Privacy Policy

Last updated: May 19, 2026

This Privacy Policy explains how ORDERUP (PTY) LTD ("OrderUp!", "we", "us", or "our") collects, uses, stores, shares, and protects personal information when you use OrderUp!, our customer mobile application, our merchant and manager services where applicable, our websites, and any related services that link to this policy (together, the "Services").

OrderUp! lets customers order coffee and related items from participating shops, use wallet credit and rewards, send and receive vouchers and gift cards, create or join coffee groups and group orders, add friends or recipients, receive order notifications, and use optional location, contacts, camera, photo, and arrival reminder features.

If you do not agree with this policy, please do not use the Services. You can contact us at team@order-up.co.za.

Summary

• We collect account, order, payment, wallet, reward, voucher, gift card, social, support, device, and permission-related information needed to run OrderUp!.
• Customer app analytics are opt-in only. If you have not opted in, or if you turn analytics off, we do not collect customer analytics from the app, do not send customer analytics events to our backend, and do not build customer analytics profiles for you.
• We collect precise location only when you grant permission. We use it for nearby shops, maps, distance, ETA, order timing, and optional arrival reminders.
• We access contacts only when you grant permission or choose that feature. We do not automatically upload your whole address book, but we may store the contacts or recipients you choose to save, invite, order for, or send gifts to.
• We use Firebase, Google Cloud, Google Maps Platform, payment processors, notification services, opt-in analytics tools, and other service providers to operate the Services.
• Participating shops and their authorised managers receive the order information they need to prepare, manage, settle, and support orders.
• We do not sell personal information and we do not run third-party advertising or offer-wall advertising in the current OrderUp! app.
• You can request access, correction, deletion, consent withdrawal, analytics opt-out, marketing opt-out, and other rights described below.

Who We Are

The responsible party for the processing described in this policy is:

ORDERUP (PTY) LTD
25 Northfield ave
Johannesburg, Gauteng 2192
South Africa

Privacy contact and Information Officer contact: team@order-up.co.za

Information We Collect

Account and Authentication Information

We may collect and process:

• name, display name, pickup name, initials, username, email address, phone number, and verified phone status;
• Firebase Authentication user ID, authentication provider, anonymous or secured account status, login metadata, account security state, active session identifiers, device labels, and sign-out state;
• password credentials or sign-in credentials handled by Firebase Authentication or another authentication provider. We do not store your plaintext password in Firestore;
• profile picture URL and related profile settings; and
• account deletion status, support status, and other account administration records.

Order, Shop, and Checkout Information

To place, manage, fulfil, cancel, refund, and support orders, we may collect:

• selected shop, shop location, menu items, item options, cart contents, quantities, prices, discounts, tips, fees, taxes where applicable, order totals, and currency;
• pickup name, pickup method, travel mode, ETA, distance bands or distance metres, order status, payment status, refund status, cancellation status, timestamps, and order identifiers;
• customer messages, merchant messages, order feedback, support notes, and issue categories you submit;
• friend-collected or recipient order details such as recipient name, phone number, relationship label, friend ID, app UID where available, and recipient profile picture URL; and
• order history, favourites, usual orders, product interactions, and saved preferences used to make repeat ordering easier.

Payment, Wallet, Rewards, Vouchers, and Gift Cards

We process payment and value records needed to operate OrderUp! financial features, including:

• payment method selection, payment status, payment references, PayGate transaction references, PayGate request IDs, wallet top-up records, refund records, chargeback or dispute records, settlement records, ledger entries, and reconciliation records;
• OrderUp Wallet balances, wallet credits and debits, Bean Bucks balances, reward grants, reward redemptions, promotional credits, and reward expiry or drain records;
• voucher and gift card sender, recipient, amount, item, claim, acceptance, rejection, redemption, payment, and notification records;
• Apple Pay and Samsung Pay payment tokens or credentials when you choose those payment methods. These are sent to our payment processor for processing and are not used for unrelated purposes; and
• limited customer details required by payment processors, such as name, email address, phone number, amount, currency, merchant order ID, and payment reference.

