Privacy Policy
SizaBill Invoicing: Data Care Commitment
Version 1.0 · Last updated 31 May 2026
This Privacy Policy describes how SizaBill Invoicing (Pty) Ltd handles your personal information. It is written in plain language because trust starts with clarity, and aligned to the Protection of Personal Information Act (POPIA) because protecting your data is a duty we take seriously.
1.Introduction & Our Philosophy of Care
Why this policy exists
At SizaBill Invoicing (Pty) Ltd ("SizaBill", "we", "our", or "us"), we view data protection as an extension of our professional relationship with you. We do not just see data; we see the businesses, livelihoods, and trust you place in our hands.
We are deeply committed to protecting your personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (POPIA) and other applicable South African legislation. This Privacy Policy outlines how we collect, use, store, and carefully nurture the safety of your personal information when you use our platform.
2.Who We Are & Our Registered Information Officer
Accountability
SizaBill Invoicing is a South African-based invoicing and practice management platform designed to ease the administrative burdens of small and medium businesses. We operate as a "Responsible Party" under POPIA.
To ensure accountability and open communication, we have appointed an Information Officer who is officially registered with the Information Regulator of South Africa. If you have any concerns, questions, or just need clarity on your data, our Information Officer is here to support you at privacy@sizabill.co.za.
3.Information We Collect, Choice, and Consequences
What we hold and why
To serve you effectively, we collect information you provide directly to us, including your name, business name, email address, and banking details for invoice generation. We also collect platform usage data (log data, device info, and usage patterns) to maintain system health.
- Mandatory vs. Voluntary Information: Providing your basic business details, email, and billing setup is mandatory to activate your account and fulfil our contract. Providing optional profile details or subscribing to our feedback surveys is entirely voluntary.
- Consequences of Not Providing Data: If you choose not to provide mandatory billing or account details, we will unfortunately be unable to create your account or generate compliant invoices for your business.
- Payment Safety: We do not collect or store credit card details. All payment processing is safely managed by certified third-party providers.
4.How and Why We Use Your Information
Lawful basis under POPIA
We believe in using your data with strict intentionality. We process your information under the following POPIA lawful grounds:
- Performance of a Contract: To operate the SizaBill platform, manage your account, and deliver transactional emails (verifications, password resets, invoice copies).
- Legal Obligation: To comply with South African accounting, tax, and corporate laws.
- Legitimate Interests: To prevent fraud, troubleshoot technical issues, and improve platform usability.
- Consent: To share helpful business tips or SizaBill product updates. You are always in control and can withdraw this consent instantly.
5.No Automated Decision-Making
Honouring human agency
We honour human agency. SizaBill does not use your personal information or behaviour to make automated decisions (such as profiling or automated credit assessments) that could negatively impact you or your business standing.
6.Sharing with Trusted Partners
Who else touches your data
We will never sell your personal information. We only share essential data with trusted third-party service providers (such as email delivery systems and secure cloud hosting) who help us run the platform. These partners operate under strict confidentiality agreements, treating your data with the same high level of care that we do.
7.Cross-Border Data Transfers
Where your data lives
To ensure world-class reliability, speed, and uptime, SizaBill utilises cloud infrastructure that may host, store, or process your data outside the borders of South Africa (for example, in secure European or US data centres). We ensure that any international cloud partners we use are bound by data privacy standards and laws that are equal to or stricter than POPIA.
8.Data Retention & Mindful Erasure
How long we keep things
We keep your data only for as long as it takes to support your business. Financial records (invoices and payment logs) must be securely retained for a minimum of five years to comply with South African tax legislation.
If you decide to close your account, we respect your right to step away. We will permanently delete or anonymise your personal data within 30 days, keeping only what we are legally forced to retain by tax authorities.
9.Our Security Promise & Breach Notification Commitment
When something goes wrong
We secure your data using industry-standard technical measures, including TLS encryption in transit, hashed passwords, and strict internal access controls.
Because we care about transparency, we promise that if our defences are ever breached and your data is compromised, we will not hide it. In compliance with Section 22 of POPIA, we will immediately investigate and notify both the Information Regulator and you as soon as reasonably possible, providing clear steps on how you can protect yourself.
10.Minimalist Cookie Approach
How we use cookies
We respect your digital boundaries. We only use essential session cookies (like authentication tokens) necessary to keep you securely logged into the platform. We do not track you across the internet using third-party advertising cookies. You can turn off cookies in your browser, but it will disrupt your ability to use SizaBill. See our Cookie Policy for a full breakdown of what each cookie does.
11.Third-Party Connections
Integrations and their independent policies
Our platform integrates with vital external tools (like payment gateways). Because these external tools have their own independent privacy rules, we encourage you to look over their policies. While we choose our integrations with care, we cannot be legally responsible for their independent practices.
12.Protecting the Vulnerable (Children's Privacy)
Strictly business-to-business
SizaBill is strictly a business-to-business platform meant for adults (18 years and older). We do not knowingly collect information from children. If we discover we have accidentally gathered data from anyone under 18, we will delete it immediately.
13.Changes to This Commitment
How policy changes are communicated
As our platform evolves, we may update this policy. We will always give you a heads-up about major changes via email or an obvious dashboard notification. Continued use of SizaBill means you acknowledge our updated practices.
14.Your Rights & Honouring Your Autonomy
What you can ask of us
Under POPIA, you retain full ownership of your digital identity. You have the right to:
- Access and view the personal data we hold about you.
- Request immediate correction of any mistakes in your data.
- Request erasure of data that is no longer legally required.
- Object to data processing based on legitimate interests.
- File a formal complaint if you feel we have failed to care for your data properly.
To use any of these rights, please contact our team at privacy@sizabill.co.za.
If you feel we have not addressed your concerns with the care they deserve, you have the right to contact the office of the Information Regulator of South Africa directly via their official portal at inforegulator.org.za.
By continuing to use SizaBill, you confirm you have read and understood this Privacy Policy. Your acceptance is recorded against your account with the policy version above and the timestamp of your acceptance. You can review our Terms of Service and Cookie Policy for related details.