Privacy Policy

1. Who we are

Sous-Chef ("Sous-Chef", "we", "us"), based in the Republic of South Africa, provides employee management software to employers, primarily in the hospitality sector. References to "you" mean either the employer-administrator who registers an organisation, or an employee-member added to an organisation, depending on context.

2. Scope of this policy

When an employer (the "Customer") registers an organisation on Sous-Chef and adds employees, the Customer is the responsible partyfor those employees' personal information under POPIA. Sous-Chef is the operatorprocessing that information on the Customer's instructions, governed by our Operator Agreement.

In our capacity as a service provider directly to the Customer (account, billing, support), Sous-Chef is itself the responsible party. This policy covers both capacities and tells you which applies in each case.

3. Information we collect

3.1 From Customer-administrators

• Name, work email address, password (hashed)
• Organisation name, slug, registration number, address
• Industry, default work schedule, ordinary hours per week
• Information Officer name and email
• Billing details (handled by our payment provider)
• Session metadata: IP address, user-agent, sign-in timestamps

3.2 From employee-members

• Name, work email, role, employment type, start date
• South African ID number or passport number, where required
• Phone number, residential address, branch and department
• Salary and salary history
• Leave requests and balances, including reasons and uploaded sick notes (special personal information — health)
• Schedule and shift records
• Contracts and signed documents (signature value, IP, user-agent at signing)
• Disciplinary records, charge sheets, hearing minutes and outcomes (which may include allegations of criminal-behaviour-adjacent conduct — special personal information under POPIA s26)
• Audit log of activity within the platform

Special personal information (health, alleged criminal behaviour) is processed only because, and to the extent that, it is necessary to comply with an obligation of South African labour law (BCEA, LRA, CATRA Collective Agreement) — POPIA s27(1)(b).

4. How we use your information

On the Customer's instructions, we process employee personal information to:

• Maintain the employee record and statutory written particulars (BCEA s29)
• Calculate leave entitlements, balances, sick leave cycles and overtime (BCEA, CATRA)
• Schedule shifts and capture shift change requests
• Generate, send, sign and store contracts, offer letters, charge sheets, outcome letters and certificates of service
• Maintain a tamper-evident audit log of who did what
• Deliver email notifications (invitations, leave decisions, contracts, certificates) via our email sub-processor

In our own capacity (as responsible party for our customer relationships), we also use information to provide and bill for the service, respond to support requests, prevent fraud and abuse, and comply with our own legal obligations.

5. Lawful basis for processing

We rely on the following grounds in POPIA s11:

• Contract — to perform the Sous-Chef service for the Customer and the underlying employment contract between Customer and member
• Legal obligation — record-keeping and HR-process obligations under BCEA, LRA, the CATRA Collective Agreement and the Income Tax Act
• Legitimate interest — secure operation of the platform, fraud prevention, audit-trail integrity
• Consent — for marketing communications and any optional processing not covered above; consent can be withdrawn at any time

6. How we share information

We do not sell personal information. We share it only with:

• The Customer (your employer), within the scope of their organisation
• Authorised Sous-Chef personnel (billing and accounts) for the limited purpose of operating the service — managing subscriptions, issuing invoices, recording payments and administering account status. This access is restricted to organisation-level information only (organisation name, owner contact, plan, seat count, billing history, account status). Authorised personnel do not have access to individual employee records, salaries, identity numbers, leave history, disciplinary records, contracts, schedules or any other employee-level information across Customer organisations. Access is subject to additional authentication safeguards and every read or administrative action is recorded in an internal audit log.
• Our sub-processors, listed in full on our sub-processors page, each bound by an operator agreement and confidentiality obligations
• Bargaining councils, the CCMA, courts or regulators where compelled by law or where the Customer instructs us to do so as part of a dispute
• Professional advisors (auditors, attorneys) under confidentiality

7. Cross-border transfers

Our infrastructure sub-processors operate outside South Africa. In particular, the database and file storage are hosted in Frankfurt, Germany; transactional email is sent from Dublin, Ireland; application hosting runs from Washington, D.C., USA; and bot protection runs on Cloudflare's global edge network.

