of your rights regarding your personal data and how you can contact us regarding any concerns.

By using the Platform, you acknowledge that you have read, understood, and agreed to this Privacy Policy. If you do not agree, please refrain from using our Platform. If you have any queries, you may contact us at anneke@sidekick.cool



3. WHAT IS PERSONAL INFORMATION?

"Personal information" refers to any data that can identify an individual, as defined under the Protection of Personal Information Act 4 of 2013 (POPIA). Depending on how you engage with us, we may collect and process various types of personal data, including but not limited to:

Categories of Personal InformationExamplesIdentity InformationFull name,Contact InformationPhone number, email addressPayment InformationBank details, invoicesPlatform Usage InformationIP address, device details,Communications & InteractionsMessages exchanged via the Platform or support queriesCompliance InformationData related to legal and regulatory obligations

Sidekick may also collect non-personal or anonymized data for analytical and statistical purposes.

Some of the information that we collect about you and your Business or Personnel may include special categories of personal data (such as information about racial or ethnic origin, criminal or alleged criminal offences or health and lifestyle). We will usually seek separate permission from you or them in writing to process these special categories of personal data.

If you fail to provide us with this information, or you, your Business or Personnel object to us processing such information (see "General Rights") for more information about your rights in relation to your information) the consequences are that we may be prevented from providing our services to you or continuing to manage your matter(s) with us.



4. HOW WE COLLECT PERSONAL INFORMATION

We may collect personal information through the following means:

Direct Collection

We obtain personal information directly from you when you:

  • Register on the Platform as a Client or Independent Contractor (PA)

  • Complete your profile or provide necessary documents

  • Communicate with us via email, phone, or WhatsApp

  • Engage in transactions on the Platform

  • Participate in surveys, promotions, or competitions

Third-Party Collection

We may receive personal information from:

  • Our commercial partners to facilitate service offerings

  • External agencies for verification and fraud prevention

  • Publicly available sources, as permitted by law



5. LAWFUL BASIS FOR PROCESSING PERSONAL INFORMATION

We have described the purposes for which we may use information about you and your Client Business. We are permitted to process such information in this way, in compliance with the Data Protection Legislation, by relying on one or more of the following lawful grounds:

  • Contractual Necessity – To provide the services agreed upon.

  • Legitimate Interests – To improve our platform and user experience.

  • Legal Compliance – When required by law.

  • User Consent – Where specific permission is required (e.g., marketing communications).

  • You or they have explicitly agreed to us processing such information for a specific reason;

  • The processing is necessary to perform the agreement we have with you or them or to take steps to enter into an agreement with you or them;

  • The processing is necessary for compliance with a legal obligation we have; or

  • The processing is necessary for the purposes of a legitimate interest pursued by us, which might be:

  (i)     to ensure that our matters are well-managed;
(ii)    to prevent fraud;
(iii)   to protect our business interests;
(iv)   to ensure that complaints are investigated;
(v)    to evaluate, develop or improve our services; or
(vi)   to keep our clients informed about relevant services.In relation to any processing of special categories of personal data, we will generally rely on obtaining specific consent to process such information, although it may be necessary for us to use certain information to comply with our legal obligations as a regulated entity (such as in relation to an alleged offence). Where you or your Business Personnel have consented to our processing of such information (including special categories of personal data) you or they may withdraw such consent at any time, by contacting us using the contact details set out in "Contacting Us" below.

Please note, however, that in certain circumstances it may be still lawful for us to continue processing this information even where consent has been withdrawn, if one of the other legal bases described above is applicable.



6. HOW WE USE YOUR PERSONAL INFORMATION

We may collect, record and use information about you and your Business or Personnel, and the services we provide to you, in physical and electronic form and will hold, use and otherwise process the data in accordance with the Data Protection Legislation and as set out in this Policy. This may include sharing this information with third parties and transferring it abroad or across borders. More information about sharing and transferring such information is set out below.

