Privacy Policy

This privacy policy (“Policy”) regulates the Processing of Personal Information by Spot Money and sets forth the requirements with which we undertake to comply when processing Personal Information pursuant to undertaking its operations and fulfilling our contractual obligations in respect of you and third parties in general. This Policy will apply to our website-, our Spot Money mobile app (collectively, our “Platforms”) and our associated products and services (“the Services”).

We are highly committed to protecting the Personal Information of all visitors (“Visitors”) to our Platforms as well as all persons who use any of the services we offer (“Users”) and therefore acknowledge the need to ensure that your Personal Information is handled with a reasonable standard of care as may be expected from us. Not only is this required by prevailing privacy law, such as the Protection of Personal Information Act, No 4 of 2013 (“POPIA”), but also, we  respect your privacy and want to ensure that we treat your Personal Information appropriately at all relevant times and process it lawfully.

This Policy describes the ways in which we collect, store, use, share and protect (“process” or “processing”) the Personal Information of our Visitors and Users. Throughout this Policy, we use the term “Personal Information” to describe information that can be associated with a specific person and can be used to identify that person. We do not consider Personal Information to include information that has been made anonymous so that it does not identify a specific person (also known as de-identified information).

Each User and Visitor needs to accept all the provisions in this Policy when using any of our Platforms and if signing up for any of our Services.

When you accept this Policy and the terms and conditions relating thereto and you engage with Spot Money, whether it be physically or via any digital, electronic interface such as our Platforms, you acknowledge that you trust Spot Money to process your Personal Information (including that of your dependents, beneficiaries, customers, members, or employees as the case may) as described in this Policy, for the period you are visiting our Platforms or for the period you are registered as a User of our services. 

Please note that you have the right to object to the processing of your Personal Information. It is therefore voluntary to accept the Terms and Conditions to which this Policy relates. However, we do require you to accept this Policy and the terms and conditions that relate thereto to enable the proper use of our Platforms and/or Services.

By accessing our Platforms and by using our Services, you confirm that that you are a competent person and that you have authority to give the requisite consent to enable us to process your Personal Information, or the Personal Information of a third party, as the case may be.  

By accepting this Policy, you consent to our collection, storage, processing and disclosure of your personal information as described in this Policy, for so long as you are a Visitor or registered User of our Platform or Services. 

If you have questions or complaints regarding our Policy or practices, or your Personal Information, please contact us or email us at

References in this Policy to “we”, “our” or “us” are references to Spot Money SA Proprietary Limited (“Spot Money”). Reference to “you” and “your” mean each natural person who uses our Platforms  or associated Services as a Visitor or User.


1.1. Types of Information we collect about Visitors and Users

As a Visitor or User, you agree that we may electronically collect, store and use your Personal Information as set out below and for the purposes as set out in clause 2.3 below:

1.1.1. Your internet usage information, including your Internet Protocol address (“IP Address”), browsing habits, click patterns, unique user ID, version of software installed, system type, screen resolutions, colour capabilities, plug-ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on our Platforms, and the dates and times that you visit our Platform/s, paths taken, and time spent on sites and pages within the Platform (“Usage Details”); and

1.1.2 Additional information you may provide on a voluntary basis, such as demographic information or information related to your favourite social networking site (e.g. the site name, address and description), or information relating to your participation in competitions, promotions, surveys, and/or additional services (“Optional Details”).

1.2. How we collect such information

1.2.1. Voluntarily provided by you: Optional Details may be submitted by you to us if you decide to upload or download certain content (or products) from any one of our Platforms, take advantage of promotions, respond to surveys, register and subscribe for certain additional services, or otherwise use the optional features and functionality of the Platforms.

