Privacy Policy

SwiftQuote is an online quoting and invoicing platform operated by Stainless Charm (Pty) Ltd, based in George, South Africa ("SwiftQuote", "we", "us", or "our"). We can be reached at info@swiftquote.co.za.

As a Responsible Party under POPIA, we determine the purpose and means of processing your personal information.

We collect the following categories of personal information:

• Account information: your name, email address, and password when you register.
• Business profile: business name, contact number, address, VAT number, banking details, and logo that you enter in your profile.
• Quote and client data: client names, contact details, and line items you capture when creating quotes or invoices.
• Payment information: subscription billing is handled by PayFast. We do not store your card details. We receive transaction status confirmations only.
• Usage data: pages visited, features used, and device/browser information collected automatically.

We process your personal information for the following lawful purposes under POPIA:

• To provide, operate, and maintain the SwiftQuote platform.
• To process your subscription payments via PayFast.
• To generate PDF quotes and invoices on your behalf.
• To send transactional emails (account confirmation, password reset, subscription receipts).
• To improve our service through anonymised usage analytics.
• To comply with applicable South African laws and regulations.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Under POPIA, we process your personal information on the following grounds:

• Contract performance: processing necessary to deliver the services you have subscribed to.
• Legitimate interest: maintaining security of the platform and preventing fraud.
• Legal obligation: retaining records as required by South African law.
• Consent: where you have explicitly agreed, such as receiving product updates.

We share your information only with trusted third parties necessary to operate SwiftQuote:

• Supabase — database and authentication hosting (EU/US servers with appropriate safeguards).
• PayFast — South African payment processor for subscription billing (PCI-DSS compliant).
• OpenAI — AI quote parsing. Quote text is sent to OpenAI's API and not retained beyond the immediate request.

All third-party providers are contractually bound to process your data only for the specified purpose and to maintain appropriate security measures.

Some of our service providers (Supabase, OpenAI) process data outside South Africa. In terms of Section 72 of POPIA, we ensure that any cross-border transfer of personal information is subject to equivalent protection through contractual obligations binding those recipients to standards comparable to POPIA.

We retain your personal information for as long as your account is active or as required to provide our services. If you close your account, we will delete or anonymise your personal data within 30 days, unless we are required to retain it by law (e.g. financial records under the Income Tax Act or Companies Act).

As a data subject, you have the following rights:

• Right of access: request a copy of the personal information we hold about you.
• Right to correction: request that inaccurate information be corrected.
• Right to deletion: request erasure of your personal information (subject to legal retention obligations).
• Right to object: object to processing of your personal information in certain circumstances.
• Right to complain: lodge a complaint with the Information Regulator of South Africa at inforegulator.org.za.

To exercise any of these rights, contact us at info@swiftquote.co.za. We will respond within 30 days.

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, or misuse. These include encrypted data transmission (HTTPS/TLS), hashed passwords, and role-based access control. However, no method of internet transmission is 100% secure, and we cannot guarantee absolute security.

SwiftQuote uses session cookies necessary for authentication and platform operation. We do not use tracking or advertising cookies. By using SwiftQuote, you consent to the use of these essential cookies.

SwiftQuote is intended for use by businesses and adults aged 18 and over. We do not knowingly collect personal information from persons under 18 years of age. If you believe a minor has provided us with their information, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. Continued use of SwiftQuote after such notification constitutes acceptance of the updated policy. The date of the most recent update is shown at the top of this page.

For any privacy-related queries or to exercise your rights, contact our Information Officer: