Privacy Policy
Effective date: 24 May 2026 · Last updated: 24 May 2026
This Privacy Policy describes how CommuGuard (“CommuGuard”, “we”, “us” or “our”) collects, uses, discloses and protects your personal information when you use the CommuGuard mobile application (the “App”), our website at commuguard.co.za (the “Site”) and any related services (together, the “Services”).
By creating an account or using the Services, you acknowledge that you have read and understood this Policy. If you do not agree, please do not use the Services.
1. Who we are
CommuGuard provides a community-safety and coordination platform that allows residents, body corporates, property managers, ward councillors, municipalities and the South African Police Service (SAPS) to exchange notices, incident reports and updates within defined communities.
- Operator: CommuGuard
- Website: commuguard.co.za
- Contact / Information Officer: support@commuguard.co.za
2. Personal information we collect
We only collect information that is necessary to provide and improve the Services.
2.1 Information you give us
- Account details: name, email address and password (passwords are stored hashed, never in plain text).
- Phone number: for account verification and contact between residents and authorities.
- Role and community: e.g. resident, councillor, complex/body-corporate role, municipal or SAPS user, and the community or ward you belong to.
- Content you submit: notices, messages, incident reports and any photos or PDF documents you upload (for example, evidence attached to an incident, or attachments to an authority notice).
- Support communications: any messages you send us via email or this Site’s contact form.
2.2 Information we collect automatically
- Precise location (GPS): with your explicit permission, we use your device’s precise location to tag incident reports, deliver geofenced notices and show nearby alerts. Location is only collected when you actively use a location-based feature; you can revoke this permission at any time in your device settings.
- Device & technical data: device model, operating system, app version, language, time zone, crash logs and basic diagnostics.
- Usage data: features used, dates and times of interactions, and event logs needed to operate the Services.
- Push notification tokens: for delivering authority broadcasts and incident alerts.
2.3 Information we do not collect
- We do not knowingly collect personal information from children under 13.
- We do not sell your personal information to third parties.
- We do not use your data for advertising profiling or third-party ad networks.
3. How we use your information
| Purpose | Legal basis (GDPR) |
|---|---|
| Create and manage your account, authenticate logins | Performance of a contract |
| Deliver notices, incident alerts and messages to the right community / authority | Performance of a contract |
| Tag and route incident reports using your location | Consent (you grant the location permission) |
| Verify phone numbers and prevent fraudulent accounts | Legitimate interests / legal obligation |
| Provide support and respond to your requests | Legitimate interests |
| Detect, prevent and investigate abuse, fraud or security incidents | Legitimate interests / legal obligation |
| Comply with applicable laws and lawful requests from authorities | Legal obligation |
| Improve and develop the Services (using aggregated, de-identified data where possible) | Legitimate interests |
4. How we share your information
We share personal information only as described below:
- Within your community: notices and reports are shared with the residents, body corporate, councillor, municipality and/or SAPS users you intended to reach. Your name and role may be visible to those recipients.
- Service providers (sub-processors): we use trusted vendors to run the Services, including:
- Google Firebase (Google LLC / Google Cloud) — authentication, cloud database, file storage, push notifications, crash and analytics tooling.
- Email and SMS providers used for verification and notifications.
- Cloud hosting and content-delivery providers.
- Authorities and legal compliance: we may disclose information when required by a valid legal process, court order or law-enforcement request, or to protect the safety, rights or property of any person.
- Business transfers: if CommuGuard is involved in a merger, acquisition or sale of assets, personal information may be transferred, subject to this Policy.
5. International transfers
Some of our service providers (e.g. Google Firebase) process data on servers outside South Africa, including in the European Union and the United States. Where we transfer personal information across borders, we rely on appropriate safeguards such as the provider’s adequacy decisions, Standard Contractual Clauses (SCCs) and your consent where required.
6. How long we keep your information
- Account data: for as long as your account is active.
- Notices, messages and incident reports: for as long as needed to provide the Services, or longer where retention is required by law or to resolve disputes.
- After account deletion: personal data tied to your account is deleted or anonymised within 30 days, except where we are legally required to keep certain records (e.g. financial or law-enforcement records). Backups are purged on their normal rotation cycle.
7. How we protect your information
- Encryption in transit (TLS/HTTPS) for all traffic between the App, Site and our servers.
- Encryption at rest provided by our cloud storage provider.
- Passwords are stored using industry-standard one-way hashing.
- Role-based access controls — staff and authority users can only see data relevant to their role and community.
- Regular review of vendors, permissions and security practices.
No internet service is ever 100% secure. Please use a strong, unique password and tell us immediately if you believe your account has been compromised.
8. Your rights
Depending on where you live, you have the following rights:
8.1 South Africa — POPIA
Under the Protection of Personal Information Act, 2013 (POPIA), you have the right to:
- Be notified that we hold your personal information.
- Request access to the personal information we hold about you.
- Request correction or deletion of personal information that is inaccurate, out of date, or unlawfully obtained.
- Object to processing (including direct marketing).
- Submit a complaint to the Information Regulator (South Africa) — inforegulator.org.za.
8.2 European Economic Area / United Kingdom — GDPR / UK GDPR
You have the right of access, rectification, erasure (“right to be forgotten”), restriction, portability, and to object to processing. You may also lodge a complaint with your local data-protection authority.
8.3 California, USA — CCPA / CPRA
California residents have the right to know what personal information we collect, to delete that information, to correct inaccurate information, to opt out of any “sale” or “sharing” of personal information (we do not sell or share personal information for cross-context behavioural advertising), and to be free from discrimination for exercising these rights.
8.4 How to exercise your rights
Email support@commuguard.co.za from the address on your account, or use our Delete account page. We will respond within the time required by applicable law (generally 30 days).
9. Children
The Services are intended for users aged 13 and older. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us and we will delete it.
10. Third-party services and links
The Services may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. Please review their privacy policies before providing them with personal information.
11. Changes to this Policy
We may update this Policy from time to time. When we make material changes, we will notify you through the App or by updating the “Last updated” date above. Continued use of the Services after an update means you accept the revised Policy.
12. Contact us
Questions, requests or complaints about this Policy or our handling of your personal information should be addressed to:
CommuGuard
Email: support@commuguard.co.za
Web: commuguard.co.za