1.2.2. Automatically gathered by us via various technologies:

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • “Cookies”: means small text files that store Non-personally Identifiable Information about you, either temporarily in connection with your Internet Protocol (IP) address (known as a temporary or session cookie, and deleted once you close your browser window) or more permanently on the hard drive of your device (known as a permanent or persistent cookie). Our Platforms may from time to time use session cookies so that you do not have to fill in the same information from page to page within our Platforms. If you elect not to receive cookies, you may be able to view some, but not all, of the content on our Platforms. Please review your web browser’s “Help” file to learn more about modifying your cookie preferences.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Other tracking technology: When you access our Platforms or open one of our HTML e-mails or message links, certain Usage Details may be automatically collected and recorded by us from your system by using different types of tracking technology in order to make decisions about you or your application. In this instance it is specifically recorded that you may object to or query the outcomes of such a decision.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Web Beacons: means small graphic images called web beacons, also known as “Internet tags” or “clear gifs,”, which Web Beacons may be deployed in our Platforms, e-mail messages and HTML-formatted newsletters. Web Beacons may be invisible to you, but any electronic image inserted into a web page or e-mail can act as a Web Beacon. We may use web beacons or similar technologies for a number of purposes, including, without limitation, to count the number of visitors to our Platforms, to monitor how you navigate our Platforms, to count how many e-mails that we have sent were actually opened or to count how many particular articles or links were actually viewed by you in certain circumstances. Our Web Beacons do not collect, gather, monitor or share any personally identifiable information about you, Web Beacons are  just the technique we use to compile anonymous information about the Platforms and service usage.

1.3. The purpose for which we collect this information

1.3.1. We may use any Optional Details provided by you for such purposes as indicated to you at the time you agree to provide such Optional Details. We do not verify the accuracy of the information you provide to us, and it remains your responsibility to ensure correctness of the information supplied. For this purpose, we shall provide you with the opportunity to update your information at appropriate times.

1.3.2. We may use your Usage Details to:

        • Provide or manage any information, or Services requested by or delivered to you in general;
        • provide you with the latest version of the solution;
        • Establish your needs, wants and preferences in relation to the or Services provided by us or any other one of the Companies we are affiliated to;
        • Monitor aggregate Platform usage metrics such as total number of visitors and pages accessed;
        • Track your entries, submissions, and status in any promotions or other activities in connection with your usage of the Platforms
        • Assist us in identifying you when you engage with us;
        • Allocate Unique Identifiers to you for the purpose of securely storing, retaining and recalling your Personal Information from time to time.

NOTE:  Some of our business partners (e.g., advertisers or platform providers) may use their own set of cookies and/or widgets on our Platforms, and we have no access to or control over such cookies or widgets. (Widgets are interactive mini-programs that run on our Platforms to provide specific services from another company (e.g. displaying the news, opinions, music, etc) and these widgets may collect certain of your personal information (e.g. your email address).  Cookies may also be set by the widget to enable it to function properly.)  Information collected by any such cookie or widget is governed by the privacy policy of the company that created it, and not by us.  This Policy covers the use of cookies by us only and do not cover the use of cookies or widgets by any third party advertisers or partners on the Platforms.


2.1. Types and sources of personal information we collect

We may process the following Personal Information about our Users:

      • General Identifying Information:

Information that you give us when you interact with us in any way which may include your name, contact information, date of birth, identification number, financial information, or financial history.

      • Financial information and account details:

Payment card number; bank account number and account details; credit history and credit score; assets; income; and other financial information.

      • Telephone recordings

Recordings of telephone calls to our representatives and call centers.

      • Marketing preferences and customer feedback

You may let us know your marketing preferences, enter a contest or prize draw or other sales promotion, or respond to a voluntary customer satisfaction survey.

      • Credit Bureau Information and Credit Score

Your credit score received from a credit bureau on your request.

      • Information to investigate crime, including fraud and money laundering

Organisations may share information about their previous dealings with customers for this purpose as required by law

      • Partner Information

Information that we receive about you that is either publicly available or available through service providers that we may interact or partner with or that you may have provided your consent in respect of to share or that you may have provided to us previously when interacting with us for one of our other service offerings.

