Privacy Policy
This is the privacy policy for BluePadel, a product of Ward & Partners (Pty) Ltd — a South African padel platform for booking courts, playing rated matches and tournaments, and tracking your results across an Android phone and a paired Wear OS watch. Ward & Partners (Pty) Ltd is the "Responsible Party" under the Protection of Personal Information Act, 2013 (POPIA). This policy explains what we collect, why, who we share it with, how long we keep it, and your rights.
1. Who we are
The Responsible Party is Ward & Partners (Pty) Ltd, a South African company operating BluePadel under the package identifier za.co.bluepadel.cloud. You can reach us — and our Information Officer for POPIA purposes — at hello@bluepadel.co.za.
2. What personal information we process
- Account & sign-in. Your email address and a securely hashed password, or — if you choose Google sign-in — the basic profile Google returns (name, email). We never see your Google password.
- Profile. Your display name, padel rating and rating history, and optional details such as phone number, date of birth, and the city/region you select during onboarding.
- Padel activity. Matches you play and their scores, court bookings, tournament entries, and your in-app actions.
- Social. The players you follow and who follow you, and the messages you send in match and tournament chats.
- Payments & wallet. Your wallet balance and a record of top-ups and charges. Card payments are processed by Paystack; we receive a confirmation and reference, never your full card details.
- Technical. A push-notification token (so we can send match and booking alerts) and basic security/diagnostic logs such as the time and IP address of sign-in attempts.
Location. We don't track your device's GPS location. The only location we hold is the city/region you choose yourself when setting up your profile or finding clubs.
Health & fitness (watch only). If you use a paired Wear OS watch, heart rate and motion are read on the watch to show a live readout and detect swings during a match. This health data is processed on your watch and phone and is not uploaded to our servers.
We don't process your contacts, photos, browsing history, advertising identifiers, or precise location.
3. Why we process it (purpose & lawful basis)
- To provide the service — create and secure your account, and run bookings, matches, ratings, tournaments and chat (POPIA s11(1)(b), performance of contract).
- To process payments — top-ups, court fees and entry fees (performance of contract).
- To keep the service safe and working — fraud prevention, security, and debugging (legitimate interest, s11(1)(f)).
- To meet legal obligations — keeping transaction records for tax and financial law (s11(1)(c)).
- For optional extras — such as notifications, which you can turn off (your consent, s11(1)(a)).
4. Who we share it with
We don't sell your personal information. We share it only with the providers needed to run BluePadel:
- Google — sign-in (if you use Google), push notifications, in-app billing where applicable, and the Wear OS Data Layer that links your phone and watch.
- Paystack — to process card payments and wallet top-ups. Paystack handles your card data under its own terms; we don't store it.
BluePadel's own data is stored on secure cloud server infrastructure that we operate. Some providers may process data outside South Africa; where that happens we rely on the conditions permitted under POPIA s72.
5. Retention
We keep your account and profile data for as long as your account is active. When you delete your account (or ask us to), we delete or anonymise your personal data within 30 days — except records we're legally required to keep, primarily transaction and payment records, which we retain for the period required by South African tax and financial law (generally up to 5 years) and then delete or anonymise.
6. Security
Connections to BluePadel use HTTPS/TLS encryption. Passwords are stored only as salted hashes, never in plain text. Access to production data is restricted and authenticated. Card data never reaches our systems — it goes directly to Paystack.
7. Your rights under POPIA
You have the right to:
- Know what personal information we hold about you (s23).
- Request correction or deletion (s24) — see the account deletion and data deletion pages.
- Object to processing (s11(3)).
- Lodge a complaint with the Information Regulator of South Africa at inforegulator.org.za.
To exercise any of these, email hello@bluepadel.co.za; we respond within 30 days.
8. Children
BluePadel is intended for users aged 18 and over and we don't knowingly process the personal information of children. If you believe a child has created an account, contact us and we'll remove it.
9. International transfers
Some of the providers we rely on (for example certain Google and Paystack services) may process personal information outside South Africa. Where information is transferred across borders, we rely on the conditions permitted by POPIA s72, including providers bound by comparable data-protection obligations.
10. Changes to this policy
If we change this policy in a way that affects you materially, we'll update the "Last updated" date at the top and post the new version at this same URL before the change takes effect.
11. Contact
Privacy questions, POPIA requests, or anything else: hello@bluepadel.co.za.