Data Processing Agreement

Crewfinder generally acts as the controller of account, marketplace, moderation, billing, and platform-operation data that it decides to collect and use to run the service.

Where Crewfinder processes information on behalf of a company, venue, provider, or other customer in a more limited service role, Crewfinder may also act as an operator or processor for specific processing activities within the platform.

Crewfinder processes user, company, venue, service-provider, billing, messaging, workflow, and operational data needed to support Find, Connect, Assign, and Work across the platform.

Crewfinder uses infrastructure and service providers such as Supabase and other operational vendors for hosting, storage, authentication, notifications, analytics, and platform security under appropriate operational safeguards.

• Access to production systems is limited to authorised personnel and service paths.
• Crewfinder uses technical and organisational controls intended to reduce misuse, unauthorised access, and accidental loss.
• Data handling is scoped to platform operations, trust and safety, legal compliance, and support needs.

Crewfinder aims to process personal information in line with applicable South African data-protection principles, including lawful processing, reasonableness, security, and transparency.

Users may exercise rights available under applicable law, including requests for access, correction, or deletion where appropriate, subject to legal, security, and platform-integrity constraints.

If Crewfinder becomes aware of a material security incident affecting personal information under its control, it may investigate, contain, and notify affected parties or regulators where required by law and appropriate to the nature of the incident.