      • Product Enquiries

Information that you provide to us in respect of products or services that you may be interested in.

      • Affiliate and group company information

Information we receive about you from any of the companies within the group of companies that we belong to in accordance with their privacy policy.

2.2. How we collect information about Users

2.2.1. Your Personal Information is provided by you physically or electronically to us during your registration as a User to our Platforms and/or thereafter by your actively updating or supplementing such details when using our Services.

2.2.2. We may not always expressly request you to verify and update your Personal Information and expect that you will notify us from time to time in writing:

        • of any updates or amendments required in respect of your Personal Information;
        • where you require us to delete your Personal Information; or
        • where you wish to restrict the Processing of your Personal Information.

2.2.3. It may be that from time to time we collect your Personal Information from other sources and in such instances we will inform you by virtue of any privacy notices we deploy from time to time. In the event that you have shared your Personal Information with any third parties, we will not be responsible for any loss suffered by you, your dependents, beneficiaries, customers, representatives, agents or employees (as the case may be).

2.2.4.When you provide us with the Personal Information of any other third party, we will process the Personal Information of such third party in line with this Policy, as well as any terms and conditions or privacy notices to which this Policy relates.

2.2.5.We will primarily process Personal Information in order to facilitate and enhance the delivery of Services to our customers, manage and administer our business, foster a legally compliant workplace environment, as well as safeguard the Personal Information relating to you.

2.2.6.When collecting Personal Information from you, we shall comply with the notification requirements as set out in Section 18 of POPIA, and to the extent applicable, Articles 13 and 14 of the GDPR.

2.2.7.We undertake to process any Personal Information in a manner which promotes your Constitutional Right to Privacy and retain accountability. 

2.3. How we may use your Personal Information and the purpose for its collection

We may use your Personal Information to:

      • Obtain your credit score on your behalf from a credit bureau.
      • Provide you with bespoke and tailor-made financial services and products.
      • Work with our service providers to inform you about financial products and services that may be of interest to you
      • Notify you about changes to our Services.
      • Improve the Service we offer you.
      • Administer your account.
      • Verify your identity.
      • Communicate with you and others as part of our business.
      • Send you important information regarding changes to our policies or products, other terms and conditions, our site and other administrative information.
      • Provide improved quality, training, and security (for example, with respect to recorded or monitored phone calls to our contact numbers).
      • Prevent, detect, and investigate crime, including fraud and money laundering, and analyse and manage other commercial risks.
      • Carry out market research and analysis, including satisfaction surveys.
      • Check your credit history.
      • Check your details on applications for credit or credit-related facilities.
      • Provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with the preferences you have expressed.
      • Personalize your experience on our website by presenting information and advertisements tailored to you.
      • Identify you to anyone to whom you send messages through our Platforms.
      • Allow you to participate in contests, prize draws, and similar promotions, and to administer these activities. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your personal information, so we suggest that you read these carefully.
      • Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.
      • Resolve complaints, and handle requests for data access or correction.
      • Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process, and respond to requests from public and governmental authorities (including those outside your country of residence).
      • Establish and defend legal rights; protect our operations or those of any of our group companies or business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others; and pursue available remedies or limit our damages.

We will not process any of your Personal Information for any purpose other than for the purposes set forth in this Policy or in any other privacy notices which may be provided to you from time to time, unless we are permitted or required to do so in terms of applicable laws.


 3.1. By accessing our Platforms and by using our services, you confirm that that you are a competent person (i.e. above the age of 18 years of age or have contractual capacity in terms of applicable laws) and that you have authority to give the requisite consent to enable us to process your Personal Information, or the Personal Information of a third party, as the case may be.

3.2. However, should you share Personal Information with us which Personal Information relates to that of a minor (being an individual under the age of 18 years), you confirm that you have the necessary authority to share such information by virtue of being such minor’s biological parent or legal guardian.