Card and hosted checkout payments are processed by PayGate and related payment-provider services, including PayFast where that payment-provider group is used for OrderUp! payment operations. Apple Pay and Samsung Pay may be used to create payment tokens that are processed through PayGate/PayHost. Apple, Samsung, PayGate, PayFast, and your bank or card network may process your payment information under their own terms and privacy policies. We do not store your full card number or card security code in our app database.

Location, Maps, and Arrival Reminder Information

If you grant location permission, we may process precise or approximate device location to:

• show nearby shops and maps;
• estimate distance, travel mode, and pickup ETA;
• improve order timing and shop notifications;
• classify coarse at-shop or near-shop presence while the app is active; and
• power optional arrival reminders and "open menu" reminders near participating shops.

We may store derived order fields such as distance, ETA, travel mode, shop presence state, and permission consent. We do not use analytics events to store raw GPS trails. Some precise location processing happens transiently on your device or through Google Maps Platform to service your request.

On iOS, optional arrival reminders may use Bluetooth beacon ranging and location region monitoring, including "Always" location permission if you enable that feature. On Android, optional arrival reminders may use Nearby Devices/Bluetooth scanning permissions, and on older Android versions location permission may be required for Bluetooth scanning. Arrival reminders use cooldowns and daily caps stored on your device so the feature does not notify you too often.

Contacts, Friends, Groups, and Social Features

If you grant contacts permission, the app may read contact names and phone numbers on your device to help you choose a friend or recipient faster. We do not automatically upload your entire address book to our servers. When you choose, save, invite, order for, or send a voucher or gift card to someone, we may store the selected person's name, phone number, relationship label, app UID if they have one, friendship status, request status, and related order or gifting history.

Coffee groups and group orders may include group name, group photo, host UID, participant UIDs, participant names, profile images, payment mode, order selections, readiness/payment state, invite links or codes, group membership, and group activity. Group members and order participants may see information needed to participate in the group or group order.

Photos, Camera, and User Content

If you grant camera or photo library permission, you may upload profile photos or group photos. These images are stored in Firebase Storage and may be visible to relevant OrderUp! users, shops, group members, friends, recipients, or other people who can access the relevant feature. At present, profile pictures and group icons are stored with public-read storage rules, which means a person with the file URL may be able to view the image.

We may also process feedback, support messages, free-text notes, and other user content you submit. Please avoid submitting unnecessary sensitive information in free-text fields.

Device, App, Notification, and Security Information

We may collect or generate:

• device model, operating system, app version, app build, platform, browser or WebView information, IP address, language, country or region inferred from technical data, network data, and carrier or internet provider information;
• Firebase installation identifiers, app instance identifiers, App Check signals, API logs, and security metadata, and pseudonymous analytics identifiers or hashed analytics user IDs only when analytics are enabled;
• Firebase Cloud Messaging tokens, notification preferences, notification delivery state, notification history, and local notification state;
• crash, diagnostic, performance, abuse-prevention, fraud-prevention, rate-limit, and audit logs; and
• deep link, referral, invite, voucher, gift-card, group-order, and acquisition attribution metadata. If Branch deferred links are enabled for a release, Branch may process link attribution data to help open the right invite or claim flow.

Analytics and Product Improvement Information

OrderUp! uses customer app analytics only if you opt in. If you have not opted in, or if you turn analytics off in Settings, we do not collect customer analytics from the app, do not send customer analytics events to our backend, do not write customer analytics events to BigQuery, and do not create or update a customer analytics profile for you. If analytics were previously enabled and you turn them off, we stop customer analytics collection and delete or mark for deletion the customer analytics profile and backend analytics rows associated with your user ID where feasible.

When analytics are enabled, OrderUp! uses analytics to understand whether the app works, where users get stuck, which features are useful, and how to improve the Services. Depending on the event type, we may process:

• screen views, tab selections, app lifecycle events, menu sessions, cart and checkout events, payment abandonment, wallet top-up activity, reward use, voucher and gift card activity, map interactions, social feature use, group activity, notification entry points, first-touch acquisition source, and onboarding discovery answers;
• coarse location-derived analytics such as distance bands, ETA buckets, and foreground at-shop presence sessions;
• pseudonymous or hashed user identifiers, session identifiers, event identifiers, app version, platform, and event parameters;
• derived customer analytics profiles based on orders and allowed behavioral events, such as compact counters, totals, segments, retention metrics, favourite or usual-order patterns, and product usage metrics; and
• analytics records stored in Firebase Analytics, Google Analytics, BigQuery, Firestore, and related reporting tools.

