> ## Documentation Index
> Fetch the complete documentation index at: https://docs.visita.co.za/llms.txt
> Use this file to discover all available pages before exploring further.

# Privacy & Data Policy

> How Visita handles your data

# Privacy & Data Policy

Your privacy matters. Here's how we handle your data.

## Our Commitment

<Info>
  **We don't track you. We don't sell your data. We don't play games with your attention.**
</Info>

Visita is built on the principle of **civic trust**, not engagement farming.

## What We Collect

### Account Information

| Data             | Purpose                  | Required |
| ---------------- | ------------------------ | -------- |
| Email            | Login, notifications     | Yes      |
| Name             | Profile display          | Yes      |
| Ward membership  | Connect you to your area | Yes      |
| Phone (optional) | Account recovery         | No       |

### Activity Data

| Data              | Purpose                  | Visibility          |
| ----------------- | ------------------------ | ------------------- |
| Reports you make  | Community improvement    | Ward members        |
| Votes you cast    | Democratic participation | Anonymous aggregate |
| Projects you join | Coordination             | Ward members        |
| Posts you write   | Discussion               | Ward members        |

### Technical Data

| Data         | Purpose                  | Retention           |
| ------------ | ------------------------ | ------------------- |
| IP address   | Security, location guess | Session only        |
| Browser type | Compatibility            | Anonymized          |
| Page views   | Performance              | 30 days, anonymized |

## What We DON'T Collect

* ❌ Cookies for advertising
* ❌ Cross-site tracking
* ❌ Browsing history outside Visita
* ❌ Biometric data
* ❌ Financial information (payments handled by Paystack)

## Analytics

We use **privacy-first analytics**:

* No cookies required
* Daily-rotating visitor IDs (not persistent)
* No personal profiles built
* No data sold to third parties

## Your Rights (POPIA Compliance)

As a South African platform, we comply with POPIA:

<CardGroup cols={2}>
  <Card title="Access" icon="eye">
    View all data we have about you
  </Card>

  <Card title="Correction" icon="pen">
    Fix incorrect information
  </Card>

  <Card title="Deletion" icon="trash">
    Delete your account and data
  </Card>

  <Card title="Portability" icon="download">
    Export your data as JSON
  </Card>
</CardGroup>

## Exercising Your Rights

### Download Your Data

1. Go to `visita.co.za/account/settings`
2. Click "Download My Data"
3. You'll receive a JSON file with all your information

### Delete Your Account

1. Go to `visita.co.za/account/settings`
2. Navigate to Privacy & Security
3. Click "Delete Account"
4. Confirm deletion

<Warning>
  Account deletion is **permanent** and cannot be undone. Your reports will be anonymized, not deleted, to preserve ward history.
</Warning>

## Data Security

* All data encrypted in transit (HTTPS)
* Database protected with Row Level Security
* Regular security audits
* No plain-text passwords stored

## Third Parties

| Service  | Purpose        | Data Shared           |
| -------- | -------------- | --------------------- |
| Supabase | Database, Auth | Account data          |
| Paystack | Payments       | Payment transactions  |
| Resend   | Email          | Email address         |
| Algolia  | Search         | Public directory data |

We don't share personal data with advertisers.

## Contact

Privacy questions? Email **[privacy@visita.co.za](mailto:privacy@visita.co.za)**

***

*Last updated: January 19, 2026*
