Stevedoring App – Privacy Policy
Last updated: 30 June 2025
- Who we are
DigiCargo (Pty) Ltd (“DigiCargo”, “we”, “our”, “us”) is a South‑African technology company that builds AI‑driven software for port and logistics operations, including the Stevedoring App for Android, iOS and web. The App helps stevedores and their partners order, track and fulfil Roll‑On/Roll‑Off (RORO) shipments using barcode/QR scanning, geolocation, offline data capture and a cloud portal.
Contact details
- Email:
This email address is being protected from spambots. You need JavaScript enabled to view it. - Postal address: 84 Bekker Road Midrand 1686, South Africa
- WhatsApp (support): +27 81 411 1190
- Scope of this policy
This policy applies to all versions of the Stevedoring App distributed via the Apple App Store, Google Play, Microsoft Store and any other authorised storefront (collectively, “Digital Storefronts”). It explains what data we collect, how we use it, the choices you have, and the standards we follow to satisfy store‑specific rules (Apple Privacy Nutrition Labels, Google Play Data Safety, Microsoft Store policy 10.5).
- What data we collect & why
Account & Profile Data – Name, email / mobile, password hash, organisation, team roles – used to create user accounts and authenticate (legal basis: contract).
Operational Data – Vehicle/VIN, consignment IDs, tally events, incident photos, GPS coordinates, timestamps – used to perform digital tally and generate real‑time progress and audit reports (contract; legitimate interest).
Device & Usage Data – Device model, OS version, crash logs, interaction events – used for debugging, analytics, fraud prevention (legitimate interest).
Camera / Media – Live camera feed or gallery image used to scan barcodes & capture cargo photos – used to identify cargo & record condition (consent).
Location – Precise GPS while tally mode is active – used to map cargo & crew in yards / decks (consent; legitimate interest).
Payment Info (web portal only) – Tokenised card / PayPal / Flutterwave IDs – used for subscription billing (contract; legal obligation).
We do not collect health data, contacts, microphone audio or SMS content. Children under 16 are not target users; see Section 11.
- How we use your data
- Provide core functionality (digital tally, offline sync, reporting).
- Create and manage user / organisation accounts.
- Calculate usage‑based billing and licence limits.
- Send operational notifications, invoices and incident alerts.
- Improve safety and performance through analytics and crash reports.
- Develop new features, e.g., AI models trained on de‑identified operational logs.
- Comply with legal duties, audits, tax and anti‑fraud controls.
We never sell personal data, and we do not use it for third‑party advertising.
- Sharing & disclosure
We share data only:
- Within DigiCargo and its controlled subsidiaries.
- With service providers strictly needed to run the App (Google Cloud/Firebase hosting, Algolia search, Freshdesk help‑desk, payment processors) under data‑processing contracts.
- With port stakeholders you explicitly authorise (e.g., shipping lines, terminal operators) via consignment permissions.
- With authorities when required by law, court order or to protect safety, rights or property.
- In business transfers – if DigiCargo undergoes a merger or asset sale, users will be notified before data moves under a new policy.
- International transfers
Servers are hosted in the Google Cloud data‑centre region selected by your organisation (default: europe‑west or southafrica‑north). When data moves outside the EEA/UK or South Africa, we rely on Standard Contractual Clauses or other recognised safeguards.
- Security
- TLS 1.3 encryption in transit; AES‑256 at rest.
- Fine‑grained Firebase security rules and IAM roles.
- Signed JWT tokens with short lifetimes for API access.
- Role‑based access in the web portal; optional two‑factor authentication.
- Periodic penetration testing and independent security reviews.
- Data retention & deletion
Account & profile – retained until you delete the account or after 24 months of inactivity. Operational logs – retained 10 years (industry audit norms). Analytics / crash data – retained 24 months then aggregated. You can delete your account or request erasure via the in‑app Settings → Privacy menu or by emailing
- Your rights
Depending on where you live you may access, correct, port, object to or restrict processing, withdraw consent, or lodge a complaint with a supervisory authority. Requests are actioned within 30 days; identity verification may be required.
- Store‑specific disclosures
Apple App Store – Privacy Nutrition Labels disclose identifiers, location, diagnostics, photos (optional); no tracking.
Google Play – Data Safety form describes data collection, purpose, sharing and security.
Microsoft Store – This document fulfils policy 10.5 (personal information use, security, sharing and user controls).
Other storefronts – Same policy URL reused.
- Children’s privacy
The Stevedoring App is not directed at children under 16. We do not knowingly collect data from minors. Parents or guardians who believe a minor has provided data may contact us for deletion.
- Cookies & similar tech (web portal only)
We use essential session cookies and Firebase Auth tokens. Optional analytics cookies (Google Analytics 4) are loaded only after opt‑in via the portal cookie banner.
- Changes to this policy
We may update this policy to reflect changes in law, technology or business. Material changes will be announced in‑app and via email at least 30 days before they take effect. The “Last updated” date will always indicate the current version.
- Contact us
If you have questions about privacy or this policy, please email
Disclaimer: This policy is provided for information only and does not constitute legal advice. Regulations evolve and may differ by jurisdiction; please consult qualified counsel to ensure full compliance with all applicable laws and sector‑specific obligations.