HopDrop privacy policy

HopDrop (Pty) Ltd ("HopDrop", "we", "us") is a private company duly registered in the Republic of South Africa. We operate a peer-to-peer parcel-delivery platform connecting senders, couriers (typically commuters), and partner businesses (e.g. pawnshops, e-commerce merchants).

This privacy policy explains what Personal Information we collect, why, who we share it with, how long we keep it, and what your rights are. It applies to:

• The HopDrop mobile app (Android, iOS, Expo Go in development)
• The HopDrop website at hopdrop.co.za
• Anonymous tracking pages we generate (URLs of the form hopdrop.co.za/track/...)

It does not apply to deliveries booked through a HopDrop Merchant's own website (e.g. a pawnshop or e-commerce store using our API). For those, the Merchant's privacy policy governs your relationship with them; HopDrop processes your information on the Merchant's behalf as their Operator under POPIA, governed by a Data Processing Agreement we have with that Merchant.

HopDrop's Information Officer is registered with the Information Regulator of South Africa as required by section 55 of POPIA. You can contact the Information Officer at:

Email: privacy@hopdrop.co.za
Post: HopDrop (Pty) Ltd, Attn: Information Officer (postal address provided on request)

If we don't resolve a complaint to your satisfaction, you may lodge it with the Information Regulator at inforegulator.org.za.

Different information depending on how you use HopDrop. We collect only what we need to make the service work.

3.1 If you sign up as a sender or courier (consumer app)

• Mobile phone number (E.164, used for sign-in and recipient SMS)
• Full name (optional but encouraged for trust)
• Email address (optional)
• Profile photo (only if you upload one — used to help senders recognise their courier)
• Account role: sender, courier, or both

3.2 If you act as a courier

• Vehicle make, model, colour, registration plate
• ID verification details when you opt in to high-value deliveries (KYC; verified by a vendor — we store the result, not the underlying ID document)
• Bank account details (account holder, bank, account number, type) — for EFT payouts. Stored encrypted; only the last four digits visible in the app.
• Live GPS location while you have an active job (from accepting through delivery). We do not track location at any other time.
• Star ratings and feedback left for you by senders

3.3 If you post a delivery as a sender

• Pickup address (geocoded to lat/lng)
• Drop-off address and recipient's name + phone (so we can SMS them the delivery PIN)
• Parcel details: size category, declared value, optional description
• Photos of the parcel (if you upload one before posting)
• Payment details — handled by our payment processor (Yoco). We do not store your card number; we store a non-reversible token.

3.4 Photographic proof of pickup & delivery

When a courier collects or delivers a parcel, the app prompts them to photograph the parcel. The subject is the parcel; if you (the recipient) appear in the frame it is incidental. You may ask the courier to retake the photo without you in it.

3.5 Device and technical information

• Push notification token (so we can ping you about delivery status)
• App version, device model, operating system version (for diagnostics)
• IP address and approximate geolocation (for security and rate-limiting)
• Standard server logs (timestamp, request path, response code) — we keep these for 30 days

3.6 If you visit hopdrop.co.za

We use minimal anonymous analytics to count page views and measure performance. We do not use third-party advertising trackers. We use a small number of essential cookies to keep you signed into the developer dashboard if you have an API key stored.

We rely on the lawful processing conditions set out in section 11 of POPIA. Specifically:

• Performance of a contract (s.11(1)(b)): we cannot deliver your parcel without processing your address and the recipient's phone number; we cannot pay couriers without their bank details.
• Compliance with a legal obligation (s.11(1)(c)): we keep transactional records for 5 years for SA tax and consumer-protection purposes.
• Legitimate interest (s.11(1)(f)): we need couriers' live GPS while they're on a job to give senders accurate ETAs and to investigate claims under the HopDrop Guarantee. We've weighed this against your privacy and limited collection to active-job windows only.
• Consent (s.11(1)(a)): for non-essential things like sending you marketing email about new features. You can opt out at any time.

We share Personal Information only as set out below. We never sell your data to advertisers or list brokers.

