Privacy Policy for Bevgo Distributions Client Portal App
Effective Date: 08 August 2025
Bevgo Distributions (“we”, “our”, “us”) respects your privacy and is committed to protecting the personal and business information of our clients. This Privacy Policy explains, in detail and in compliance with Google Play’s Developer Policy, how we access, collect, use, store, disclose, and safeguard any information relating to an identified or identifiable natural person (“personal data”) when you install or use the Bevgo Client Portal App (“the App”).
Please read this policy carefully. By accessing or using the App, you acknowledge that you have read, understood, and agree to be bound by the terms described below. If you do not agree, you must not use the App.
1. Scope and Application
This Privacy Policy applies to all personal data processed in the App, whether provided directly by you, generated in the course of using the App, or collected automatically through Firebase or other service providers. It supplements any other privacy notices we may provide on specific occasions and is intended to provide comprehensive disclosure beyond the Data safety section in the Google Play Console.
2. Definitions
“Personal data” means any information relating to an identified or identifiable natural person.
“Processing” means any operation performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, erasure, or destruction.
“Client” means a registered business entity or its authorised representative that is granted access to the App.
3. Data Controller & Representative
For the purposes of data-protection laws (including the GDPR), the data controller is:
Bevgo Distributions
Physical Address: Paarl, South Africa
Email: info@bevgo.co.za
Phone: +27 71 619 1616
4. Information We Collect
We collect only the categories of personal data strictly necessary to provide the requested service. We do not collect any sensitive or special-category data.
4.1 Information You Provide Voluntarily
• Identity & Business Details: Full name, business / trading name, contact person name, South African company registration number, VAT number.
• Contact & Delivery Details: Email address, telephone number, delivery address(es), preferred delivery instructions.
• Order Information: Products selected, quantities, special instructions, purchase-order numbers.
• Invoice Preferences: Email address to which invoices must be sent, purchase-order references.
4.2 Information Collected Automatically
When you use the App, our backend services and Firebase automatically collect certain technical data:
• Firebase Authentication UID (a unique identifier tied to your email address).
• Device identifiers (Firebase Installation ID, Instance ID).
• IP address (truncated to /24 for analytics purposes).
• Coarse geolocation derived from IP (city/region level).
• App interaction logs (screen views, taps, crash traces, performance metrics via Firebase Crashlytics and Performance Monitoring).
We do NOT enable Google Analytics for Firebase, advertising features, or any advertising identifiers (AdId).
4.3 Information We Do NOT Collect
• Payment card numbers, bank-account details, or any other financial credentials.
• Precise GPS location.
• Contacts or address-book information.
• Microphone, camera, or sensor data.
5. Legal Basis for Processing (EEA/UK Users)
We rely on the following legal bases under Article 6 GDPR:
a) Contractual necessity – to create and manage your client account and fulfil your orders.
b) Legal obligation – to maintain accounting records and comply with South African tax law.
c) Legitimate interests – to ensure the security and integrity of the App, prevent fraud, and improve functionality (balanced against your rights and freedoms).
6. Purpose & Use of Information
We process your data for the following purposes:
• Account registration, authentication, and password-reset functionality.
• Enabling you to browse products, build orders, and submit them for fulfilment.
• Generating, storing, and displaying your historical invoices and delivery notes.
• Communicating order acknowledgements, delivery updates, or service notices.
• Responding to support queries and exercising your data-protection rights.
• Detecting, investigating, and preventing fraud, abuse, or security incidents.
• Complying with applicable laws, regulations, court orders, or lawful requests from authorities.
7. Sharing & Disclosure of Personal Data
We never sell, rent, or otherwise monetise your personal data. We disclose it only in the following circumstances:
7.1 Service Providers & Sub-processors
• Google Firebase (Authentication, Cloud Firestore, Cloud Functions, Crashlytics, Performance Monitoring).
• Google Cloud Platform (hosting and storage).
All sub-processors are bound by data-processing agreements that impose confidentiality, security, and lawful-processing obligations.
7.2 Legal & Compliance
We may disclose personal data to courts, regulators, or law-enforcement agencies when required under South African law or to establish, exercise, or defend legal claims.
7.3 Business Transfers
If Bevgo Distributions undergoes a merger, acquisition, or asset sale, your personal data will be transferred to the successor entity subject to this Privacy Policy.
