Privacy Policy (POPIA Compliant)
Last Updated: June 2026
RED DUCK TECH (PTY) LTD (registration number 2026/309028/07, registered at 310 Waterbrook, Sitari Country Estate, Macassar, Cape Town, 7134, South Africa) values your privacy rights, specifically as protected under the Protection of Personal Information Act (POPIA), No. 4 of 2013 in South Africa. This policy clarifies exactly what data we collect when you sign up for Sling, how we isolate it, and how we protect it.
1. Data We Collect and Processing Purposes
When you register an account, we collect and process the following minimal data footprints:
- Account Credentials:Full name, email address, and profile data securely retrieved via Google OAuth protocols during account creation.
- Operational Merchant Assets:Business name, typography selections, layout configuration variables, product imagery, and text entries designed to compile your live showcase store.
2. The Sandbox Moat: Database Isolation
Unlike legacy e-commerce platforms that pool thousands of businesses into a single, massive global database matrix, Sling runs a hyper-isolated server architecture:
- Every merchant profile is assigned its own distinct, physical sandboxed database file.
- Your operational records and customer interactions are isolated behind dedicated system namespace walls at the server kernel layer, removing the risk of cross-tenant data leaks.
3. Server Infrastructure Locations
Our primary hosting infrastructure is provisioned through enterprise-grade, highly secure virtual private servers located in European datacenters (Hetzner Online GmbH, Germany). By using this platform, you consent to the cross-border transfer of your site configuration variables to be processed on these high-performance nodes. No customer payment credentials or sensitive personal identification numbers are cached on these infrastructure environments.
4. Third-Party Integrations (The Payment Gateways)
Account subscriptions and customer payment flows are initialized safely via our secure, tokenized billing integration partners (who operate fully PCI-DSS compliant payment gateways). Red Duck Tech (Pty) Ltd never sees, processes, or retains your raw credit card data or banking authentication strings.
5. Your Rights Under POPIA
You have the right to request access to any personal information stored in your dedicated system profile, object to processing activities, or request the absolute deletion of your container instance from our server nodes. To trigger a full data export or a permanent deletion of all data linked to your account, please contact our Information Officer directly at jordanscarrott@gmail.com.