3.3. We are committed to safeguarding the privacy of minors and we do not knowingly process Personal Information of minors unless:

3.3.1. it is processed with verifiable prior consent of a parent or guardian; is necessary for the establishment, exercise or defence of a right or obligation in law; is necessary to comply with an obligation of international public law;

3.3.4. for historical, statistical or research purposes to the extent that:

        • the purpose serves a public interest and the processing is necessary for the purpose concerned; or
        • it appears to be impossible or would involve a disproportionate effort to ask for consent,
        • and sufficient guarantees are provided for to ensure that the processing does not adversely affect the individual privacy of the child to a disproportionate extent; or
        • personal information has deliberately been made public by the minor with the consent of the parent or guardian.



We may share your Personal Information with:

4.1. Our company

We are responsible for the management and security of your Personal Information. Access to your Personal Information is restricted to those individuals (including our staff, contractors, consultants, and/or professional advisors) who have a need to access the information for our business purposes. We may also share Personal Information with purchasers and prospective purchasers or other parties in any actual or proposed organization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or shares.

4.2. Subsidiaries and Affiliates (Other companies within our group of companies – the Ignition Group of companies)

    • The Ignition Group comprises of various subsidiary and affiliate companies, of which Spot Money forms part of (both directly and indirectly controlled by the Ignition Group) and conducts strategic business activities with these various group companies that support the Ignition Group’s service offering and enable the delivery of their products and services across various platforms. These subsidiaries and affiliates do transfer personal information amongst one another as part of operating the Ignition Group’s business and to assist the Ignition Group to comply with their obligations towards data subject(s) and third parties.
    • We may share your Personal Information with subsidiaries and affiliates of the Ignition Group in order to facilitate and enhance the delivery of Services to its customers, manage and administer its business, foster a legally compliant workplace environment, as well as safeguard the Personal Information relating to any Data Subjects which it in fact holds. Members of our corporate family will only use this information to send you marketing communications if you have requested their services.

Please visit to view the Ignition Group’s privacy policy.

4.3. Service providers and partners

4.3.1 In the course of marketing and providing our services, we may make Personal Information available to third parties such as related financial services providers, intermediaries and agents; appointed representatives; affinity marketing partners; reward partners, financial institutions and credit reporting agencies. Our contracts dictate that these service providers and/or agents only use your information in connection with the services they perform for us and not for their own benefit.

4.3.2 Service providers and/or financial institutions that we partner with to jointly create and offer products and services. These organisations may only use this information to market Spot related products or offers, unless you have given consent for other uses.

4.4. Law enforcement, government officials, fraud detection agencies

To comply with legal obligations including statutory and regulatory requirements we may share your information with Law enforcement, government officials, fraud detection agencies or other third parties when –

4.4.1  we are compelled to do so by a subpoena, court order or similar legal procedure;

4.4.2 we need to do so to comply with any law; and/or

4.4.3 we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our User Agreement;

4.5 Other Third Parties

4.5.1 Notwithstanding the above we will not disclose your Personal Information with third parties unless:

        • your Personal Information has been de-identified, including through aggregation or anonymization;
        • you instruct us to do so;
        • you consent thereto, for example, when you agree to our disclosing your information with other third parties for their own marketing purposes subject to their separate privacy policies;
        • It’s with third party vendors, consultants and other service providers who work for us and need access to your information to do that work. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis, fraud prevention, network and information security, technical support and customer service;
        • It’s with third party business partners, such as distributors, and/or referral partners, who are involved in providing services to our prospects and/or customers, to fulfil product and information requests and to provide customers and prospective customers with information about Ignition Group and its products and services. From time to time, we may engage in joint sales or product promotions with select business partners. If you purchase or specifically express an interest in a jointly-offered product, promotion or service, we may share relevant personal information with those partner(s). Where you have given your consent to do so, these business partners may send you marketing communications about their own products and services.Please be aware that we do not control our business partners’ use of such information. Our partners are responsible for managing their own use of the personal information collected in these circumstances. We recommend you review the privacy notices of the relevant partner to find out more about their handling of your personal information;

4.5.2     We will not sell or rent any of your Personal Information to third parties for their marketing purposes and we only share your Personal Information with third parties as described in this Policy. 

