Privacy Policy

At Registra, we take data privacy seriously. This Privacy Policy explains how we collect, use, and protect the personal information of breeders and their clients. We are committed to compliance with the South African Protection of Personal Information Act (POPIA) and the EU General Data Protection Regulation (GDPR).

We collect information in the following ways:

• Account Data: When you register a kennel, we collect your name, email address, phone number, and physical address.
• Client Data: When you manage your waitlists or litters, you may input personal data about your clients (buyers). For this data, you act as the Data Controller (or Responsible Party under POPIA), and Registra acts as the Data Processor (or Operator).
• Usage Data: We collect standard technical information when you interact with our platform to help diagnose issues and improve performance.

For users located in the European Economic Area (EEA), our legal basis for collecting and using the personal information described above will depend on the context in which we collect it. We typically collect personal information from you only:

• Where we need the information to perform a contract with you (i.e., providing the SaaS platform).
• Where the processing is in our legitimate business interests (e.g., securing and improving our platform).
• Where we have your explicit consent to do so.

We use the collected information solely to:

• Provide, maintain, and secure the Registra platform.
• Process transactions and send related administrative communications.
• Generate private client portals and waitlist applications on your behalf.
• Respond to technical support requests.

We do not sell your personal information or your clients' personal information to third parties.

We may share data with trusted third-party service providers (subprocessors) who assist us in operating the platform, such as our cloud hosting provider (Supabase) and infrastructure host (Vercel). These partners are legally bound by strict confidentiality and security agreements (Data Processing Agreements).

International Transfers: Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. We ensure appropriate safeguards are in place for such transfers.

We implement industry-standard technical and organisational measures to protect your data from unauthorised access, alteration, or disclosure. This includes strict Row Level Security (RLS) at the database layer, encrypted connections in transit, and secure authentication flows.

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, or as legally required.

Depending on your jurisdiction (under POPIA or GDPR), you have the right to:

• Access: Request copies of your personal data.
• Rectification: Request correction of inaccurate data.
• Erasure: Request the deletion of your personal data ("Right to be Forgotten").
• Portability: Request that we transfer your data to another organisation.
• Withdraw Consent: Opt-out or withdraw your consent at any time.

If you wish to exercise these rights, please contact our support team through the platform dashboard.

When members of the public submit waitlist applications via Registra, they must provide explicit, informed consent for their data to be stored and processed by both the breeder and the platform. This consent is cryptographically recorded in our system with a timestamp to ensure legal compliance.