YouToo – Privacy Policy
Last updated: 30 September 2025
-
Introduction
- YouToo (Pty) Ltd, registration number 2025/513806/07 ("YouToo") respects your privacy and is committed to processing and protecting your Data in a lawful, fair and transparent manner.
- By using our website and accessing the Services, you agree to be bound by this Privacy Policy and consent to the processing of your Data as set forth herein. If you do not agree to and accept this Privacy Policy, you should not use our Website or access the Services.
- This Privacy Policy relates solely to the Website and the Services. The Services may contain links to websites operated by third parties. We are not responsible for the content provided in respect of such websites and/or the privacy policies of such websites and it is recommended that you refer directly to these third parties regarding their privacy policies before supplying any information to them.
- The terms defined in our Terms of Use shall have the same meanings in this Privacy Policy.
-
What Is Data?
- Data refers to all information provided by you to us pursuant to your use of the Services and includes Personal Data (defined below).
- Personal Data is any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers, Personal Data as defined in the Electronic Communications and Transactions Act, 25 of 2002 and/or Personal Information as defined in the Protection of Personal Information Act, 4 of 2013 in the case of South African users and users elsewhere in the world.
-
What information is collected?
- In order to use the Services, you will be required to:
- register an Account, which entails the disclosure of certain Data such as your first and last names, telephone numbers, physical, postal and e-mail addresses, banking and/or credit card details; and
- allow us to access Data from your accounts on Third Party Apps.
- The website may use Cookies from time to time to monitor usage of the website and to create a personal record of when you visit the website and what pages you view so that we may serve you more effectively. Our web servers may also send Cookies to your browser to track navigation history. Cookies do not identify you personally, but they may link back to a database record about you.
-
How is my information used?
- Your Data is stored and collected for purposes of providing the Services, registration and verification, communicating with you, understanding how you use the Services, marketing and advertising, aggregation of your information, to assist with technical support or otherwise as may be required by law.
- We may access, aggregate and use your non-personalised Data in order to improve the Services and provide our users with better information regarding the Services.
- We will use your Data to contact you about promotions, news, updates and other information relating to the Services, and shall be entitled to send you communications regarding the operation of the website as well as your continued use of the Services. Should you wish to opt out of certain communications received from us, you may do so by changing your preferences in relation to your Account.
- We will process your Data in accordance with our obligations in terms of the relevant laws, including:
- in the case of UK Users, the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (the “UK GDPR”), as it forms part of the law of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003 as amended, and any successor legislation;
- in the case of European Users, the General Data Protection Regulation (EU) 2016/67;
- in the case of United States of America Users, the National Institute of Standards and Technology (NIST) 800-171 Revision 1 (2016),
- in the case of South African Users, the Protection of Personal Information Act, 4 of 2013,
-
Where is my information stored?
-
Is my information secure?
- We use reasonable technical and organisational measures to secure the integrity of the Data under our control and to prevent the loss of, damage to or unauthorised destruction of your Data and unlawful access to or processing of your Data.
- All Data is stored in a secure database which is protected behind firewalls and is hosted in such a way that the database itself is not accessible to the outside world. However, the transmission of Data via the internet is at your own risk and we accept no responsibility or liability for any security breach or in the event your Data is damaged, loss disclosed, copied or modified in any unauthorised manner.
- The website retrieves your Data and presents it to you through a secure encrypted channel that cannot be viewed by anyone but yourself.
- We are also committed to protecting your Data offline by ensuring that all of your Data, and not just sensitive information, is restricted to only those employees who need it to perform a specific task.
- When a significant change in the processing of Data is introduced, we will undertake a data protection impact assessment prior to implementing such change.
- We maintain a personal data breach register under the control of our data protection officer and ensure that our employees remain aware of their responsibilities with regards to data breaches. Based on the severity thereof, you and any relevant regulator will be informed of any breaches of your Data within 72 hours of identifying the breach.
-
How long is my information retained for?
-
What are my rights?
- You have the following rights, which we will always work to uphold:
- the right to be informed about our collection and use of your Data...
- the right to access your Data that we hold...
- the right to have your Data rectified if any of your Data held by us is inaccurate or incomplete...
- the right to be forgotten...
- the right to restrict (i.e. prevent) the processing of your Data...
- the right to object to us using your Data...
- the right to withdraw consent...
- the right to data portability...
- rights relating to automated decision-making and profiling.
-
If you have any cause for complaint about our use of your Data, you have the right to lodge a
complaint
with
the Information Regulator regarding the processing of your Data. The contact details of the
Information
Regulator are as follows:
JD House, 27 Stiemans Street, Braamfontein, Johannesburg 2001
PO Box 31533, Braamfontein, Johannesburg, 2017
Tel No. +27 (0) 10 023 5200
E-mail: complaints.IR@justice.gov.za -
Children
-
Disclosures
- On rare occasions, we may be required to disclose your Data due to legal or regulatory requirements. In such instances we reserve the right to disclose your Data as required in order to comply with our legal obligations including complying with court orders, warrants, subpoenas, service of process requirements or discovery requests.
- We may also disclose information about you to law enforcement officers or others, in the good-faith belief that such disclosure is reasonably necessary to enforce our terms and conditions or this privacy policy or respond to legal claims, to protect our intellectual property rights or the personal safety of its employees, officers, directors, agents or contractors or the general public.
- We will notify you of any transaction in which substantially all of our assets which contain your Data are sold to or merged into another company. The acquiring company will be given access to your Data without your consent.
-
The Details of Our Information Officer
-
Amendment of this Policy
By accessing the Services and using the website, you hereby acknowledge and agree that:
and in doing so, we undertake not to request unnecessary Data, process your Data outside the legitimate purpose for which it was collected, share, rent or sell your Data disclosed to it with third parties except when you have consented or directed us to share the Data with service providers, affiliates and partners who perform services on our behalf, in the event that we are involved in a merger, acquisition or the sale of all or a part of our assets, or as may be required by law or when, in our sole opinion, it is necessary to do so to protect our rights or your safety or the safety of others, or to investigate and/or prevent fraud or a breach of security.
Your Data is stored on servers hosted by Amazon Web Services Inc. on servers located in the Republic of Ireland, United States and/or South Africa. The hosting provider is bound by a privacy agreement entered into with us and your Data is stored securely, privately and is accessed using encrypted channels. In case of fire or damage to these servers, a backup solution exists to ensure no single point of failure.
We will only store or transfer your Data in or to countries that are deemed to provide an adequate level of protection for personal data.
Your Data will be stored, processed and used by us at our operating offices only for so long as your Account is active and as may be necessary to provide the Services, comply with any applicable laws, resolve disputes and to enforce our agreements.
The Services are for purchase by adults, although they may be used by children. If you are under the age of 18, you may only use the Website and Services with the involvement of a parent or guardian. We do not knowingly store or process personal data from persons under the age of 18.
All questions, queries or requests you may have in relation to this Privacy Policy and/or your Data
should
be addressed to our information officer at the following address:
Information Officer: Gianluca Schiavini
Telephone: +27 10 010 0423
E-mail: info@youtoo.co.za; gianlucaschiavini@gmail.com
We reserve the right to amend this Privacy Policy, from time to time. Such amendments shall be effected by way of publication thereof on the website, and you waive any right you may have to receive specific notice of such amendments.