This Privacy Policy explains how Yield SPM (Pty) Ltd ("we", "us", "Yield SPM") collects, uses, stores, and protects your personal information when you use the Atteste art collection management platform ("the Service").
This policy is drafted in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA"), the Promotion of Access to Information Act 2 of 2000 ("PAIA"), and the Electronic Communications and Transactions Act 25 of 2002 ("ECTA"). Where the Service is provided to consumers as defined by the Consumer Protection Act 68 of 2008 ("CPA"), the relevant provisions of that Act also apply.
| Name | Lindie le Roux |
| Deputy | Karel le Roux |
| privacy@practacular.com | |
| Address | 23 Kameeldoringdraai, Woodland Hills, Bloemfontein, Free State, 9301 |
| Category | Examples | Purpose |
|---|---|---|
| Account information | Name, email address, password (hashed) | Account creation and authentication |
| Profile preferences | Display name, subscription tier, notification settings | Service personalisation |
| Artwork data | Title, artist name, medium, dimensions, valuation, purchase date, provenance notes | Core cataloguing functionality |
| Images | Photographs of artworks, certificates, documents | AI analysis, cataloguing, certificates of authenticity |
| Voice recordings | Audio narrations, art stories, memoirs | Transcription and voice synthesis features |
| Written content | Art encounter notes, living letters, collection memoirs | Journaling and AI enrichment |
| Estate designations | Heir names, contact details, relationships, estate instructions | Legacy and estate vault features |
| Gallery partner details | Business name, contact person, email, subscription details | Gallery partnership management |
| Category | Examples | Purpose |
|---|---|---|
| Location data (GPS) | Coordinates logged during art encounters | Encounter mapping and provenance |
| Device information | Device type, operating system, app version | Service delivery and debugging |
| Usage data | Features accessed, session duration, error logs | Service improvement |
| Audit trail data | Timestamps, actions performed, SHA-256 integrity hashes | Data integrity and provenance verification |
| Category | Source | Purpose |
|---|---|---|
| AI vision analysis | Artwork images processed by Google Gemini | Style identification, condition assessment, valuation assistance |
| AI text enrichment | Written content processed by Anthropic Claude | Artist research, provenance enrichment, collection insights |
| Voice transcriptions | Voice recordings processed by Google Gemini STT | Converting speech to searchable text |
| Synthesised voice | Text processed by ElevenLabs | Creating audio versions of stories and memoirs |
We collect location data (GPS coordinates) when you use the encounter feature. Location data is considered personal information under POPIA and we process it only with your explicit consent.
We do not collect special personal information as defined in Section 26 of POPIA (race, ethnicity, religion, political affiliation, health, sex life, biometric data, criminal history, trade union membership).
| Purpose | Lawful Basis | POPIA Section |
|---|---|---|
| To create and manage your account | Contract performance | Section 11(1)(b) |
| To provide art cataloguing, provenance, and certificate features | Contract performance | Section 11(1)(b) |
| To process AI vision analysis of artwork images | Consent | Section 11(1)(a) |
| To process AI text enrichment of your written content | Consent | Section 11(1)(a) |
| To transcribe voice recordings via AI speech-to-text | Consent | Section 11(1)(a) |
| To synthesise voice via ElevenLabs | Consent | Section 11(1)(a) |
| To record GPS location during encounters | Consent | Section 11(1)(a) |
| To generate anonymised gallery analytics | Legitimate interest | Section 11(1)(f) |
| To process subscription payments | Contract performance | Section 11(1)(b) |
| To send service-critical notifications | Legitimate interest | Section 11(1)(f) |
| To maintain audit trails and data integrity | Legal obligation (ECTA s16) / legitimate interest | Section 11(1)(c) and (f) |
| To detect and respond to security incidents | Legitimate interest | Section 11(1)(f) |
| To comply with tax and company law obligations | Legal obligation | Section 11(1)(c) |
We do not use your personal information for direct marketing without separate, explicit consent as required by POPIA Section 69.
This is a material aspect of how Atteste works. We disclose it in accordance with POPIA Condition 6 (Openness).
| Provider | Service | What Is Sent | Jurisdiction |
|---|---|---|---|
| Google LLC (Gemini 2.0 Flash) | Vision analysis of artworks; text generation; speech-to-text transcription | Artwork images, text queries, voice audio | United States |
| Anthropic, PBC (Claude) | Text enrichment, artist research, collection summaries, memoir generation | Text content, artwork metadata | United States |
| ElevenLabs, Inc. | Text-to-speech voice synthesis | Text content for audio rendering | United States / EU |
When you use Atteste's AI features:
The AI providers process this data to generate responses and return them to Atteste. They do not use your data for their own model training under their commercial API terms.
In accordance with POPIA Condition 3 (Purpose Limitation), we send only the information necessary for each AI interaction. We do not send your full collection or personal details for purposes unrelated to the specific feature you are using.
You may choose not to use AI features. Core cataloguing, manual provenance recording, and basic collection management work without AI processing. If you withdraw consent for AI processing, these features will be disabled for your account, but your existing data will be retained.