The app is designed to avoid sending emails, phone numbers, raw names, raw search terms, raw GPS coordinates, card tokens, invite codes, claim codes, and unbounded free text in analytics events. We use client-side and server-side checks to reduce the risk of sensitive values entering analytics events.

Analytics are off by default until you choose to share app usage insights. When analytics are off, we may still process operational, security, support, financial, legal, payment, settlement, audit, and order records that are necessary to run the Services, keep ledgers accurate, prevent fraud, fulfil orders, settle merchants, comply with law, and support users and shops. Those operational records are not used to create customer analytics events or customer analytics profiles while analytics are off.

How We Collect Information

We collect information in several ways:

• From you: when you create an account, place an order, add a friend, join a group, upload a photo, send a gift card, contact support, update settings, or submit feedback.
• From your device: when you grant permissions for location, contacts, Bluetooth/Nearby Devices, camera, photos, or notifications, when the app sends technical or diagnostic information, and when it sends analytics information only after you opt in.
• Automatically: through Firebase, Google Cloud, app logs, security systems, payment callbacks, hosted payment pages, deep links, server-side order processing, and analytics tools only after you opt in.
• From other users: when someone sends you a voucher, gift card, friend request, invite, group order, or order for pickup.
• From participating shops and managers: when they update order status, send customer messages, prepare orders, manage refunds, or participate in settlement and support workflows.
• From service providers: such as payment processors, authentication providers, opt-in analytics providers, notification providers, cloud providers, and map providers.

Why We Use Information

We use personal information for the following purposes:

• to create, secure, authenticate, and manage accounts;
• to process orders, payments, wallet top-ups, rewards, vouchers, gift cards, refunds, settlements, merchant payouts, and support requests;
• to show shops, menus, maps, location-based results, order timing, ETA, and arrival reminder features;
• to enable social features, friends, recipients, group orders, coffee groups, invites, and gifting;
• to send transactional push notifications, local notifications, service messages, merchant updates, and support messages;
• to personalise the app, remember preferences, show favourites and usual orders, recommend relevant items or features, and improve onboarding;
• to provide first-party promotions, rewards, recovery credits, or app campaigns, subject to your settings and applicable law;
• to measure product performance, build analytics, and plan new features only when analytics are enabled, and to debug issues and improve reliability using necessary operational records;
• to protect users, shops, and OrderUp! from fraud, abuse, unauthorised access, payment manipulation, chargebacks, security incidents, and policy violations;
• to comply with legal, accounting, tax, payment, settlement, regulatory, audit, and dispute obligations; and
• to enforce our terms, respond to legal requests, and protect rights, safety, and property.

Legal Bases Where Applicable

Depending on the law that applies to you, we may rely on one or more legal bases, including:

• contract: to provide the Services you request, such as account features, ordering, payment, wallet, rewards, vouchers, gifts, and support;
• consent: for optional permissions such as location, contacts, camera, photos, notifications, Bluetooth/Nearby Devices where required, marketing communications, and customer app analytics;
• legitimate interests: to secure the Services, prevent fraud, support users and merchants, improve reliability, and maintain service quality, where those interests are not overridden by your rights;
• legal obligation: to keep records, respond to lawful requests, meet tax, accounting, payment, consumer protection, company, or regulatory obligations; and
• public or vital interests: only where applicable in unusual circumstances, such as safety or legal compliance.

When We Share Information

We may share information with the following categories of recipients:

