POPIA Privacy Notice (Suppliers & Transporters)
TransBidder (Pty) Ltd – TransBidder.co.za
Effective date: 11 February 2026
1) Who we are (Responsible Party)
TransBidder (Pty) Ltd (“TransBidder”, “we”, “us”) operates an online platform that facilitates transport requests and reverse-auction style bidding for the movement of machinery and related loads (the “Platform”).
This POPIA Privacy Notice explains how we collect, use, store, share, and protect personal information of our Suppliers and Transporters, including transporter owners, directors, employees, drivers, subcontractors, and representatives (“you”).
2) What personal information we collect
Depending on your relationship with us, we may collect and process the following categories of personal information:
2.1 Identity & business details
Full names, ID/passport number (where required), company registration details, VAT number
Contact details (email, phone), physical/business address
Position/title and authorised representative details
2.2 Operational & compliance information
Driver details (name, licence type/number, PDP/PrDP where applicable)
Vehicle and trailer information, permits, licence discs, operator cards, roadworthy/compliance documents
Proof of insurance, safety files, induction records, certifications (where required)
2.3 Transaction & platform data
Bids submitted, pricing, job confirmations, proof of delivery (“PODs”), delivery notes, job status updates
Platform logins, audit trails, and communications via the Platform, WhatsApp, email and/or telephone
2.4 Financial & payment information
Banking details, payment references, invoices, statements
Tax-related details required for lawful processing (e.g., SARS-related information where applicable)
2.5 Technical and usage data
Device information, browser type, IP address, cookies (where enabled), and activity logs for security and performance
Special Personal Information: We generally do not require special personal information (e.g., medical information). If it becomes necessary (for example, due to site access requirements), we will only process it where lawful, strictly necessary, and with appropriate safeguards.
3) Where we get the information
We may collect personal information:
Directly from you (sign-up, onboarding, forms, email, WhatsApp, phone calls)
From your company (employer/mandate)
From clients/suppliers/OEMs when allocating work or verifying compliance
From lawful public sources and verification providers (where needed for compliance)
4) Why we process your information (Purposes)
We process your personal information to:
Register you on the Platform and manage your account
Enable bidding, job allocation, dispatching, and job completion
Verify compliance, safety, licensing, permits, and insurance requirements
Communicate about loads, access requirements, route constraints, and operational updates
Manage payments, invoicing, reconciliation, and recordkeeping
Prevent fraud, enforce Platform rules, and maintain audit trails
Comply with legal obligations (including tax, financial recordkeeping, and regulatory requirements)
Resolve disputes and support claims (including insurance and incident investigations)
Improve our Platform, services, and user experience
5) Lawful basis for processing (POPIA justification)
We process personal information on one or more lawful grounds, including:
Contractual necessity (to provide Platform services and fulfil transport engagements)
Legal obligation (recordkeeping, compliance, verification where required)
Legitimate interests (fraud prevention, security, platform integrity, service improvement)
Consent (where POPIA requires it, e.g., certain direct marketing or optional data)
6) How we share personal information
We may share your personal information only as necessary with:
Suppliers/OEMs/Clients that request transport services (for verification, access control, dispatching, and job execution)
Other Platform users where required to complete a transaction (e.g., job award details)
Service providers/operators such as hosting providers, email/communication tools, payment processors, verification vendors, IT support, and analytics providers (acting as “operators”)
Regulators, law enforcement, and courts where required by law or lawful request
Insurers and legal advisors for claims, disputes, or risk management
We do not sell personal information.
7) Cross-border transfers
If we use cloud services or operators outside South Africa, we will ensure that cross-border transfers occur only where appropriate safeguards consistent with POPIA are in place (including contractual protections and reasonable security standards).
8) Security safeguards
We implement reasonable technical and organisational safeguards to protect personal information, including:
Access controls (including role-based access where possible)
Secure hosting and encryption in transit where supported
Audit logs and monitoring
Password and account security measures
Staff/contractor confidentiality obligations
No system is 100% secure, but we take reasonable steps to prevent unauthorised access, loss, or misuse.
9) Data retention
We retain personal information only as long as necessary for the purposes set out above, including:
Active account and operational records: for the duration of the relationship
Financial and tax records: as required by law (typically several years)
Audit logs and security records: for reasonable periods to protect Platform integrity
When retention is no longer required, we securely delete, de-identify, or archive the information.
10) Your rights under POPIA
You have the right to:
Request confirmation whether we hold your personal information
Request access to your personal information
Request correction/update of inaccurate or incomplete information
Object to processing in certain circumstances
Request deletion where lawful and applicable
Withdraw consent where processing is based on consent (this may limit service delivery)
Lodge a complaint with the Information Regulator (South Africa)
11) Direct marketing
We will only send direct marketing communications where lawful and, where required, with your consent. You can opt out at any time by following unsubscribe instructions or contacting us.
12) Cookies and tracking
Our website/platform may use cookies or similar technologies for functionality, security, and analytics. You can manage cookie preferences via your browser settings (and cookie banners where implemented).
13) Subcontracting and third parties
If you subcontract or use drivers/employees, you confirm that you have lawful authority to share their personal information with TransBidder for onboarding, compliance, and job execution purposes, and that those data subjects have been informed of this Notice (or an equivalent privacy notice).
14) Breach notification
If there is a security compromise involving personal information, we will take reasonable steps to contain and investigate it and, where required, notify affected parties and/or the Information Regulator.
15) Contact us
For POPIA requests or questions, contact:
Information Officer (TransBidder): Blake Matthew Kruger
Email: b.kruger@transbidder.co.za
Phone: +27 71 483 9954
Website: transbidder.co.za
16) Changes to this Notice
We may update this Notice from time to time. The latest version will be made available on our website/platform and will apply from the effective date shown above.