4.5.3     We will enter into written agreements with such Third-Party service providers to ensure that they comply with Applicable Laws pursuant to the processing of Personal Information provided to it by us from time to time.

4.5.4     Personal Information may also be shared by you, on message boards, chat, profile pages and blogs, and other services on the Platform to which you are able to post information and materials. Please note that any information you post or disclose through these services will become public information and may be available to visitors to the Platform and to the general public. We urge you to be very careful when deciding to disclose your Personal Information, or any other information, on our Platforms.


5.1 If you are a visitor or user based in the European Economic Area (“EEA”), or the United Kingdom, we are the data controller of your personal information unless the data is collected in circumstances where one of our affiliates is running a local event, training session or survey, for example, and they collect and control that information. In such circumstances, we will endeavour to make this clear to you in a context specific notification at the point we collect your Personal Information.

5.2 Our legal basis for collecting and using the personal information described above will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect Personal Information only where we have your consent to do so, where we need the Personal Information to perform a contract with you or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you. If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time. For more information on our legal basis for processing data, please contact us using the details provided below.


6.1 We store and process the Personal Information of our Users and Visitors on cloud-based servers (AWS) that are protected by firewalls and data encryption. The Platforms do not store data on the mobile device or computer and communicates with the cloud servers through Secure Socket Layers (SSL’s). We authorize access to Personal Information only for those employees who require it to fulfil their job responsibilities.

6.2 Your Personal Information will only be retained by us for as long as necessary to fulfil the legitimate purposes for which that Personal Information was collected in the first place and/or as permitted or required in terms of Applicable Law.

6.3 We may store the data we collect from you outside of South Africa, or transfer it to organisations outside South Africa. When we do this, we make sure that your data is protected in accordance with our legal obligations to do so.

6.4 It is specifically recorded that you have the right to object to the Processing of your Personal Information and we shall retain and store your Personal Information for the purposes of dealing with such an objection or enquiry as soon and as swiftly as possible.You should not divulge your account password to anyone. We will never ask you for your password or PIN in an unsolicited telephone call or e-mail. YOU ARE RESPONSIBLE FOR MAINTAINING THE SECRECY OF YOUR UNIQUE PASSWORD, ACCOUNT INFORMATION AND LINKED CARD OR ACCOUNT INFORMATION AT ALL TIMES.

6.5 We will take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any personal information you might have with us has been compromised), please immediately notify us.

6.6 If we provide personal information to another service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the personal information.


7.1 We will provide you with regular opportunities to tell us your marketing preferences, including in our communications to you.

7.2 We acknowledge that we may only use your Personal Information to contact you for purposes of direct marketing where we have complied with the provisions of POPIA and GDPR (where applicable) and when it is generally permissible to do so in terms of applicable laws. If you no longer want to receive marketing-related e-mails from us, you may opt out of receiving these marketing-related communications by sending your opt-out request to

7.3 We aim to comply with your opt-out request(s) within a reasonable time period. Please note that if you opt out as described above, we will not be able to remove your personal information from the databases of third parties with whom we have already shared your personal information (i.e., to those to whom we have already provided your personal information as of the date on which we respond to your opt-out request). Please also note that if you do opt out of receiving marketing communications from us, we may still send you other important administrative communications from which you cannot opt out.


This Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any website to which our Platform/s contain a link. The inclusion of a link on our Platform/s does not imply endorsement of the linked website by us or by our group companies.


9.1. We will always implement appropriate, reasonable, physical, organisational, contractual and technological security measures to secure the integrity and confidentiality of Personal Information including measures to protect against the loss or theft, unauthorised access, disclosure, copying, use or modification of Personal Information in compliance with Applicable Laws.