8. International Data Transfers
Your personal data is stored on Google Cloud servers located primarily in the United States. Google LLC is certified under the EU-US Data Privacy Framework and relies on Standard Contractual Clauses (SCCs) for transfers from the EEA or UK. We have verified that adequate safeguards are in place.
9. Data Retention & Deletion
We retain your personal data for the following periods:
• Active account data – retained while your account remains open.
• Inactive account data – deleted or anonymised within 90 days of a written deletion request unless legal obligations require longer retention.
• Tax & accounting records – retained for a minimum of 5 (five) years in accordance with South African tax law.
Upon expiry of the retention period, data is securely deleted or irreversibly anonymised.
10. Security Measures
We implement technical and organisational measures designed to ensure a level of security appropriate to the risk:
• Encryption in transit using TLS 1.2 or higher (HTTPS).
• Encryption at rest using AES-256 through Google Cloud.
• Firebase Security Rules restricting read/write access to authenticated users only.
• Role-based access controls limiting staff access to the minimum necessary data.
• Annual vulnerability assessments and penetration tests.
While we strive to use commercially acceptable means to protect personal data, no method of transmission or storage is 100 % secure, and we cannot guarantee absolute security.
11. Data Breach Notification
In the event of any accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data (a “personal data breach”), we will:
• Notify the relevant supervisory authority within 72 hours of becoming aware, where required.
• Notify affected users without undue delay where the breach is likely to result in a high risk to their rights and freedoms, describing the nature of the breach, the likely consequences, and the measures taken or proposed to address it.
12. Your Rights
Subject to applicable law, you have the right to:
a) Access – obtain confirmation as to whether we process your data and receive a copy.
b) Rectification – correct inaccurate or incomplete data.
c) Erasure – request deletion of your personal data (“right to be forgotten”).
d) Restriction – limit processing in certain circumstances.
e) Portability – receive your data in a structured, commonly used, machine-readable format.
f) Object – object to processing based on legitimate interests.
g) Withdraw consent – where processing is based on consent, without affecting prior processing.
h) Lodge a complaint – with the South African Information Regulator (https://inforegulator.org.za) or your local supervisory authority.
To exercise any of these rights, email us at info@bevgo.co.za. We may request verification of your identity before responding. We will reply within 30 days of receipt of a valid request.
13. Children’s Privacy
The App is intended solely for use by adults (18 years or older) acting on behalf of registered businesses. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us immediately and we will delete such information.
14. Automated Decision-Making & Profiling
We do not perform any automated decision-making, including profiling, that produces legal effects concerning you or significantly affects you.
15. Cookies & Tracking Technologies
The App does not use browser cookies or advertising identifiers. Firebase collects minimal technical identifiers solely for authentication, security, and error-reporting purposes as described in Section 4.2.
16. Links to Third-Party Sites or Services
The App may contain links to external websites (e.g., courier-tracking portals). This Privacy Policy does not apply to such third-party sites. We encourage you to review their privacy policies before providing any personal data.
17. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. We will notify you of any material changes by:
• Posting the updated policy in the App (Settings > Privacy Policy) with a new “Effective Date”.
• Sending an email to the email address associated with your account.
Your continued use of the App after the effective date constitutes acceptance of the revised policy.
18. How to Contact Us
For any questions, concerns, or to exercise your rights under this Privacy Policy, please contact:
Bevgo Distributions – Data Protection Officer
Email: info@bevgo.co.za
Phone: +27 71 619 1616
Physical Address: Paarl, South Africa 7646
We will endeavour to resolve any complaints or disputes amicably. If you are located in the European Economic Area or the United Kingdom, you also have the right to seek judicial remedy before your competent courts.
Bevgo is a tech-enabled beverage supplier built for small and medium hospitality businesses. We make ordering fast, tracking easy, and rewards automatic — so you can focus on serving your customers, not chasing stock.
Bevgo is a tech-enabled beverage supplier built for small and medium hospitality businesses. We make ordering fast, tracking easy, and rewards automatic — so you can focus on serving your customers, not chasing stock.
Bevgo is a tech-enabled beverage supplier built for small and medium hospitality businesses. We make ordering fast, tracking easy, and rewards automatic — so you can focus on serving your customers, not chasing stock.