WeekdaySign In

POPIA Compliance

WeekdayApp is committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA).

Last updated: 21 February 2026

About POPIA

The Protection of Personal Information Act (POPIA) is South Africa's data protection law that regulates how organisations collect, process, store, and share personal information. WeekdayApp is fully committed to complying with POPIA and protecting the personal information of our users and their clients.

Our Commitment to Data Protection

Lawful Processing

We only process personal information with proper consent or where we have a legitimate business reason.

Transparency

We are clear about what data we collect, why we collect it, and how we use it.

Data Security

We use bank-level encryption and security measures to protect your information.

Access Control

Only authorised personnel can access personal information, on a need-to-know basis.

Personal Information We Process

User Account

  • Name and surname
  • Email address
  • Contact telephone
  • Company/practice name
  • Job title/role
  • Profile photo (optional)

Client Information

  • Company names & contacts
  • Tax registration numbers
  • VAT, PAYE, UIF, SDL info
  • Financial/billing data
  • Uploaded documents

Usage Information

  • Login activity & logs
  • Device & browser info
  • IP addresses
  • Feature usage patterns

Purpose of Processing

Provide and maintain our practice management services
Authenticate users and manage account access
Process tasks, time entries, and invoices
Send service-related communications
Provide customer support
Improve our services and user experience
Comply with legal and regulatory requirements
Prevent fraud and ensure security

Your Rights Under POPIA

Right to Access

Request access to your personal information that we hold.

Right to Correction

Request correction of inaccurate or incomplete personal information.

Right to Deletion

Request deletion of your personal information, subject to legal retention requirements.

Right to Object

Object to the processing of your personal information in certain circumstances.

Data Security Measures

Encryption

TLS 1.3 in transit, AES-256 at rest

Access Controls

Role-based access and multi-factor auth

Row-Level Security

Database-level tenant isolation

Regular Audits

Security assessments and testing

Secure Infrastructure

AWS hosted with SOC 2 compliance

Staff Training

Regular data protection training

Data Retention

Account dataWhile active + 30 days after deletion
Transaction records5 years (SARS requirement)
Audit logs2 years for security purposes

Third-Party Service Providers

We may share personal information with service providers who assist us. All providers are contractually bound to process information only per our instructions.

Supabase

Database & authentication (AWS EU)

Fly.io

Application hosting

Resend

Transactional email delivery

Paystack

Payment processing (PCI-DSS)

Contact Our Information Officer

For any queries, concerns, or requests related to the processing of your personal information:

Email: privacy@theweekdayapp.com

Subject Line: POPIA Request - [Your Name]

We will respond to your request within 30 days as required by POPIA.

Complaints

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Regulator:

Website: www.justice.gov.za/inforeg

Email: inforeg@justice.gov.za

Tel: 012 406 4818

Questions About POPIA?

If you have questions about how we handle your personal information, please contact us.

Contact Privacy Team
Privacy Policy Terms of Service Security