Privacy Policy

VeriNum is a South African business accounting and finance platform operated by VeriNum (Pty) Ltd (referred to as “we”, “us”, or “our”). The platform is accessible at verinum.tech and provides double-entry bookkeeping, bank reconciliation, invoice management, VAT reporting, payroll, and SARS tax filing for South African businesses.

For privacy-related queries, contact us at:
Email: privacy@verinum.tech

We collect the following categories of personal information:

• Account information: name, email address, and password (hashed) when you register.
• Business information: company name, registration number, tax reference number (TRN), VAT number, PAYE/SDL/UIF reference numbers, and contact details.
• Financial data: chart of accounts, journal entries, bank statements, invoices, payments, and reconciliation records.
• Payroll data: employee records, payslips, IRP5/IT3(a) certificates, EMP201 submissions, and related SARS source-code figures.
• Usage data: login timestamps, IP addresses, and browser/device type for security and audit purposes.

We do not collect payment card numbers or banking credentials.

We use your information to:

• Provide, operate, and maintain the VeriNum platform.
• Process accounting transactions and maintain your general ledger.
• Generate SARS-compliant VAT201, EMP201, EMP501, and IRP5 submissions.
• Authenticate your identity and maintain session security.
• Send transactional emails (account verification, invoice notifications, filing reminders).
• Maintain an audit trail of all data mutations for compliance purposes.
• Improve the platform through anonymised usage analytics.

We do not use your data for advertising or sell it to third parties.

We process your personal information under the following grounds as defined by the Protection of Personal Information Act, 4 of 2013 (POPIA):

• Contract performance: processing necessary to deliver the accounting service you signed up for.
• Legal obligation: retaining financial and tax records as required by SARS, the Companies Act, and the Income Tax Act.
• Legitimate interest: security logging and audit trails to protect your account and our platform.
• Consent: for optional communications such as product updates.

We do not sell, rent, or trade your personal information. We may share data with:

• SARS: tax return data submitted to the South African Revenue Service at your instruction.
• VeriNum MTD: if you connect your VeriNum account to VeriNum MTD (verinum.tech/mtd), payroll and financial data may be shared to pre-populate tax returns. This connection is opt-in and controlled by you.
• Infrastructure providers: our hosting provider (Hostinger) processes data solely to run the platform under data processing agreements.
• Authentication provider: Google OAuth is used for sign-in. Google receives only the information necessary to authenticate you (email address and name).

We retain financial and tax data for a minimum of 5 years from the end of the relevant financial year, in line with SARS requirements under the Tax Administration Act and the Companies Act. Account data is retained for the duration of your account and deleted within 30 days of a verified account deletion request, except where retention is required by law.

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, row-level security on all database tables ensuring complete data isolation between tenants, and full audit logging of every data mutation. Access to production data is restricted to authorised personnel only.

As a data subject under POPIA, you have the right to:

• Access the personal information we hold about you.
• Request correction of inaccurate information.
• Request deletion of your account and associated data (subject to legal retention requirements).
• Object to processing based on legitimate interest.
• Lodge a complaint with the Information Regulator of South Africa.

To exercise any of these rights, email privacy@verinum.tech. We will respond within 30 days.

We use a single session cookie to keep you logged in. This cookie is httpOnly, Secure, and SameSite=Lax. We do not use advertising cookies or third-party trackers.

We may update this policy from time to time. Material changes will be communicated via email or a notice on the platform. The “Last updated” date at the top of this page reflects the most recent revision.

VeriNum (Pty) Ltd
Cape Town, South Africa
Email: privacy@verinum.tech
Website: verinum.tech