Privacy Policy

Last updated: 13 April 2026 · DCI DiaConnect (Pty) Ltd

Your health data is sensitive. We collect it only to provide the bolus calculation service. We do not sell it, share it with advertisers, or use it for any purpose other than operating DiaConnect.

1. Who we are

DCI DiaConnect (Pty) Ltd ("DiaConnect", "we", "us") is a South African company registered with the CIPC. We operate the DiaConnect WhatsApp bolus calculator service accessible at dcidiaconnect.co.za. Our Information Officer is registered with the Information Regulator of South Africa in terms of POPIA.

2. What personal information we collect

  • Identity data: your first name and WhatsApp phone number
  • Health data (special category): diabetes type, ICR, ISF, target blood glucose range, blood glucose readings, meal photographs, and calculated bolus doses
  • Account credentials: if you connect your FreeStyle Libre, we store an encrypted authentication token (never your raw password)
  • Usage data: timestamps and outcomes of each scan session
  • Payment data: subscription tier and payment confirmation (card details handled exclusively by PayFast)

3. Why we collect it (lawful basis)

  • Consent: you explicitly consent to health data processing during onboarding
  • Contract: to provide the bolus calculation service you have requested
  • Legal obligation: to comply with South African law including POPIA and tax legislation

4. How we use your information

  • To calculate your meal bolus and correction dose
  • To fetch your blood glucose reading from LibreLinkUp (if connected)
  • To maintain your scan history
  • To send you service-related WhatsApp messages
  • To process your subscription payment
  • To comply with legal and regulatory requirements

5. Who we share your data with

We do not sell your personal information. We share data only with the following processors, each bound by contractual data protection obligations:

  • Anthropic, Inc. — meal photos and conversation context are processed by the Claude AI API to generate carb estimates.
  • Abbott Diabetes Care (LibreLinkUp) — if you link your sensor, we retrieve your glucose readings from Abbott's servers.
  • Supabase, Inc. — encrypted database hosting for your profile and scan history.
  • PayFast (PTY) Ltd — payment processing for paid subscriptions.

6. How long we keep your data

  • Active accounts: data is retained while your account is active
  • Inactive accounts: data is anonymised or deleted after 12 months of inactivity
  • Following a deletion request: personal data is purged within 30 days
  • Financial records: retained for 5 years as required by South African tax law

7. How we protect your data

  • All data is transmitted over HTTPS (TLS 1.2+)
  • Databases are encrypted at rest using AES-256
  • LibreLinkUp credentials are stored as encrypted tokens only
  • Access to production systems is restricted to authorised personnel

8. Your rights under POPIA

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information (right to erasure)
  • Withdraw consent at any time (this will terminate your ability to use the service)
  • Lodge a complaint with the Information Regulator at inforegulator.org.za

9. Children

DiaConnect is not intended for use by persons under the age of 18 without the involvement of a parent or legal guardian.

10. Contact

DCI DiaConnect (Pty) Ltd · Email: info@dcidiaconnect.co.za · Website: dcidiaconnect.co.za

← Back to site