We may process any information we hold about you and your Business or Personnel for several business purposes. Examples of the types of uses of such information are set out below:

We use personal information to:

  • Facilitate the matching process between Clients and Independent Contractors

  • Process payments and invoices securely

  • Improve platform functionality and user experience

  • Ensure compliance with legal and regulatory requirements

  • Conduct research and analytics to optimize our services

  • Send relevant marketing communications (with consent)

  • To incentivise high standards of excellence from Independent Contractors 

  • To provide our services to you;

  • To administer and operate your client account(s) and matters;

  • To monitor and analyse the conduct of your client account(s) and matters;

  • To assess any billing matters or credit decisions;

  • To enable us to carry out statistical and other analysis and to meet our legal or regulatory obligations;

  • For our reasonable commercial purposes (including in connection with our insurance, quality control and administration and assisting us to develop new and improved services);

  • To confirm your or their identity and carry out background checks, including as part of our checks in relation to anti-money laundering, compliance screening and to prevent fraud and other crimes (in terms of required RMCP)

  • To follow up with you or them after you request information to see if we can provide any further assistance;

  • To comply with any requirement of applicable laws or regulations;

  • To fulfil our obligations under any reporting agreement entered into with any tax authority or revenue service(s) from time to time;

  • To check your instructions to us;

  • To circulate attendee lists to other attendees of our events;

  • To monitor, record and analyse any communications between you or them and us, including phone calls to analyse, assess and improve our services to you, as well as for training and quality purposes;

  • To prevent or detect abuse of our services or any of our rights (and attempts to do so), and to enforce or apply this Policy and/or any other agreement and to protect our (or others') property or rights;

  • In the context of a sale or potential sale of a relevant part of our business, subject always to confidentiality obligations;

  • If instructed to do so by you or them or where you or they give us consent to the use and/or processing involved; and

  • To bring to your or their attention (in person or by post, email or telephone) information about additional services offered by us which may be of interest to you or them, unless you or they indicate at any time that you or they do not wish us to do so.

We do not sell personal data.



7. SHARING OF PERSONAL INFORMATION

We keep all client information confidential. However, to be able to service our clients' needs to the best of our ability, we may share any information you provide to us with the entities and their support service or data providers, wherever located.

 

We may also provide third party service providers access to client information where they support or provide services to us. We will ensure that if we share information with, or provide access to, third party service providers, any such disclosure or access is at all times in compliance with Data Protection Legislation under agreement and for operational purposes only.

The recipients, or categories of recipients, of your information, or information relating to your Business Personnel, may be:

  • Clients and Independent Contractors to facilitate engagements.

  • Payment processors to enable financial transactions.

  • Service providers assisting with platform functionality.

  • Legal or regulatory authorities if required by law.

  • Regulatory bodies if required by law.

  • Any revenue service or tax authority, including SARS, if obliged to do so under applicable regulations, we may also have to report your account(s) to the necessary tax authorities;

  • Your other advisers (including, but not limited to, accountants or other professional advisers) where authorised to do so by you;

  • South Africa regulators, courts and authorities in connection with their duties (such as crime prevention);

  • Fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. We and fraud prevention agencies may also enable law enforcement agencies to access and use your information to detect, investigate and prevent crime;

  • Third party service providers who support or provide services to us;

  • Attendees of our events where we circulate names, corporates names and corporate email addresses on an attendee list for our events;

  • Anyone to whom we may transfer our rights and/or obligations under this Policy; and

  • Any other person or organisation after a restructure, sale or acquisition.

If we, or a fraud prevention agency, determine that you and/or your Business or Personnel pose a fraud or money laundering risk:

  •  We may refuse to provide the services you have requested, or we may stop providing existing services to you; and

  • Record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you or them.

 Any data shared is subject to strict confidentiality agreements.