9.2. In further compliance with Applicable Laws, we will take steps to notify the relevant Regulator(s) and/or any affected Visitors or Users in the event of a security breach and will provide such notification as soon as reasonably possible after becoming aware of any such breach.

9.3 Notwithstanding any other provisions of this Policy, it should be acknowledged that the transmission of Personal Information whether it be physically in person, via the internet or any other digital data transferring technology, is not completely secure.

9.4. Whilst we have taken all appropriate, reasonable measures to secure the integrity and confidentiality of the Personal Information it Processes, in order to guard against the loss of, damage to or unauthorized destruction of Personal Information and unlawful access to or processing of Personal Information, we in no way guarantee that our security system(s) are 100% secure or error-free. Therefore, we do not guarantee the security or accuracy of the information (whether it be Personal Information or not) which it collects from you or any other user.

9.5. Any transmission of Personal Information will be solely at the own risk of the Visitor or user Once we have received the Personal Information, it will deploy and use strict procedures and security features to try to prevent unauthorised access to it. As indicated above, we reiterate that we restrict access to Personal Information to Third Parties who have a legitimate operational reason for having access to such Personal Information. We also maintain electronic and procedural safeguards that comply with the Applicable Laws to protect your Personal Information from any unauthorized access.

9.6. We shall not be held responsible and by accepting any terms and conditions to which this Policy relates, any Data Subject agrees to indemnify and hold us harmless for any security breaches which may potentially expose the Personal Information in our possession to unauthorized access and or the unlawful processing of such Personal Information by any Third-Party.


10.1. We want to make sure that any information we hold about you is up to date. So, if you think your Personal Information is inaccurate, you can ask us to correct or remove it.

10.2. You have a right to object on reasonable grounds to the processing of your Personal Information where the processing is carried out in order to protect our legitimate interests or your legitimate interests, unless the law provides for such processing.

10.3. If you are of the view or belief that we have processed their Personal Information in a manner or for a purpose which is contrary to the provisions of this Policy, you are requested to first attempt to resolve the matter directly with us, failing which, you shall have the right to lodge a complaint with the Information Regulator, under the provisions of POPIA.

10.4. The current contact particulars of the Information Regulator are:

The Information Regulator (South Africa)


JD House 27 Stiemens Street Braamfontein Johannesburg, 2001

PO Box 31533

Braamfontein, Johannesburg, 2107


We will review this Privacy Policy regularly and reserve the right to make changes at any time to take account of changes in our business and legal requirements. We will place updates on our Platforms. However, for Users, we will provide you with prior notice of any such revision by providing you advance notice of the change, provided that if a User is not happy with the revisions made, he/she/it shall be entitled to terminate the Services subscribed for.


Please contact us at  if you wish to confirm whether we hold information about you and the details thereof if we do (provided you provide us with proof of identity in a form acceptable to us) and in accordance with the provisions of our PAIA Manual [published in terms of section 51 of the Promotion of Access to Information Act, 2000 (“PAIA”), We will do this within a reasonable time; at a prescribed fee; in a reasonable manner and format; and in a form that is generally understandable. Kindly see our PAIA manual for more information in this regard.



If you are a User, you can deactivate your account at any time in accordance with the provisions of your contract with us. If you wish to withdraw your consent to retain this information, your access to our services shall also be terminated or suspended. We shall remove your personal information from our database within a reasonable period but no longer than 7 (seven) business days subject to any retention periods.

Please note:  Certain information, including transaction data, may be retained for legal purposes and will only be held for so long as required by applicable law.


Reasonable steps will be taken to ensure that the personal information we process is reliable for its intended use, and as accurate and complete as is necessary to carry out the purposes described in this Policy. Personal information will be retained for the period necessary to fulfil the purposes outlined in this Policy or unless a longer retention period is required or permitted by law.