Skip links
Secure Express

Privacy Policy

Secure Express (Pty) Ltd
Last updated: [27/11/2025]

1. Introduction

Secure Express (Pty) Ltd (“Secure Express”, “we”, “us”, or “our”) provides secure, on‑demand transport services through our website at www.secureexpress.co.za and our mobile applications (the “Services”). Secure Express+1

We respect your right to privacy and are committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (“POPIA”) and other applicable data protection laws. POPIA+1

This Privacy Policy explains how we collect, use, share and safeguard your personal information when you:

  • Visit or use www.secureexpress.co.za
  • Use our mobile apps (Secure Express passenger app and related platforms) Secure Express+1
  • Interact with us via phone, email, WhatsApp or social media
  • Apply for employment or to become a Secure Express driver

By using our Services, you agree to the processing of your personal information as described in this Privacy Policy.

2. Who we are

For POPIA purposes, Secure Express is the “responsible party” (similar to a “data controller”). POPIA+1

We have appointed an Information Officer in terms of POPIA. Their details will be made available in our PAIA/POPIA manual and can be requested using the contact details above. Inforegulator+1

3. Scope of this Privacy Policy

This Privacy Policy applies to:

  • Visitors to our website
  • Users of our mobile apps (passengers and, where applicable, drivers)
  • Job applicants and prospective drivers
  • Individuals who contact us via phone, email, WhatsApp or social media
  • Any other person whose personal information we process in the course of our business

This Policy does not apply to third‑party websites, apps or services that we do not own or control, even if we link to them (for example, recruitment portals or app stores).

4. Key definitions

For ease of understanding:

  • “Personal information” means information relating to an identifiable, living person (and where applicable, existing juristic person), such as name, contact details, ID number, location data and online identifiers, as defined in POPIA. rd.mandela.ac.za+1
  • “Special personal information” includes more sensitive categories (e.g. race, health, biometric information, criminal behaviour) that are subject to additional protections. rd.mandela.ac.za+1
  • “Processing” includes any operation involving personal information such as collection, use, storage, disclosure, modification, destruction or de‑identification. web-hosting-rsa.co.za+1

5. What personal information we collect

The information we collect depends on how you interact with us:

5.1 Passengers and app users

When you register and use the Secure Express app or request a “Ryde”, we may collect:

  • Identification and profile information
    • Name and surname
    • Mobile number
    • Email address
    • Profile photo (if you choose to upload one)
  • Ride and journey information
    • Pickup and drop‑off addresses
    • Journey routes and real‑time/approximate location data
    • Dates and times of rides
    • Ride preferences (for example secure/fast route) Secure Express+1
  • Device and technical data
    • Device type, operating system, app version
    • IP address, app usage logs
  • Payment and billing information
    • Limited payment information (e.g. payment method type, transaction references)
    • We typically use third‑party payment providers and do not store full card details; where we do, this will be clearly communicated.
  • Communications and support
    • Queries, complaints, feedback and correspondence with our support teams (including WhatsApp where applicable) Secure Express

5.2 Safety and security information

Because Secure Express specialises in secure transportation, we may also process:

  • In‑vehicle camera footage (dashcam and driver‑facing cameras) from our vehicles, which may incidentally capture passengers and surroundings, for safety, incident investigation and security purposes. Secure Express
  • Location tracking data used by our 24‑hour Global Security Operations Centre to monitor Rydes. Secure Express+1

Where this footage or data reveals sensitive information (for example, health status or religious affiliation), it may constitute special personal information and we will treat it with additional care in line with POPIA.

5.3 Driver and employee information

If you apply to join Secure Express as a driver or staff member (or through our recruitment partners), we may collect: Secure Express+1

  • Identification details (name, ID/passport, date of birth)
  • Contact details (phone, email, address)
  • Driver’s licence details and professional driving permits
  • Employment history and qualifications
  • Background checks, vetting, results of training and assessments
  • Information required for payroll and HR administration
  • Any information you provide in your CV or application

Some of this may be special personal information (e.g. criminal checks or health/fitness assessments) and will be processed only where allowed by POPIA and other applicable law. POPIA+1

5.4 Website visitors and contact‑form users

When you visit our website or fill in the Contact Us form, we may collect: Secure Express

  • Name and surname
  • Phone number
  • Email address
  • Your message or enquiry
  • Technical data (IP address, browser type, device, cookies and similar technologies – see our Cookie Policy)