8. SECURITY MEASURES

Sidekick takes reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or breaches. These include:

  • Secure data encryption

  • Compliance with international cybersecurity standards

  • Secure access controls - such as secure payments, firewalls, etc.

However, no online transmission is 100% secure. Users are encouraged to use strong passwords and protect their account details.



9. INTERNATIONAL DATA TRANSFERS

Transferring your information outside South Africa, the UK or EEA

Information about you, your Business or Personnel in our possession may be transferred to other countries.  These agents in different countries which may include countries outside South Africa, the United Kingdom or the European Economic Area ("EEA") for any of the purposes described in this Policy.

You and they understand and accept that these countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information they hold and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, courts regulatory agencies and private persons, because of applicable governmental or regulatory inquiry, court order or other similar process. In addition, several countries have agreements with other countries providing for exchange of information for law enforcement, tax and other purposes.

When we, or our permitted third parties, transfer information we or they will impose contractual obligations on the recipients of that data to protect such information to the standards required in the UK, South Africa or EEA as appropriate. We or they may require the recipient to subscribe to international frameworks intended to enable secure data sharing. In the case of transfers by us, we may also transfer your information where:

  • The transfer is to a country deemed by these governments to provide adequate protection of your information;

  • You, your Business or Personnel have consented to the transfer, or

  • Such transfer is otherwise permissible under Data Protection Legislation (for example if we are required to provide such information by law).

If Sidekick transfers data outside of South Africa, we ensure that it is only sent to jurisdictions with equivalent data protection laws or subject to adequate safeguards.

  • Data Protection Agreements incorporating Standard Contractual Clauses.

  • Adequacy decisions from the UK or EU regarding safe jurisdictions.

  • Binding corporate rules where applicable.



10. MARKETING AND COMMUNICATION PREFERENCES

Users may opt-in to receive marketing communications about Sidekick services. You can opt-out at any time by:

  • Clicking "unsubscribe" in marketing emails

  • Updating communication preferences in your account



11. USE OF COOKIES AND TRACKING TECHNOLOGIES

Sidekick may use cookies and similar tracking technologies to:

  • Enhance user experience

  • Analyze platform usage

  • Serve personalized content

Users can manage cookie preferences through browser settings.



12. YOUR RIGHTS UNDER POPIA

You and your Business or Personnel have several rights concerning the way that we use your information. You are responsible for ensuring that your Business or Personnel are aware of these rights, which comprise:

 

  • To request access to, or a copy of, any personal data we hold about you or them;

  • To request the rectification of your or their personal data, if you or they consider that it is inaccurate;

  • To request the erasure of your or their personal data, if you or they consider that we do not have the right to hold it;

  • To object to your or their personal data being processed for a particular purpose or to request that we stop using your or their information;

  • To request not to be subject to a decision based on automated processing and to have safeguards put in place if you or they are being profiled based on their personal data;

  • To ask us to transfer a copy of your or their personal data to another party where technically feasible and otherwise required by applicable regulations;

  • To withdraw, at any time, any consent that you or they have previously given to us for our use of your or their personal data; or

  • To ask us to stop or start sending them marketing messages at any time.

Any request for access to or a copy of personal data must be in writing, and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will comply with our legal obligations as regards any individual’s rights as a data subject.

If you would like to contact us in relation to any of the rights set out above, please contact us using the contact details in the "Contacting Us" section below.



13. CHANGES TO THIS PRIVACY POLICY

Sidekick may update this Privacy Policy from time to time to reflect legal changes, business developments, or platform updates. We will notify users of significant changes and post the revised policy on our website. Continued use of the Platform after changes indicates acceptance.



14. CONTACT INFORMATION

For questions regarding this Privacy Policy or your personal information, please contact us at:

Email: anneke@sidekick.cool

Alternatively, you may lodge complaints with the Information Regulator of South Africa via inforeg@justice.gov.za.






Est 2021

Cape Town, South Africa

sidekick