Vextro Privacy Policy

Effective date: 28 April 2026
Operator: SYNERGY6 PTY LTD
Address: 17 Joyhurst Street, Chatsworth, Durban 4091
Contact: info@synergydesigns.co.za

Summary: Vextro is designed so that core merchant business records are primarily stored on the merchant's device. We still process limited personal information for account access, subscriptions, Paystack gateway operations, hosted payment pages, and service security.

1. Introduction

This Privacy Policy explains how SYNERGY6 PTY LTD, trading as Vextro, collects, uses, stores, and protects personal information in connection with Vextro. This policy should be read together with the Vextro Terms and Conditions.

2. Scope

This policy applies to the Vextro mobile app, hosted payment and quote pages, website pages, support communications, and related backend services.

3. Applicable Law

We process personal information in accordance with applicable law, including the Protection of Personal Information Act 4 of 2013 ("POPIA").

4. Personal Information We Process

4.1 Account and sign-in information

email address
display name or account name
authentication identifiers and sign-in metadata
basic account status and subscription status

4.2 Limited operational information

gateway configuration metadata
encrypted Paystack payment-gateway secrets where applicable
payment-link tokens, hosted quote tokens, and webhook records
support correspondence and diagnostic information

4.3 Information shown through hosted pages

When a merchant uses hosted payment or quote pages, customer-facing information such as merchant name, document number, totals, and selected document details may be rendered through those pages for the intended transaction flow.

5. Merchant Data Stored Primarily on Device

Vextro is built as a local-first product. Merchant operational records such as customer records, invoices, quotes, proof-of-work images, signatures, and similar business records are primarily stored locally on the merchant's device rather than being retained as Vextro's full cloud-hosted source of truth.

6. How We Use Personal Information

to create and manage user accounts
to authenticate users and protect account security
to provide subscriptions, entitlement checks, and billing-related functions
to enable Paystack gateway configuration, hosted payment pages, quote links, and webhook handling
to provide customer support and respond to queries
to maintain service integrity, detect abuse, and improve the product
to communicate service notices and, where permitted by law, product updates or marketing messages

7. Marketing Communications

By using Vextro, you agree that we may send service-related communications about your account, security, subscriptions, payments, and product operations. We may also send product updates and marketing communications where permitted by law. Where applicable law requires an unsubscribe or opt-out mechanism for certain marketing communications, that mechanism will apply.

8. Legal Bases and Merchant Responsibility

We process information where necessary to perform our contract with users, operate the Services, comply with legal obligations, protect legitimate business interests, or where consent is otherwise required and obtained.

If you use Vextro to collect or process customer information, you remain responsible for ensuring that your own collection and use of customer information is lawful and compliant with POPIA and any other applicable law.

9. Sharing of Information

We may share personal information with service providers or third parties only where reasonably necessary to operate Vextro, including authentication providers, app stores, infrastructure providers, analytics or diagnostics providers, payment gateway integrations, and professional advisers.

We may also disclose information if required by law, court order, regulator, law-enforcement authority, or to protect the rights, security, or integrity of Vextro, users, customers, or the public.

10. Third-Party Services

Vextro may rely on third-party services such as Firebase Authentication, Google Sign-In, Apple App Store, Google Play, Paystack, hosting providers, and device backup services. Those third parties have their own terms and privacy practices.

11. Data Retention

We aim to minimise retention of server-side personal information. Account access data, subscription records, support records, and operational security logs may be retained for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, enforce our agreements, or protect service integrity.

Because merchant operational records are primarily device-based, the merchant is responsible for managing retention, deletion, export, and backup of those records on the device and through any device backup tools used.

12. Security

We take reasonable technical and organisational measures to protect personal information, including access controls, encrypted transmission where appropriate, and encrypted storage of certain sensitive operational secrets. No system can be guaranteed to be completely secure.

13. International or Cross-Border Processing

Some infrastructure or service providers used in connection with Vextro may process data outside South Africa. Where this occurs, we do so subject to applicable legal requirements and operational safeguards.

14. Data Subject Rights

Subject to applicable law, you may have rights to request access to, correction of, or deletion of personal information that we hold about you, or to object to certain processing. Requests may be sent to info@synergydesigns.co.za.

15. Cookies and Similar Technologies

Hosted pages or website pages may use basic web technologies necessary for page delivery, security, analytics, or session handling. Detailed cookie controls should be reviewed if you later add broader website analytics or advertising tools.

16. Children's Information

Vextro is intended for business users and is not directed at children as a primary audience. Users must not intentionally submit children's personal information through the Services unless they are lawfully authorised to do so.

17. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will be published at the applicable Vextro privacy-policy URL and will take effect from the stated effective date.

18. Contact

Questions, requests, or privacy-related concerns may be sent to info@synergydesigns.co.za.

Recommended legal review topics before launch: POPIA wording, hosted payment-page disclosures, support/contact workflow, and any future analytics or marketing tooling.