Leam HQLeam HQ

Privacy Policy

Version 2026-06-03 · Effective 2026-06-03 · Operated by Digital Culture Innovations (Pty) Ltd.

Leam HQ is POPIA-ready for controlled beta use.
Designed with POPIA principles in mind. Operational privacy workflows are in place — PDF-only data exports, data subject access / correction / deletion / objection handling, account and workspace deletion workflows, audit-logged actions, and strict separation between user workspaces and Leam HQ internal operations.
This document describes how Leam HQ, a product of Digital Culture Innovations (Pty) Ltd (Registration 2026/173422/07, Kimberley, South Africa), handles your data under the Protection of Personal Information Act, 2013. Questions: legal@leamhq.co.za.

This Privacy Policy explains how Digital Culture Innovations (Pty) Ltd ("we", "us", "Leam HQ") collects, uses, stores and protects personal information when you use the Leam HQ application and website.

1. Who we are

Digital Culture Innovations (Pty) Ltd, Registration 2026/173422/07, Kimberley, South Africa. Our Information Officer is registered with the South African Information Regulator. Privacy enquiries: legal@leamhq.co.za.

2. Our role under POPIA

Leam HQ has a dual role:

3. What we collect

From you as an account holder

About your customers (processed on your behalf)

From integrations you choose to connect

4. How we use it

5. Where data is stored — cross-border transfers

Leam HQ is operated from South Africa. Some of our infrastructure providers store or process data outside South Africa. Our Supabase database and storage infrastructure for this project is hosted in the EU / Ireland region. Our application hosting on Render is located in Frankfurt, Germany. This means personal information, workspace data, request metadata and application traffic may be transferred to or processed outside South Africa.

We use reputable infrastructure providers and apply reasonable technical and organisational safeguards to protect personal information. The full list of providers and their regions is published at Sub-processors. By using Leam HQ you consent to these cross-border transfers as required for the service to function.

6. Security

We maintain reasonable technical and organisational safeguards: workspace isolation, audit logging, rate limiting, SSRF-blocked outbound webhooks, PayFast-verified payment notifications, OAuth state HMAC, and process-level safety nets. Data is encrypted in transit by HTTPS and at rest by our infrastructure providers. No platform is perfectly secure; we work continuously to harden Leam HQ.

7. Your rights under POPIA

You may at any time:

Inside the app, use the Privacy & Data section of Settings, or email legal@leamhq.co.za. We respond within 30 days.

8. Retention

We retain account and workspace records for the duration of your subscription plus a reasonable period required for accounting, tax, audit and legal-defence purposes. Audit logs are retained for at least 12 months. Cancelled or deleted workspaces enter a 30-day grace window during which deletion may be revoked, after which data is permanently removed (some sub-processor backup cycles may extend this by up to a further 30 days).

9. Children

Leam HQ is not intended for use by children under 18. We do not knowingly process the personal information of children.

10. Changes to this Policy

We will publish a new version with a new effective date when we materially change this Policy. The version in force when you accepted at signup is preserved against your account.

11. Contact

Digital Culture Innovations (Pty) Ltd
Registration 2026/173422/07
Kimberley, South Africa
Privacy & legal: legal@leamhq.co.za
General support: support@leamhq.co.za

Leam HQ is operated by Digital Culture Innovations (Pty) Ltd and is POPIA-ready for controlled beta use.