Atteste collects GPS coordinates when you use the Encounter feature (recording where you saw, acquired, or exhibited an artwork).
| Aspect | Detail |
|---|---|
| When collected | Only when you actively create an encounter |
| Precision | Standard GPS accuracy (typically 3-10 metres) |
| Purpose | Mapping your art journey; provenance evidence |
| Storage | Stored with the encounter record in Firestore (africa-south1) |
| Consent | Explicit consent required; device location permission must be granted |
| Withdrawal | You can disable location permission at any time via device settings; existing encounter locations are retained unless you request deletion |
Atteste allows you to record voice stories and have them transcribed and synthesised.
| Aspect | Detail |
|---|---|
| What is recorded | Audio narrations you voluntarily create |
| Processing | Audio sent to Google Gemini (STT); text sent to ElevenLabs (TTS) |
| Storage | Audio files stored in Firebase Storage (africa-south1); transcripts in Firestore |
| Consent | Explicit consent for voice recording and AI processing required |
| Retention | Duration of your account; deleted with account closure |
| Cross-border | Audio crosses to USA for AI processing; not permanently stored outside SA |
Atteste's Legacy Vault allows you to designate heirs and create estate instructions.
| Aspect | Detail |
|---|---|
| Heir information | Name, contact details, relationship — provided by you |
| Access | Heirs cannot access your collection during your lifetime without your explicit authorisation |
| Consent | You are responsible for ensuring you have the right to provide heir personal information |
| Retention | Estate designations are retained for 5 years beyond last update, or until estate administration is confirmed complete |
| Audit trail | All estate access events are logged with SHA-256 integrity hashes |
If you visit galleries that partner with Atteste, anonymised analytics may be generated.
| Aspect | Detail |
|---|---|
| What is shared | Aggregated, anonymised visitor counts, dwell time, artwork engagement |
| Not shared | Your name, identity, or individually identifiable information |
| Legal basis | POPIA Section 6(1)(c) — anonymised data is excluded from POPIA's scope |
| Opt-out | You may disable gallery analytics in your profile settings |
Your personal information may be transferred outside South Africa as described in Section 4. These transfers are governed by Section 72 of POPIA.
| Legal Basis | POPIA Section | Application |
|---|---|---|
| Consent | Section 72(1)(b) | You consent via the POPIA consent gate before first use |
| Contractual safeguards | Section 72(1)(a) | AI providers are bound by DPAs with POPIA-equivalent protections |
Data residency: Your data at rest is stored in Google Cloud's africa-south1 region (Johannesburg, South Africa). Cross-border transfers occur only for active AI processing; data is not permanently stored outside South Africa.
In accordance with POPIA Section 19, we maintain:
| Measure | Detail |
|---|---|
| Encryption at rest | AES-256-GCM for sensitive fields |
| Encryption in transit | TLS 1.2+ for all communications |
| Access control | Firebase Authentication; user-scoped Firestore rules (you can only access your own data) |
| Data integrity | SHA-256 hash chains for provenance records and certificates (ECTA Section 14 compliance) |
| Append-only audit logs | Provenance and encounter records cannot be retrospectively altered |
| Data residency | Firestore and Firebase Storage in africa-south1 (Johannesburg) |
| Soft deletion | Deleted records retained 30 days for recovery, then permanently purged |
| Consent versioning | Policy changes trigger automatic re-consent |
| Continuous review | Security measures reviewed and updated per POPIA Section 19(2) |
| Data Category | Retention | Legal Basis |
|---|---|---|
| Account information | Account lifetime + 12 months | POPIA Section 14(1) |
| Artwork metadata | Account lifetime; export available | POPIA Section 14(1) |
| AI processing artefacts | 90 days | Legitimate interest (debugging) |
| Voice recordings / transcripts | Account lifetime | POPIA Section 14(1) |
| GPS encounter logs | Account lifetime | POPIA Section 14(1) |
| Certificates of authenticity | Account lifetime + 5 years | ECTA Section 16 (evidentiary value) |
| Estate designations | Account lifetime + 5 years or until estate administration complete | POPIA Section 14(1) |
| Anonymised gallery analytics | 2 years | Anonymised; POPIA Section 6(1)(c) |
| Consent records | Account lifetime + 5 years | POPIA accountability |
| Billing / payment records | 5 years from financial year end | Income Tax Act Section 29; VAT Act Section 55(3) |
| Soft-deleted records | 30 days | Operational recovery |
Full details are in our Data Retention Schedule.
| Right | POPIA Section | How to Exercise |
|---|---|---|
| Access | Section 23 | Email privacy@practacular.com |
| Correction | Section 24 | Email privacy@practacular.com |
| Deletion | Section 24 | Email or in-app account deletion |
| Object to processing | Section 11(3) | Email privacy@practacular.com |
| Withdraw consent | Section 11(2)(b) | In-app settings (disables AI/location/voice features) |
| Data portability | — | Request data export in JSON format |
| Restrict automated decisions | Section 71 | Email privacy@practacular.com |
| Complain | Section 74 | See Section 13 below |
We respond to access requests within 30 days (PAIA Section 56).
| Post | P.O. Box 31533, Braamfontein, Johannesburg, 2017 |
| complaints.IR@justice.gov.za | |
| Tel | (010) 023 5200 |
| Web | https://inforegulator.org.za |
Atteste is not directed at persons under 18. We do not knowingly collect personal information from children. If we learn we have collected such information without consent of a competent person (POPIA Section 35), we will delete it.
The Atteste application uses only session cookies strictly necessary for authentication. No third-party tracking or analytics cookies are used.
Material changes will be notified via the app or email. The consent version tracking mechanism will require you to re-accept the updated policy before continued use.
This policy is governed by the laws of the Republic of South Africa, including POPIA, PAIA, ECTA, and the CPA where applicable.
Yield SPM (Pty) Ltd | Reg 2024/185151/07 | privacy@practacular.com