• Participating shops and authorised managers: order details, pickup names, order contents, timing, customer messages, arrival state, cancellation/refund status, and settlement information needed to prepare, manage, support, and reconcile orders.
• Other users: profile, friend, group, invite, voucher, gift card, and order-participation information needed for the social feature you use.
• Cloud and backend providers: Firebase, Google Cloud, Firestore, Cloud Functions, Cloud Storage, BigQuery, Firebase Authentication, Firebase App Check, Firebase Cloud Messaging, and related Google services.
• Maps and location providers: Google Maps Platform, Google Places, and related APIs when you use map, shop discovery, location, distance, or ETA features.
• Payment providers: PayGate, PayFast where applicable, Apple Pay, Samsung Pay, card networks, banks, and payment partners involved in processing payments, token payments, top-ups, refunds, disputes, chargebacks, settlement, and reconciliation.
• Analytics and reporting providers: Firebase Analytics, Google Analytics, BigQuery, and related reporting tools only when analytics are enabled, subject to your choices and the limitations described in this policy.
• Link and attribution providers: Branch or similar providers if deferred links are enabled for a release, to open invite, gift, voucher, or group links correctly and measure safe attribution metadata.
• Support, email, document, accounting, legal, compliance, and operational providers: when needed to provide support, send operational messages, manage settlement, maintain records, or comply with law.
• Authorities and legal recipients: regulators, law enforcement, courts, payment networks, auditors, professional advisers, or other parties where required or permitted by law.
• Business transfer recipients: if we are involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, subject to appropriate confidentiality and privacy protections.

We require service providers to process information only for authorised purposes and to use appropriate security and confidentiality protections. We do not sell personal information. We do not use third-party advertising networks or offer-wall advertising in the current customer app. If that changes, we will update this policy and obtain any consent required by law or platform policy.

Cookies, WebViews, SDKs, and Similar Technologies

The mobile app and our websites may use SDKs, local storage, device identifiers, app instance identifiers, cookies, WebView storage, logs, or similar technologies for authentication, payments, hosted payment pages, security, notifications, deep links, preferences, crash reporting, and service reliability. The customer app uses analytics SDKs and analytics storage only when analytics are enabled. Hosted payment pages, Google services, Branch if enabled, and other third-party services may use their own cookies or similar technologies under their own policies.

International Transfers

We are based in South Africa, but our service providers may process and store information in South Africa, the United States, the European Economic Area, the United Kingdom, or other countries where they or their infrastructure operate. Where POPIA or other applicable laws require safeguards for cross-border transfers, we rely on appropriate contractual, legal, technical, and organisational measures, or on your consent or the performance of a contract where applicable.

How Long We Keep Information

We keep personal information only for as long as reasonably necessary for the purposes described in this policy, unless a longer period is required or permitted by law. Retention periods vary depending on the type of information and the reason we hold it.

• Account, profile, friends, favourites, app settings, notifications, and active app data are generally kept while your account is active.
• Order, payment, wallet, reward, voucher, gift card, settlement, tax, accounting, fraud, chargeback, refund, reconciliation, and ledger records may be retained after account deletion where needed for legal, financial, payment, audit, dispute, fraud-prevention, or regulatory reasons.
• Customer analytics records are created only when analytics are enabled. If you turn analytics off, we stop customer analytics collection and delete or mark for deletion the customer analytics profile and backend analytics rows associated with your user ID where feasible. When an account deletion request is completed, we aim to delete or de-identify user-linked analytics records where feasible and not legally required.
• Security, diagnostic, audit, and server logs are kept for a limited period appropriate to security, reliability, abuse prevention, and legal needs.
• Backups may retain data for a limited period until overwritten or deleted according to backup cycles.
• Information stored only on your device may remain until you delete it, clear app data, or uninstall the app.

If you request account deletion in the app, we queue the request for staff review and normally complete deletion within 30 days once any required review or blocker is resolved. We may keep minimal UID-linked or restricted records where required for legal, payment, fraud, tax, accounting, chargeback, settlement, reconciliation, audit, or dispute obligations. Where deletion is not possible or not required, we may de-identify, anonymise, restrict, or securely retain the information.

Security

We use technical and organisational safeguards designed to protect personal information, including Firebase and Google Cloud security controls, authentication, Firestore and Storage rules, server-side validation, rate limits, App Check where configured, access controls, logging, payment-provider hosted flows, and separation of client and server responsibilities. Payment secrets and privileged backend credentials are intended to be kept server-side.

No internet or storage system can be guaranteed to be completely secure. Please use a strong password, keep your device secure, review permissions, and contact us if you believe your account or information has been compromised.

