PRIVACY POLICY

Privacy Policy for AutoM8TRX
 

Last updated: 31 March 2026
 

This Privacy Policy describes how AutoM8TRX (“we”, “us”, or “our”) collects, uses, stores, shares, and protects your information when you use our website, web application, mobile-accessible permit links, and related services (collectively, the “Service”).
 

AutoM8TRX is a digital firearm compliance and permit management platform designed for security companies and related authorised users in South Africa.
 

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.
 

Interpretation and Definitions
 

Interpretation

Words with capitalised initial letters have meanings defined below. These definitions apply whether they appear in singular or plural.
 

Definitions

For the purposes of this Privacy Policy:
 

Account means a unique account created for you to access our Service or parts of our Service.
 

Company means AutoM8TRX [insert full legal entity name], a company operating in South Africa.
 

Cookies mean small files placed on your device by a website, containing details of your browsing activity and preferences.
 

Country means South Africa.
 

Device means any device that can access the Service, such as a computer, cellphone, or tablet.
 

Personal Data means information relating to an identified or identifiable natural person, and where applicable, identifiable juristic persons as protected under applicable South African law.
 

Special Personal Information / Sensitive Data includes information such as biometric data, where applicable under law.
 

Service means the AutoM8TRX website, application, hosted portal, generated permit links, and related digital compliance tools.
 

Service Provider means any natural or legal person who processes data on behalf of AutoM8TRX, including cloud hosting, storage, email delivery, analytics, and support providers.
 

Usage Data means data collected automatically from use of the Service.
 

Website means AutoM8TRX, accessible from https://www.autom8trx.co.za and/or https://app.autom8trx.co.za.
 

You means the individual, company, client, administrator, employee, officer, authorised representative, or other legal entity accessing or using the Service.
 

Collecting and Using Your Personal Data
 

Types of Data Collected
 

Personal Data

While using our Service, we may collect or process personal information including, but not limited to:
 

  • Full names

  • Email addresses

  • Phone numbers

  • Company details

  • Job titles or roles

  • Physical or site deployment information

  • Identification numbers

  • PSIRA-related details

  • Competency details

  • Training records

  • Firearm allocation and permit information

  • Signature data

  • Thumbprints or other biometric-linked acknowledgements where used in the Service

  • ID photographs, profile images, and supporting compliance documents

  • Inspection records, incident records, counseling records, and related compliance documentation


Usage Data

Usage Data may be collected automatically when using the Service.

This may include:
 

  • IP address

  • Browser type and version

  • Device identifiers

  • Date and time of access

  • Pages or screens viewed

  • Time spent on pages

  • Operating system

  • Diagnostic and error log data

  • Push notification interaction data

  • Application activity and audit trail information
     

When the Service is accessed through a mobile device, we may also collect limited technical information about that device and its interaction with the Service.
 

Information Collected Through the Service

Because AutoM8TRX is a compliance and permit management platform, we may process records uploaded or entered by client organisations, including:
 

  • Employee register information

  • Firearm register information

  • Permit register information

  • Ammunition register information

  • Competency register information

  • Training records

  • Trauma counseling records

  • Shooting and discharge incident records

  • Firearm inspection records

  • Return and acknowledgement records

  • Supporting files, photographs, licence copies, certificates, and signatures
     

In many cases, the client organisation using AutoM8TRX is responsible for ensuring it has a lawful basis to provide this information to us for processing through the Service.
 

Tracking Technologies and Cookies
 

We may use Cookies and similar technologies to:
 

  • Keep users signed in

  • Maintain session security

  • Remember settings and preferences

  • Improve system functionality

  • Analyse how the Service is used

  • Help detect abuse, fraud, or unauthorised access
     

These technologies may include:

  • Session cookies
  • Persistent cookies
  • Local browser storage where appropriate
  • Security and authentication tokens
  • Web beacons or similar technologies in limited cases


You can instruct your browser to refuse Cookies, but some parts of the Service may not function properly if Cookies are disabled.
 