5.1 Other HopDrop users you transact with

• Senders see the assigned courier's first name, photo, KYC-verified flag, star rating, vehicle, and registration plate. Phone is masked to last 4 digits — calls go through HopDrop's in-app chat.
• Couriers see the sender's first name and exact pickup/drop-off addresses (they have to drive there).
• Recipients receive an SMS with the delivery PIN and a link to an anonymous tracking page.

5.2 Sub-operators (third parties who help us run the service)

Each Sub-operator has a written agreement with HopDrop binding them to the same data-protection standards we owe you.

5.3 Other circumstances

• Law enforcement: when legally compelled by valid SA court order or statute. We push back on overbroad requests.
• HopDrop Guarantee claims: when investigating a claim under our self-funded protection programme, we may share photos and timeline data with the parties involved.
• Business transfers: if HopDrop is acquired or merged, your data transfers to the new owner under the same terms. We'll notify you 30 days in advance.

Some of our Sub-operators are located outside South Africa (Neon, Render, Cloudflare). Under section 72 of POPIA we transfer your Personal Information to them only when:

• The recipient is bound by binding corporate rules or standard contractual clauses providing equivalent protection; or
• The recipient's jurisdiction has data-protection laws that the Information Regulator considers adequate (e.g. EU GDPR jurisdictions); or
• You have consented to the transfer; or
• The transfer is necessary to perform a contract with you.

You have the following rights under POPIA. We respond within 30 days.

• Access (s.23): get a copy of the Personal Information we hold about you.
• Correction (s.24): fix anything inaccurate. Most fields are editable in-app under Profile.
• Deletion (s.24): delete your account and live data. Some anonymised records we're legally required to keep (clause 7).
• Object to processing (s.11(3)): especially marketing communications. We respect opt-out immediately.
• Object to automated decisions (s.71): we don't use fully automated decision-making for anything that meaningfully affects you. Courier matching is a recommendation; humans accept jobs.
• Lodge a complaint with the Information Regulator: inforegulator.org.za.

To exercise any of these, email privacy@hopdrop.co.za from the address linked to your account, or use the in-app deletion flow under Profile → Delete account.

We use reasonable, appropriate technical and organisational measures, including:

• TLS 1.2+ on all API traffic
• AES-256 encryption at rest for the production database and photo storage
• Phone-OTP sign-in (no passwords to leak)
• Bank account numbers shown only as last-4 digits in the app
• HMAC-SHA256 signing on outbound webhooks so partners can verify origin
• Production database access restricted to authorised personnel via SSO with audit logging
• Daily automated backups with 7-day point-in-time recovery
• Security patches applied within 14 days of vendor publication for critical issues

If we discover a Security Compromise affecting your information, we will notify you and the Information Regulator as required by section 22 of POPIA.

HopDrop is not directed at children under 18. We do not knowingly collect Personal Information from children. If you believe a child's information has been submitted to us, please email privacy@hopdrop.co.za and we will delete it.

The hopdrop.co.za website uses a small number of essential cookies and local-storage entries:

• hopdrop_dashboard_key, hopdrop_dashboard_partner_id — only set if you sign in to the developer dashboard, used to keep you signed in on this device.
• hopdrop_msa_draft, hopdrop_dpa_draft — drafts of partnership agreements you're filling in, stored locally so you can come back without losing progress. Never sent to our servers.

We don't use third-party advertising or social-media trackers. The mobile app stores your auth token in your device's secure keystore (iOS Keychain / Android Keystore).

If we materially change this policy (for example, adding a new Sub-operator that materially changes how your data is processed) we will:

• Update the "Last updated" date at the top
• Notify active accounts via the app and / or email
• For material changes, give you 30 days' advance notice and the chance to delete your account before the change takes effect

Minor changes (typo fixes, contact-detail updates) take effect immediately on publication.

Privacy queries, complaints, or rights requests:

HopDrop (Pty) Ltd — Information Officer
Email: privacy@hopdrop.co.za
General support: support@hopdrop.co.za
Website: hopdrop.co.za

If we can't resolve your complaint to your satisfaction, you may lodge it with the South African Information Regulator: inforegulator.org.za.