SKWADDY® PRIVACY POLICY
Last Updated: 17 March 2026
1. WHO WE ARE
This Privacy Policy explains how Skwaddy® collects, uses, shares, retains, and otherwise processes personal information in connection with the Service.
Blue Pentagon Consulting (Pty) Ltd, trading as Skwaddy, is the responsible party, controller, or equivalent organisation that determines the purposes and means of processing personal information in relation to the Service, except where another notice states otherwise.
Responsible Party / Data Controller: Blue Pentagon Consulting (Pty) Ltd (trading as Skwaddy) Information Officer: A. Bevu Email: privacy@skwaddy.com Address: Cedarwood House, Ballywoods Office Park, 33 Ballyclare Drive, Bryanston, Gauteng, 2191, South Africa
2. SCOPE
This Privacy Policy applies to personal information processed through the Service, including information provided by account holders, invited participants, and other individuals who interact with the Service.
This Privacy Policy does not apply to third-party websites, services, or apps that have their own privacy notices.
3. INFORMATION WE COLLECT
We collect personal information that you provide directly, that is generated through your use of the Service, that we receive from devices and technical logs, and that we receive from third parties you choose to use with the Service.
3.1 Information you provide
This may include account information, profile information, contact details (including phone number), event and invitation information, communications, content you upload, support communications, payment-related information handled through payment providers, and information you provide about dependents, guests, or other individuals connected with your use of the Service.
3.2 Information collected automatically
This may include device and application information, log information, approximate location inferred from network or device information where relevant, usage information, diagnostic information, identifiers necessary to operate and secure the Service (such as push notification tokens, which are functional device identifiers used solely to deliver notifications and are not advertising identifiers), and information about how you interact with the Service.
3.3 Information from third parties
If you use third-party sign-in, mapping, payment, messaging, analytics, or other integrations, we may receive information from those providers in accordance with their services and your choices.
3.4 Sensitive or special-category information
Certain information you choose to provide, such as health, allergy, dietary, accessibility, or similar information about you or a dependent, may be treated as sensitive or special-category information under applicable law. We process this information only where permitted by law, including where it is necessary for the Service you request, where you have chosen to provide it, where consent is required and obtained, or where another lawful basis applies.
4. HOW WE USE INFORMATION
We use personal information to provide and operate the Service, create and manage accounts, facilitate invitations and interactions, process transactions, personalise core service functionality, provide support, communicate with you, maintain security, prevent abuse, investigate violations, protect users and dependents, comply with law, enforce our terms, improve the Service, and develop or test features.
We may also use information for recommendations, service measurement, analytics, promotion administration, and business operations, but only to the extent allowed by applicable law and this Privacy Policy.
5. LEGAL BASES FOR PROCESSING
Where UK GDPR, GDPR, POPIA, or similar laws apply, we rely on one or more lawful bases depending on the context, including performance of a contract, compliance with legal obligations, legitimate interests, consent, and establishment, exercise, or defence of legal claims.
Where consent is required, you may withdraw it at any time, but this does not affect processing already carried out lawfully before withdrawal.
6. HOW WE SHARE INFORMATION
We may share personal information with service providers and processors acting on our behalf, with platform providers and business partners involved in providing a feature you use, with other users or participants where this is inherent in the Service, with professional advisers, with authorities or law-enforcement bodies where required or appropriate by law, and in connection with actual or proposed corporate transactions.
We may also disclose aggregated, de-identified, or anonymised information that does not reasonably identify an individual.
We do not sell personal information as defined by the California Consumer Privacy Act (CCPA) or share personal information for cross-context behavioural advertising as defined by the California Privacy Rights Act (CPRA).
7. ADVERTISING, RECOMMENDATIONS, AND ANALYTICS
The Service may display recommendations, sponsored placements, promotional content, or analytics-driven content. We may use contextual information, general activity information, and other information permitted by law to support these functions.
If we engage in advertising, tracking, profiling, or similar activity that requires additional notice, consent, opt-out rights, or updated disclosures under applicable law or platform rules, we will address those requirements at the relevant time.
8. RETENTION
We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain records, resolve disputes, enforce agreements, comply with legal obligations, prevent harm, and protect the integrity of the Service.
Retention periods vary depending on the nature of the information, the purpose of processing, legal requirements, the sensitivity of the information, and operational need. Backup copies and residual records may remain for a limited period after deletion or deactivation.
9. ACCOUNT DELETION AND DATA DELETION
Where account deletion is available, you may request deletion through the methods we make available from time to time, including in-app account settings, at https://www.skwaddy.com/delete-account, or by contacting support@skwaddy.com.