Your Choices and Controls

• Account information: You can update certain account details in the app.
• Analytics: Analytics are off unless you opt in. You can turn behavioral analytics on or off in the app privacy settings. If analytics are off, the customer app does not collect customer analytics, send customer analytics events, or build customer analytics profiles for you.
• Location: You can grant, deny, or revoke location permission in your device settings. Some nearby-shop, map, ETA, timing, and arrival reminder features may not work without it.
• Contacts: You can grant, deny, or revoke contacts permission in your device settings. You can manually enter recipient details instead.
• Camera and photos: You can grant, deny, or revoke camera and photo permissions in your device settings.
• Notifications: You can turn push or local notifications off in your device settings or in app settings where available.
• Arrival reminders: You can enable or disable optional arrival reminders in the app settings.
• Marketing: You can opt out of marketing or promotional communications by using available app settings, notification settings, unsubscribe instructions where provided, or by contacting us.
• Account deletion: You can request deletion in the app. If you cannot access the app, contact us at team@order-up.co.za.

Your Privacy Rights

Depending on where you live and which laws apply, you may have rights to:

• request confirmation that we hold personal information about you;
• request access to personal information we hold about you;
• request correction or update of inaccurate, irrelevant, excessive, out-of-date, incomplete, misleading, or unlawfully obtained information;
• request deletion, destruction, restriction, or de-identification of personal information where applicable;
• object to certain processing, including processing based on legitimate interests or direct marketing;
• withdraw consent where processing is based on consent;
• request information about third parties or categories of third parties who have had access to your information;
• request portability where applicable;
• opt out of sale or sharing where applicable. We do not sell personal information;
• limit use or disclosure of sensitive personal information where applicable; and
• lodge a complaint with a data protection authority.

To exercise rights, email team@order-up.co.za or submit a request through our data subject request form: Data Subject Access Request. We may need to verify your identity before completing a request. Some rights are limited by legal, payment, tax, accounting, fraud-prevention, security, chargeback, settlement, reconciliation, or dispute obligations.

South African POPIA Rights and Regulator Contact

If the Protection of Personal Information Act, 2013 ("POPIA") applies, you have rights including access, correction, deletion where applicable, objection to processing in certain circumstances, and complaint rights. You also have the right to be told what information is collected, the source where not collected directly from you, the purpose of collection, whether supply is voluntary or mandatory, consequences of not supplying information, recipients or categories of recipients, cross-border transfers where applicable, and the contact details of the Information Regulator.

If you are dissatisfied with how we handle your privacy request or complaint, you may contact:

The Information Regulator (South Africa)
Website: https://inforegulator.org.za/
General enquiries: enquiries@inforegulator.org.za
Complaints: POPIAComplaints@inforegulator.org.za and PAIAComplaints@inforegulator.org.za

Children

The Services are not directed to children under 18. We do not knowingly collect personal information from children under 18 without appropriate permission from a competent person where required by law. If you believe a child has provided personal information to us without appropriate permission, contact us so we can review and take appropriate action.

Special or Sensitive Information

We do not ask you to provide POPIA special personal information such as religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life, biometric information, or criminal behaviour information. Please do not include that information in free-text fields or support messages unless it is strictly necessary for your request.

Some data we process, such as location, contacts, payment-related information, authentication information, photos, and device identifiers, may be treated as sensitive or high-sensitivity data under app platform policies or other privacy laws. We handle those categories as described in this policy and through device permission controls where applicable.

Automated Processing and Personalisation

We may use automated processing to sort nearby shops, estimate timing, show favourites or usual orders, personalise product experiences, detect unusual activity, enforce account deletion status, and prevent fraud. We build customer analytics only when analytics are enabled. We do not intend to make decisions based solely on automated processing that produce legal or similarly significant effects for you without appropriate safeguards.

Third-Party Links and Services

The Services may link to or use third-party websites, SDKs, hosted payment pages, app stores, map providers, payment providers, bank services, Apple Pay, Samsung Pay, Google services, Branch links if enabled, and other services that we do not control. Their privacy practices are governed by their own policies.

Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date shows when this policy was last revised. If we make material changes, we may notify you in the app, by email, by website notice, by push notification, or by another appropriate method.

Contact Us

For privacy questions, requests, or complaints, contact:

ORDERUP (PTY) LTD
25 Northfield ave
Johannesburg, Gauteng 2192
South Africa
Email: team@order-up.co.za