Privacy Policy

Last Updated: May 2026

1. INTRODUCTION

Elite Remote Solutions (Pty) Ltd ("we", "us", "our") respects your privacy and is committed to protecting your personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) of South Africa.

This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the Elite Remote Learning application or website.

2. WHO WE ARE

• Company: Elite Remote Solutions (Pty) Ltd
• Trading as: Elite Remote Learning
• Registration: 2022/496372/07
• Founded by: Thaakirah Unwarsa
• Information Officer: Thaakirah Unwarsa (Founder & Director)
• Contact: info@eliteremotesolutions.co.za

3. INFORMATION WE COLLECT

3.1 Information You Provide

• Name and contact details (email, phone)
• Parent/guardian details (for users under 18)
• Student name, grade, and curriculum
• Login credentials (email and password)
• Payment information (handled by Paystack, NOT stored by us)
• Photos and questions uploaded for homework help
• Communications with our support team

3.2 Information We Automatically Collect

• Usage data (subjects studied, time spent, features used)
• Device information (type, operating system, app version)
• IP address and approximate location
• Browser type and language preferences
• Crash reports and performance data

3.3 We Do NOT Collect

• Bank account details
• ID document copies (except parent ID for verification, optional)
• Biometric data
• Medical or health information
• Card payment details (handled by Paystack)

4. HOW WE USE YOUR INFORMATION

We use your information to:

• Provide the AI tutoring service
• Personalise learning for the student's grade and curriculum
• Process subscription payments via Paystack
• Send important account notifications
• Respond to support requests
• Improve the Service and AI accuracy
• Track learning progress for parent dashboards
• Detect fraud and ensure account security
• Comply with legal obligations

5. CHILDREN'S PRIVACY

Special protections for users under 18:

• Parental/guardian consent is REQUIRED before account activation
• Parents provide verifiable contact details (email, phone)
• Email verification link sent to parent before account activation
• Parents can review, modify, or delete their child's data anytime
• NO direct marketing to children
• Account locked if parent withdraws consent
• Children's photos uploaded for homework are processed by AI then discarded

6. AI PROCESSING

Our AI tutor "Elite" is powered by industry-leading language model technology:

• Questions and homework photos are sent to our AI processing partners
• NO personally identifiable information is shared with AI services
• AI partners do NOT retain your queries for training
• Conversation history is stored on our SA servers, not with AI partners
• You can delete your conversation history anytime

7. DATA SHARING

We share your data ONLY with:

7.1 Service Providers

• Paystack: Payment processing (card data only)
• Vultr: Hosting (encrypted server storage)
• Google: Email service (Gmail SMTP)
• AI Technology Providers: Tutoring responses (anonymised queries only)

7.2 Legal Requirements

We may disclose data when required by law:

• Court orders or legal subpoenas
• POPIA enforcement requests
• Law enforcement investigations
• Prevention of fraud or harm

7.3 We NEVER:

• Sell your personal information to anyone
• Share data with marketing companies
• Allow third parties to track children
• Share data outside of South Africa without consent

8. DATA STORAGE AND SECURITY

• Data stored on encrypted servers in Johannesburg, South Africa
• All data transmission encrypted with TLS 1.3
• Passwords hashed using bcrypt (one-way encryption)
• Multi-factor authentication for admin access
• Regular security audits and penetration testing
• Daily encrypted backups
• Strict access controls (only essential staff)

9. DATA RETENTION

• Account data: While subscription is active + 30 days after cancellation
• Payment records: 7 years (SARS tax compliance)
• Support communications: 2 years
• Usage analytics: Anonymised after 1 year
• Homework photos: Deleted after 30 days unless saved by user
• Children's data: Permanently deleted within 30 days of account deletion

10. YOUR RIGHTS UNDER POPIA

You have the following rights:

• Right to Access: Request a copy of your personal information
• Right to Correction: Update inaccurate information
• Right to Deletion: Request deletion of your data
• Right to Object: Object to certain types of processing
• Right to Withdraw Consent: Withdraw consent anytime
• Right to Data Portability: Receive your data in a portable format
• Right to Lodge Complaint: Complain to the Information Regulator

To exercise these rights, email: info@eliteremotesolutions.co.za

11. INFORMATION REGULATOR (SA)

If you believe your privacy rights have been violated, you can complain to:

• Information Regulator (South Africa)
• JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
• Email: inforeg@justice.gov.za
• Phone: +27 (0) 10 023 5200
• Website: www.justice.gov.za/inforeg

12. COOKIES AND TRACKING

Our website uses minimal cookies for:

• Essential session management (login)
• Security and fraud prevention
• Preference storage (language settings)

We do NOT use:

• Advertising cookies
• Third-party tracking
• Social media tracking pixels

13. THIRD-PARTY LINKS

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies separately.

14. INTERNATIONAL DATA TRANSFERS

Your data is stored in South Africa. Limited data transfers occur to:

• AI processing services (queries only, no personal info)
• Paystack (payment processing - PCI compliant)

All transfers comply with POPIA cross-border data requirements.

15. CHANGES TO THIS POLICY

• We may update this Privacy Policy from time to time
• Material changes will be communicated via email and in-app notification
• Updated date shown at the top of this policy
• 30-day notice for significant changes

16. SECURITY INCIDENT RESPONSE

In the event of a data breach:

• We will notify affected users within 72 hours
• The Information Regulator will be notified as required by POPIA
• Detailed incident report provided
• Remediation actions communicated

17. CONTACT INFORMATION

Back to Home