5.5 Social media & marketing interactions

  • Public profile information and messages when you interact with us on platforms like Facebook, Instagram, LinkedIn, X (Twitter) and YouTube
  • Preferences regarding marketing communications (opt‑in / opt‑out records)

6. How we collect your personal information

We collect personal information in the following ways:

  • Directly from you – when you create an account, book a Ryde, contact us, submit a form, or apply for employment.
  • Automatically – via the app, our vehicles’ systems and our website (e.g. location data, telemetry, cookies, logs, and camera footage). Secure Express+1
  • From third parties – for example:
    • Recruitment service providers (such as external job portals linked from our Careers page) Secure Express
    • Payment processors
    • Analytics or advertising providers (where allowed)
    • Law‑enforcement or other authorities, where legally permitted

7. Legal grounds for processing (POPIA & other laws)

Under POPIA, we must have a lawful basis to process personal information. Our processing is generally based on: KPMG Assets+1

  • Your consent – for example, when you allow location tracking or opt‑in to marketing communications.
  • Contractual necessity – to enter into and perform our agreement with you, such as providing secure transport services and managing your account. KPMG Assets
  • Legal obligations – to comply with laws, regulations, court orders, PAIA/POPIA requirements, tax laws or transport regulations. POPIA+1
  • Legitimate interests – where our interests (or those of a third party) are not overridden by your rights, for example:
    • Ensuring safety and security of passengers and drivers
    • Preventing and detecting fraud or crime
    • Improving and developing our Services

Where we process special personal information or information about children, we will do so only in the limited circumstances allowed by POPIA (for example, with consent, or where necessary for the establishment, exercise or defence of a right in law, or required by law). POPIA+1

8. How we use your personal information

We use personal information for the following purposes:

  1. To provide our Services
    • Creating and managing passenger and driver accounts
    • Processing ride bookings and providing secure Rydes
    • Real‑time tracking and support from our operations centre Secure Express+1
  2. Safety, security and fraud prevention
    • Monitoring rides and vehicles using tracking systems and in‑vehicle cameras
    • Investigating accidents, safety incidents, complaints and suspected criminal activity
    • Verifying identity and conducting vetting (for drivers and staff)
  3. Customer support and communication
    • Responding to enquiries, complaints and feedback
    • Sending important operational or service‑related messages (e.g. ride confirmations, app notifications, safety alerts, policy changes)
  4. Billing and payments
    • Processing payments and refunds
    • Preventing unauthorised or fraudulent transactions
  5. Improving and personalising our Services
    • Analysing usage trends and app performance
    • Testing and improving features, routes and user experience
  6. Marketing and promotions
    • Sending you marketing communications (via email, SMS, push notifications or in‑app messages) about our services, promotions and news, in compliance with POPIA direct‑marketing rules and any consent you have given. POPIA+1
    • You can opt out at any time (see section 12).
  7. Legal and regulatory purposes
    • Complying with legal obligations and responding to lawful requests from authorities
    • Exercising or defending legal claims
    • Maintaining appropriate records for audit and compliance purposes

9. Cookies and similar technologies

Our website uses cookies and similar technologies to: Secure Express

  • Ensure the site functions properly
  • Remember your preferences
  • Understand how visitors use our site
  • Support security and fraud prevention
  • Support marketing and analytics where allowed

You can manage cookies through your browser settings and via our Cookie Policy, which provides more detail on the types of cookies we use and how you can control them.

10. When and how we share personal information

We do not sell your personal information. We may share it with:

  1. Secure Express drivers and internal teams
    • To fulfil your ride requests and ensure safety (drivers need limited information such as your first name and pick‑up/drop‑off details).
  2. Service providers and operators
    We use trusted third‑party service providers who process personal information on our behalf, such as:
    • Hosting, IT and cloud service providers
    • Payment processors
    • Communication tools (for SMS, email, push notifications, WhatsApp, etc.)
    • Analytics and security monitoring providers
    • Recruitment and HR service providers
    These parties are bound by appropriate contracts and are required to protect your information and use it only according to our instructions, as required by POPIA. POPIA+1
  3. Business transfers
    • If we restructure, merge, sell or transfer part of our business, your personal information may form part of the transferred assets. We will take steps to ensure that your rights remain protected.
  4. Legal and regulatory disclosures
    • Where required or permitted by law, we may share information with law‑enforcement, regulators, courts or other authorities (for example, in relation to accidents, criminal investigations or regulatory compliance).

11. Cross‑border transfers

Some of our service providers or systems may be located outside South Africa. In those cases, we may transfer personal information to other countries.

