Home  /  Privacy Policy

Privacy Policy

PJD Payment Capture mobile application  ·  Effective date: 17 May 2026  ·  Last updated: 17 May 2026

1. Introduction

This Privacy Policy explains how PJD Financial Capital ("PJD", "we", "us", "our") collects, uses, stores, shares and protects personal information in connection with the PJD Payment Capture mobile application (the "App"). PJD Financial Capital is an Authorised Financial Services Provider (FSP No. 27555) in South Africa.

We are committed to protecting personal information in accordance with the South African Protection of Personal Information Act, 2013 (POPIA) and applicable Google Play requirements.

2. Scope

This policy applies only to the PJD Payment Capture App. It does not cover other PJD products, websites, or services, or the practices of third parties. The App is a business tool intended solely for use by authorised PJD brokers, agents and staff ("App Users"). It is not intended for use by members of the public or by PJD's insurance policyholders directly.

3. Information We Collect and Process

3.1 App User (broker / agent) account information

The App requires sign-in with a Microsoft Entra ID (Microsoft 365) account issued or authorised by PJD. When an App User signs in we process their name, email address / user principal name, and a unique account identifier supplied by Microsoft Entra ID, in order to authenticate the user and enforce access permissions.

3.2 Customer (policyholder / member) personal information

To perform its function the App accesses and processes personal information of PJD policyholders and members held in PJD's secure business records, which may include:

• Full name and contact details (mobile number, email address);
• South African identity number and customer / policy number;
• Funeral cover product, plan and policy status;
• Premium amounts and monthly premium breakdown;
• Payment records captured through the App;
• EasyPay reference number and barcode;
• Associated broker and agent details.

App Users only see records that their assigned security permissions allow.

3.3 Camera

The App uses the device camera for one purpose only: to scan an EasyPay barcode in order to look up a member. Camera images are processed on the device in real time to read the barcode and are not stored, retained, or transmitted. The App does not access the photo gallery and does not record video.

3.4 Technical information

Standard technical information necessary to operate the App securely (such as authentication tokens cached on the device by Microsoft's sign-in library, and basic device / operating-system information) is processed. The App does not use advertising identifiers and does not track users across other apps or websites.

4. How We Use Information

• To authenticate App Users and control access to data;
• To search for and display member and policy records;
• To capture and record member payments;
• To generate a digital membership card containing the member's EasyPay barcode;
• To carry the associated distributor and agent onto payment records;
• To maintain the security, integrity and proper functioning of the App;
• To comply with our legal, regulatory and contractual obligations.

5. Legal Basis for Processing

We process personal information where it is necessary for the conclusion or performance of an insurance contract, to comply with a legal obligation, for our legitimate business interests as a financial services provider, or with consent where required by POPIA.

6. How Information Is Stored and Secured

Member and policy information is stored in Microsoft Dataverse, a secure cloud business platform operated by Microsoft, not on the user's device. Access is protected by Microsoft Entra ID authentication and role-based security permissions. Data in transit is encrypted using HTTPS/TLS, and data at rest is encrypted by the Microsoft cloud platform. We apply technical and organisational measures designed to protect personal information against unauthorised access, loss, or misuse.

7. How We Share Information

We do not sell personal information. We share information only as follows:

• Microsoft Corporation — as our cloud service provider (Microsoft Entra ID and Microsoft Dataverse), acting as a processor that hosts and secures the data on our behalf;
• Authorised brokers and agents — App Users acting on PJD's behalf, who access records relevant to their role;
• Payment and collections partners — where required to process or reconcile a captured payment (for example EasyPay);
• Regulators, courts and law-enforcement — where disclosure is required by law or to protect our legal rights.

Google Play distributes the App; Google does not receive the member or payment data processed within the App.

8. International Transfers

Microsoft cloud services may process or store data in data centres outside South Africa. Where personal information is transferred across borders, it remains subject to safeguards consistent with POPIA and Microsoft's contractual data-protection commitments.

9. Data Retention

Member, policy and payment information is retained for as long as necessary to fulfil the purposes described in this policy and to meet the record-keeping periods required of a financial services provider under South African law. Authentication tokens cached on the device are short-lived and are cleared when the App User signs out or the App is uninstalled.

10. Data Deletion and Your Rights

Subject to POPIA and our legal retention obligations, data subjects may request to:

• access the personal information we hold about them;
• correct or update inaccurate or incomplete information;
• request deletion or destruction of personal information that we are no longer required or entitled to keep;
• object to certain processing of their personal information.

To make a request, or to ask that data associated with the App be deleted, contact our Information Officer using the details in section 14. We will respond in accordance with POPIA. Note that some information must be retained to comply with legal and regulatory obligations and cannot be deleted on request.

11. Children's Privacy

The App is a business tool for authorised brokers and agents. It is not directed at children and is not made available to or intended for use by anyone under the age of 18.

12. Third-Party Services

The App relies on the following third-party services, each with its own privacy practices:

• Microsoft Entra ID and Microsoft Dataverse — authentication and data platform (see Microsoft's Privacy Statement at privacy.microsoft.com);
• Google Play — app distribution (see Google's Privacy Policy at policies.google.com/privacy).

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be communicated to App Users through appropriate channels.

14. Contact Us

Data subjects also have the right to lodge a complaint with the Information Regulator of South Africa (inforegulator.org.za).