Privacy Policy

This Privacy Policy explains how eRunna collects, uses, shares, and protects your information when you use our Services. We comply with applicable privacy laws, including POPIA in South Africa. For questions: privacy@erunna.app.

1. Data controller

Data controller: eRunna (Pty) Ltd (provisional). Operator/processor: BIX Technology (provisional) providing development and operational services on behalf of eRunna. Contact: privacy@erunna.app.

2. What we collect

• Account data: name, email, phone, profile details.
• Authentication data: Firebase UID, tokens.
• Location data: precise foreground and background location for runners and, when enabled, for customers to support pickups, routes, and ETAs.
• Device and app data: device identifiers, OS/version, app version, diagnostics, crash logs.
• Order/errand data: pickup/drop-off, item details, timestamps.
• Payments: tokens/authorization codes from Paystack; we do not store full card numbers.
• Communications: support requests, ratings/reviews.

3. How we use data

• Provide and improve Services: matching, routing, tracking, payments, notifications.
• Safety and integrity: fraud prevention, abuse detection, incident investigation.
• Customer support and communications.
• Analytics and performance monitoring (aggregated/de-identified where possible).
• Legal compliance and record-keeping.

4. Legal bases (where applicable)

• Contract: to deliver the Services you request.
• Consent: push notifications, background location (you can withdraw in device settings; functionality may be limited).
• Legitimate interests: service improvement, safety, fraud prevention.
• Legal obligation: tax/financial reporting.

5. Sharing of data

• Service providers/subprocessors: hosting (GCP/Firebase), analytics/monitoring, payments (Paystack), messaging, crash reporting.
• Delivery context: limited data shared between customers, runners, and merchants as required to fulfill orders/errands (e.g., first name, pickup/drop-off area).
• Legal and safety: to comply with law, enforce terms, or protect rights and safety.
• Business transfers: in connection with a merger, acquisition, or sale of assets.

6. International transfers

Your information may be processed in countries where our providers operate. We use appropriate safeguards (e.g., contractual commitments).

7. Retention

We retain data for as long as necessary to provide the Services and as required by law. See the Data Retention Policy for details.

8. Your rights

Subject to law, you may request: access, correction, deletion, restriction, objection, and portability. To exercise rights or lodge a complaint: privacy@erunna.app. We respond within 30 days.

9. Security

We use technical and organizational measures to protect data (encryption in transit, access controls, monitoring). No method is 100% secure.

10. Children

The Services are not directed to children under 18.

11. Changes

We may update this Policy. We will post updates with a new "Last updated" date and, where material, provide in-app notice.

12. Contact

privacy@erunna.app