Deletion of an account or information may not result in removal of all data immediately or in every circumstance. We may retain information where permitted or required by law, for security, fraud prevention, dispute resolution, backup integrity, abuse prevention, child-safety purposes, or to complete transactions and honour legal obligations.
10. CHILDREN AND DEPENDENT INFORMATION
The Service is directed to adults. Children may not create accounts directly through the Service.
If you provide information about a child or other dependent, you represent that you are authorised to do so and that you have any permissions or consents required by law. We expect users to limit dependent information to what is reasonably necessary for the relevant purpose.
If we become aware that personal information has been collected from a child in a manner not permitted by law, we may take appropriate action, including deletion, restriction, or reporting where appropriate.
We do not knowingly collect personal information directly from children under the age of 13. If you believe we have inadvertently collected information from a child without proper parental consent, please contact us at privacy@skwaddy.com.
11. INTERNATIONAL TRANSFERS
We and our service providers may process personal information in South Africa and other countries where we or our providers operate. Those countries may have data-protection laws that differ from those in your jurisdiction.
Where required by applicable law, we will use recognised transfer mechanisms or other lawful safeguards for cross-border transfers.
12. SECURITY
We use technical, organisational, and contractual measures designed to protect personal information, taking into account the nature of the information and the risks involved.
No system can be guaranteed to be completely secure. You are responsible for maintaining the confidentiality of your account credentials and for using the Service in a secure manner.
12.1 Breach Notification
In the event of a data breach that affects personal information, we will notify affected individuals and the relevant authorities as required by applicable law, including the Information Regulator in South Africa where POPIA applies.
13. YOUR RIGHTS AND CHOICES
Depending on your jurisdiction and subject to legal limits and verification requirements, you may have rights to request access to, correction of, deletion of, restriction of, or objection to processing of your personal information, to withdraw consent, to request portability, to appeal a decision on a rights request, or to lodge a complaint with a regulator.
We may ask for information reasonably necessary to verify your identity, authority, or request. Certain rights may be limited where exemptions or overriding legal grounds apply.
To exercise any rights, contact privacy@skwaddy.com.
14. JURISDICTION-SPECIFIC INFORMATION
14.1 South Africa (POPIA)
If POPIA applies, you may have rights recognised under POPIA, including rights of access, correction, objection, and complaint, subject to statutory limitations. You may lodge a complaint with the Information Regulator: https://www.justice.gov.za/inforeg/
14.2 United Kingdom and European Economic Area (UK GDPR / GDPR)
If UK GDPR or GDPR applies, you may have rights recognised under those laws, including rights of access, rectification, erasure, restriction, objection, portability, and complaint to a supervisory authority. Where applicable law sets a response period for rights requests, we will respond within that period. UK residents may contact the Information Commissioner’s Office: https://ico.org.uk
14.3 United States (CCPA/CPRA and State Privacy Laws)
Residents of California and other US states with comprehensive privacy laws may have specific privacy rights under applicable state law, which may include rights to know, access, correct, delete, opt out of certain processing, appeal, or limit certain uses of sensitive information, subject to scope, thresholds, and exceptions. The categories of personal information we collect are described in Section 3 of this Privacy Policy.
We do not sell personal information and do not share personal information for cross-context behavioural advertising.
To exercise any applicable rights, contact privacy@skwaddy.com.
14.4 COPPA (United States)
We do not knowingly collect personal information directly from children under the age of 13 in the United States. Parents and guardians provide information about their children through the Service; children do not interact with the Service directly. If you believe we have collected information from a child without proper parental consent, contact privacy@skwaddy.com.
15. COOKIES AND SIMILAR TECHNOLOGIES
We and our providers may use cookies, SDKs, pixels, local storage, and similar technologies for authentication, security, preferences, measurement, analytics, communications, and operation of the Service.
Where law requires consent for non-essential technologies, we will seek it through the relevant interface or mechanism. You may also be able to control certain technologies through your device, browser, or platform settings.
16. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. We will provide notice where required by law. The version posted with the effective date above will apply from that date.
17. CONTACT AND COMPLAINTS
For privacy questions, rights requests, or complaints, contact:
• Blue Pentagon Consulting (Pty) Ltd, trading as Skwaddy
• Information Officer: A. Bevu
• Cedarwood House, Ballywoods Office Park
• 33 Ballyclare Drive, Bryanston
• Gauteng, 2191, South Africa
• privacy@skwaddy.com / support@skwaddy.com
If applicable law gives you the right to complain to a regulator, you may also contact the relevant data-protection authority, including the Information Regulator in South Africa, the Information Commissioner’s Office in the United Kingdom, or another competent authority in your jurisdiction.
By using the Service, you acknowledge that you have read and understood this Privacy Policy.