The European Union and the United Kingdom are recognised as providing a level of protection that is comparable to POPIA. For transfers to the United States, we rely on contractual safeguards imposed on the relevant sub-processor (POPIA s72(1)(a)). The current sub-processor list and their hosting regions are kept up-to-date at /legal/sub-processors.

8. How long we keep your information

We keep personal information only as long as we need it to deliver the service or to meet a legal obligation. The default schedule below applies in the absence of a longer retention requirement imposed by the Customer or by law:

These windows are enforced by an automated daily retention job; once a record crosses its retention deadline it is either purged or anonymised (we keep the minimum employment-shape information required by BCEA s31 but strip the contact details and identifiers). Customers can request earlier deletion of their organisation by following the procedure in the Operator Agreement.

9. How we protect your information

• TLS 1.2 or higher in transit; AES-256 encryption at rest at the database layer
• Role-based access control (owner / admin / member)
• Internal access by authorised Sous-Chef personnel is subject to additional authentication safeguards and a tamper-evident audit log. The scope of that access is limited to organisation-level information (see section 6); it does not extend to employee-level data held on behalf of Customer organisations.
• Audit logging of administrative and HR actions inside the platform
• Server-side validation of email domains at registration (disposable-domain blocklist + MX-record check)
• Bot protection on registration, login and password-reset flows via Cloudflare Turnstile
• Annual review of access privileges and sub-processor list

If you have found a security issue and want to report it, see our security & vulnerability disclosure page.

10. Your rights as a data subject

Under POPIA s23–s25 you have the right to:

• Be informed about which of your personal information we hold
• Request a copy of that information (a Data Subject Access Request, or DSAR)
• Request correction or deletion of inaccurate, irrelevant, excessive, out-of-date, incomplete or unlawfully obtained information
• Object to processing on reasonable grounds, subject to lawful exceptions
• Withdraw consent where processing relies on consent
• Lodge a complaint with the Information Regulator (see section 14)

For employee-members, requests for correction or deletion are ordinarily routed first to your employer (the responsible party). If your employer does not act on a request, you may escalate to Sous-Chef at privacy@sous-chef.co.za. We respond to verified requests within 30 days.

11. Children and minor employees

Sous-Chef is intended for use by employers with adult employees. The hospitality sector occasionally engages 15–17-year-olds in line with BCEA s43 and s44.

Children under 15. The Basic Conditions of Employment Act s43 prohibits the employment of any person under the age of 15, and a contravention is a criminal offence. Sous-Chef enforces this at the platform level: a Customer who records a date of birth indicating a member is under 15 cannot send the invitation, and no personal information about that child is stored. An audit entry of the blocked attempt is recorded against the Customer.

Members aged 15–17.Sous-Chef processes personal information about a 15–17-year-old member only after a parent or legal guardian has recorded special consent on their behalf, as required by POPIA s35. The guardian's name, their relationship to the minor, and the date the consent was recorded are stored on the member record and written to the audit log (action: consent.minor.parental_recorded). Customers remain responsible for complying with the BCEA s44 restrictions on hazardous work, hours, and types of work that apply to minor employees.

A guardian (or the minor on reaching 18) may exercise any of the rights described in section 10 — including the right to withdraw consent at any time.

12. Cookies and tracking

We use a small number of strictly-necessary cookies to keep you signed in and to protect against abuse. We do not run advertising cookies or third-party trackers on the application. See our cookie policy for the full list and how to manage them.

13. Changes to this policy

We update this policy whenever we change how we process personal information. The version number and effective date at the top of this page change with each update. Material changes are notified to Customer-administrators by email at least 14 days before they take effect.

14. Information Officer & contact

Sous-Chef's Information Officer is reachable at privacy@sous-chef.co.za (or via /legal/contact-information-officer).

You may also lodge a complaint directly with the Information Regulator (South Africa): inforegulator.org.za.

← Back to home