Privacy Policy

This Privacy Policy explains how ParlourOS processes personal information when parlours, employees, agents, suppliers, members, policyholders, dependants, beneficiaries, claimants, and visitors use the platform.

ParlourOS provides software used by funeral parlours and related service providers. In many cases, the parlour using ParlourOS is the responsible party that decides why personal information is processed. ParlourOS acts as an operator for that parlour when we process information on its instructions. For our own website, billing, support, security, and platform administration, ParlourOS may act as the responsible party.

Depending on how the platform is used, we may process names, identity numbers, contact details, addresses, policy numbers, policy and premium details, payment references, arrears information, claims information, funeral service details, uploaded documents, support messages, supplier details, agent records, user roles, authentication records, audit logs, device and usage information, and communication history.

Some records may include sensitive information, such as identity documents, death certificates, family relationships, financial information, or claim documents. We process this information only where it is needed for the service, lawful compliance, fraud prevention, support, or security.

We process personal information to provide and secure the ParlourOS platform, manage user accounts, support funeral policy administration, record payments, process claims, manage documents, send operational communications, support customer portals, prevent fraud, maintain audit trails, provide reports, handle support requests, and comply with legal or regulatory duties.

We do not sell personal information. We do not use member, claim, or document information for unrelated advertising.

We process personal information where POPIA allows it, including where processing is necessary to perform a contract, comply with a legal obligation, protect a legitimate interest, protect the rights or interests of a data subject, or where consent has been requested and given.

Where a parlour uses ParlourOS to process its own member or employee records, that parlour remains responsible for collecting information lawfully, giving the required notices, and responding to data subject requests unless otherwise agreed in writing.

We use trusted service providers to run the platform, including hosting, database, authentication, storage, email, SMS, payments, analytics, monitoring, and support providers. These providers may process information only for the services they provide to us or to the parlour using ParlourOS.

Some providers may process information outside South Africa. Where that happens, we take reasonable steps to use providers and safeguards appropriate for cross-border processing.

We use technical and organisational safeguards designed to protect personal information against loss, unlawful access, unauthorised disclosure, alteration, and destruction. These safeguards include account authentication, role-based access, tenant separation, row-level database controls, signed access for private documents, audit logs, server-side handling of privileged actions, and monitoring of platform errors and security events.

No system is risk-free. Users must keep their login details confidential, use strong passwords, restrict staff access to the minimum needed for their role, and tell us promptly if they suspect unauthorised access.

We keep personal information only for as long as it is needed for the purpose for which it was collected, for lawful business records, to comply with legal or regulatory duties, to resolve disputes, to prevent fraud, or to maintain audit trails.

Parlours can configure retention settings for certain operational records in the platform. Some records, such as payment, policy, claims, compliance, and audit records, may need to be kept for longer where law, contract, insurance, or legitimate business requirements apply.

Subject to POPIA and other applicable law, you may ask whether we or a parlour hold your personal information, request access to that information, request correction or deletion of inaccurate or excessive information, object to certain processing, withdraw consent where processing is based on consent, or lodge a complaint with the Information Regulator.

If your information is held by a funeral parlour using ParlourOS, please contact that parlour first because it usually controls the member, policy, claim, and payment records. We will support the parlour where needed to respond to lawful requests.

If we become aware of a security compromise involving personal information, we will take reasonable steps to contain and investigate it. Where POPIA requires notification, we will notify the affected responsible party, the Information Regulator, and/or affected data subjects as required by law and the circumstances of the incident.

Funeral policy records may include dependants or beneficiaries, including children, where a parlour or policyholder provides those details for policy administration. Parlours must ensure they have a lawful basis to provide and process this information.

We may update this Privacy Policy when our services, providers, legal obligations, or data practices change. The updated version will be published on this page with a new effective date.

For privacy questions about ParlourOS, contact us at support@parlouros.co.za. If your request relates to a policy, payment, claim, dependant, beneficiary, or document managed by a specific funeral parlour, please contact that parlour directly as the responsible party.

You may also contact South Africa's Information Regulator at inforegulator.org.za.