Use of Your Personal Data
 

We may use Personal Data for the following purposes:
 

  • To provide, operate, and maintain the Service

  • To create and manage user accounts

  • To issue, deliver, verify, acknowledge, return, cancel, and archive digital firearm permits

  • To maintain compliance registers and related business records

  • To send notifications, alerts, reminders, and operational communications

  • To authenticate users and manage access permissions

  • To support reporting, audit trails, traceability, and record integrity

  • To respond to enquiries, support requests, or onboarding needs

  • To improve performance, reliability, usability, and security of the Service

  • To detect, prevent, or investigate fraud, misuse, security incidents, or unauthorised activity

  • To comply with legal and regulatory obligations

  • To enforce our agreements, terms, and internal policies

  • For internal business operations, analytics, backups, and system administration
     

Where permitted by law, we may also use limited contact information to send service-related notices, updates, product changes, billing communications, and other relevant business communications.


Biometric and Sensitive Information

AutoM8TRX may process sensitive information, including electronic signatures, thumbprints, identification numbers, photographs, and compliance-related records, where such information is uploaded, captured, or used as part of the Service.
 

We process this information only for legitimate operational, security, compliance, audit, verification, and recordkeeping purposes connected to the Service, and subject to applicable law.
 

Client organisations remain responsible for ensuring that they have the necessary authority, notice, consent, justification, or other lawful basis required under applicable law to collect and submit such information for processing through AutoM8TRX.
 

Lawful Basis and POPIA
 

Where the Protection of Personal Information Act, 2013 (“POPIA”) applies, we process personal information only where there is a lawful basis to do so, including where processing is necessary for:
 

  • providing the Service;

  • performing a contract;

  • complying with legal obligations;

  • pursuing legitimate business purposes in a lawful and proportionate manner; or

  • another lawful basis recognised under applicable law.
     

Where special personal information or sensitive data is processed, additional legal requirements may apply.
 

Sharing of Your Personal Data
 

We may share personal information in the following circumstances:
 

With Service Providers
 

We may share information with trusted third parties who assist us in operating the Service, such as:
 

  • cloud hosting providers;

  • storage providers;

  • email and notification service providers;

  • infrastructure and security providers;

  • support and maintenance providers.
     

Within Client Workflows
 

Information may be made accessible to authorised users within a client organisation according to role-based permissions, workflows, and operational requirements.


For Legal or Regulatory Reasons

We may disclose information where required to do so by law, court order, subpoena, lawful request from a competent authority, or to protect rights, safety, systems, or property.


Business Transfers

If AutoM8TRX is involved in a merger, acquisition, restructuring, sale of assets, or similar transaction, personal information may be transferred as part of that transaction, subject to applicable law.


With Your Consent

We may share information for other purposes where you or the relevant client organisation have authorised us to do so.


We do not sell personal information to third parties.


Retention of Your Personal Data


We retain personal information only for as long as reasonably necessary for:

 

  • the purposes described in this Privacy Policy;

  • service delivery and support;

  • audit trails and traceability;

  • legal, regulatory, tax, accounting, or contractual requirements;

  • dispute resolution; and

  • enforcement of our legal rights and agreements.


Retention periods may vary depending on the type of data, client instructions, legal obligations, and the operational purpose of the record.


We may retain certain system logs, backups, and audit records for security, integrity, recovery, and compliance purposes.

 


Security of Your Personal Data

We take reasonable technical and organisational measures to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.


These measures may include:

 

  • HTTPS and transport encryption

  • access controls and role-based permissions

  • password protection and authentication safeguards

  • audit logs

  • secure cloud storage

  • restricted administrative access

  • system monitoring and security controls

  • data backup and recovery procedures


However, no method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.


Your Rights

Subject to applicable law, you may have the right to:

 

  • request access to personal information;

  • request correction of inaccurate or incomplete information;

  • object to certain processing;

  • request deletion where appropriate;

  • withdraw consent where processing is based on consent;

  • lodge a complaint with the relevant data protection authority.


Where AutoM8TRX acts as an operator on behalf of a client organisation, requests relating to employee or operational data may need to be directed first to the relevant client organisation acting as the responsible party.


Links to Other Websites

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices, content, or policies of those third parties. You should review their privacy policies separately.


Changes to This Privacy Policy

We may update this Privacy Policy from time to time.


When we make changes, we will update the “Last updated” date above and may also provide notice through the Website, application, email, or other appropriate means where required.


Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy, to the extent permitted by law.



 

AutoM8TRX
Website: https://www.autom8trx.co.za
Application: https://app.autom8trx.co.za
 

Contact Us

If you have any questions about this Privacy Policy or the way AutoM8TRX handles personal information, you can contact us:

Have questions? We're ready for them.

Chat with us on WhatsApp.

Contact us