← Back to home

Privacy Policy

Last updated: April 2026

1. Introduction

Accounter26 (Pty) Ltd (“Accounter26,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, and share information when you use our AI accounting agent and related services (the “Service”).

We process personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA), and other applicable data protection legislation. Accounter26 (Pty) Ltd is the responsible party for the purposes of POPIA.

2. Information We Collect

We collect information in the following categories:

Account information. When you register, we collect your name, email address, company name, and role. If you subscribe to a paid plan, we collect billing details through our payment processor (we do not store full credit card numbers).

Financial data. When you connect bank feeds, Stripe, payroll systems, or other accounting tools, we access transaction data, account balances, and related financial information necessary to deliver the Service. This data is processed by our AI agent to categorise transactions, reconcile records, and flag anomalies.

Usage data. We collect information about how you interact with the Service, including pages visited, features used, actions taken, browser type, device information, and IP address.

Communications. When you contact our support team or respond to surveys, we collect the content of those communications.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service, including AI-driven transaction categorisation, reconciliation, and anomaly detection.
  • Process payments and manage your subscription.
  • Send transactional emails (account confirmations, security alerts, billing receipts) and, with your consent, product updates.
  • Monitor and analyse usage patterns to improve performance, reliability, and user experience.
  • Detect, prevent, and respond to fraud, abuse, and security incidents.
  • Comply with legal obligations, including South African tax, financial reporting, and data protection requirements.

4. AI Processing & Automated Decision-Making

Our AI agent processes your financial data to automate bookkeeping tasks. This includes automated categorisation of transactions, reconciliation of bank feeds, and identification of anomalies. These automated processes are designed to assist you — not to make binding financial decisions on your behalf.

You have the right to review, modify, or reject any AI-generated output before it is applied to your financial records. If you have concerns about automated processing, you may contact us at privacy@accounter26.com.

5. How We Share Your Information

We do not sell your personal information. We share data only in the following circumstances:

  • Service providers. We work with trusted third-party providers for hosting (AWS, Cape Town region), payment processing (Stripe), email delivery, and analytics. These providers are contractually obligated to protect your data and use it only for the purposes we specify.
  • Financial integrations. When you connect third-party platforms (banks, Stripe, payroll providers), data flows between those platforms and our Service via secure APIs. We do not share your data with these providers beyond what is necessary for the integration to function.
  • Legal requirements. We may disclose information if required by law, regulation, legal process, or governmental request, including requests from South African authorities.
  • Business transfers. In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

6. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of data in transit (TLS 1.3) and at rest (AES-256).
  • Role-based access controls and audit logging for all internal access to customer data.
  • Regular security assessments, penetration testing, and vulnerability scanning.
  • Infrastructure hosted in AWS’s Cape Town region (af-south-1) to ensure data residency within South Africa where possible.

While we take reasonable steps to protect your information, no method of transmission or storage is completely secure. If you become aware of a security vulnerability, please report it to security@accounter26.com.

7. Data Retention

We retain your account information and financial data for as long as your account is active and for a period of 5 years thereafter, in accordance with South African financial record-keeping requirements under the Companies Act and the Tax Administration Act.

Usage data and analytics are retained in anonymised form for up to 24 months. You may request deletion of your personal data at any time, subject to our legal retention obligations.

8. Your Rights Under POPIA

Under the Protection of Personal Information Act, you have the right to:

  • Access the personal information we hold about you and request a copy.
  • Correct or update inaccurate or incomplete personal information.
  • Request deletion of your personal information, subject to legal retention requirements.
  • Object to the processing of your personal information on reasonable grounds.
  • Withdraw consent for optional processing activities (such as marketing communications) at any time.
  • Lodge a complaint with the Information Regulator of South Africa if you believe your rights have been infringed.

To exercise any of these rights, contact us at privacy@accounter26.com. We will respond within 30 days.

9. Cookies & Tracking

We use a minimal set of cookies to operate the Service:

  • Essential cookies for authentication, session management, and security. These cannot be disabled.
  • Analytics cookies to understand how the Service is used and improve performance. You can opt out of analytics cookies through your account settings.

We do not use advertising cookies or sell cookie data to third parties.

10. International Data Transfers

Our primary infrastructure is hosted in South Africa. In limited cases, data may be processed by service providers located outside of South Africa (for example, email delivery or error monitoring). Where this occurs, we ensure that appropriate safeguards are in place, including contractual clauses that provide a level of protection consistent with POPIA.

11. Children’s Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and notify you via email or an in-app notification. We encourage you to review this page periodically.

13. Contact Us

For any privacy-related questions or to exercise your data protection rights, contact our Information Officer:

Accounter26 (Pty) Ltd
Attn: Information Officer
The Woodstock Exchange
66 Albert Road, Woodstock
Cape Town, 7925
South Africa

Email: privacy@accounter26.com