When we do so, we will comply with POPIA’s requirements for transborder information flows, which may include: POPIA+1

  • Ensuring that the recipient is subject to a law, binding corporate rules or binding agreement which provides an adequate level of protection; or
  • Obtaining your consent where appropriate; or
  • Where the transfer is necessary for the performance of a contract with you, or for the benefit of you, or for important reasons of public interest or the exercise or defence of legal claims.

12. Your privacy rights

Under POPIA, you have several rights regarding your personal information, including the right to: rd.mandela.ac.za+2Wikipedia+2

  • Access – to request confirmation of whether we hold personal information about you, and to request access to that information.
  • Correction – to request that we correct or complete inaccurate or incomplete information.
  • Deletion or destruction – to request that we delete or destroy information that we are no longer entitled to keep, subject to legal and contractual retention requirements.
  • Objection – to object, on reasonable grounds, to the processing of your personal information where we rely on legitimate interests.
  • Direct marketing – to object at any time to receiving direct marketing from us, or to withdraw consent where marketing is based on your consent.
  • Withdrawal of consent – where processing is based on your consent, you may withdraw that consent at any time (this will not affect past processing).

If you wish to exercise these rights, please contact us using the details in section 16 below. We may need to verify your identity before acting on your request and may reject or limit requests where allowed by law (for example, when we must retain data to comply with legal obligations or for legitimate business purposes).

Residents of other jurisdictions (such as the EEA/UK) may have additional rights under their local data protection laws, such as data portability or the right to lodge complaints with their local data protection authority.

13. Data retention

We will not retain your personal information for longer than is necessary to achieve the purposes for which it was collected, unless: POPIA+1

  • Retention is required or permitted by law;
  • Retention is necessary for legitimate business purposes (e.g. record‑keeping, safety investigations, disputes); or
  • Information is de‑identified so that it can no longer reasonably identify you.

Retention periods vary depending on the type of information and the context (passenger, driver, employee, etc.). For example:

  • Ride and transaction records may be kept for a number of years for tax, regulatory and safety reasons.
  • Camera footage may be kept for a limited period unless required for an incident investigation or legal process.
  • Recruitment records may be retained for a defined period for future opportunities or legal obligations.

When personal information is no longer needed, we will delete it or de‑identify it securely.

14. Security of personal information

We take reasonable and appropriate technical and organisational measures to protect personal information against loss, unauthorised access, destruction, damage or unlawful processing, including: POPIA+1

  • Encryption of data in transit (for example, in app communications and through our website) Google Play
  • Access controls and role‑based permissions
  • Secure hosting and network protections
  • Monitoring of systems and ride activity through our operations centre
  • Staff training on data protection and information security
  • Policies and procedures for handling security incidents

However, no system is completely secure. If we become aware of a security compromise that affects your personal information, we will notify you and the Information Regulator where required by law, and take steps to limit any potential harm. Inforegulator+1

15. Children’s information

Our Services are not specifically directed at children, and we do not knowingly allow children to create passenger accounts without the involvement of a parent or legal guardian.

However, children may travel as passengers in Secure Express vehicles (often accompanied by adults). In such cases, some information (e.g. ride details and camera footage) may relate to children. We process this information:

  • To ensure the safety and security of all passengers; and
  • Only where permitted by POPIA and other applicable laws, and primarily via the account of the adult who arranged the ride. POPIA+1

If you believe we have collected personal information about a child inappropriately, please contact us so that we can review and take appropriate steps.

16. Third‑party websites, apps and services

Our website and apps may contain links to or integrate with third‑party websites, services and platforms, such as:

These third parties have their own privacy policies and practices. We are not responsible for their content, security or privacy practices. We encourage you to review their privacy policies before providing personal information to them.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our Services, legal requirements or privacy practices.

When we make material changes, we will:

  • Update the “Last updated” date at the top of this Policy; and
  • Take additional steps where appropriate (for example, notifying you in‑app, via email, or via a notice on our website).

Your continued use of our Services following any changes means that you accept the updated Policy.

18. How to contact us

If you have any questions, concerns or requests about this Privacy Policy or our handling of your personal information, please contact us at:

Secure Express (Pty) Ltd

19. Your right to lodge a complaint

If you believe we are not handling your personal information in accordance with this Privacy Policy or applicable law, you are encouraged to contact us first so that we can try to resolve your concern.

You also have the right to lodge a complaint with the Information Regulator (South Africa):

More information and complaint forms are available on the Information Regulator’s website.

This website uses cookies to improve your web experience.