GreatHeartsBack to Home

Last Updated: January 2026

Privacy Policy

The Short Version

We collect the information you share to build your professional profile. We don't sell your data. We share it only with employers and recruiters you've agreed to be visible to. You can delete your account anytime.

1. Who We Are

GreatHearts ("we," "us," "our") operates greathearts.io, a professional profile platform helping South African professionals showcase their work to international opportunities.

Responsible Party (POPIA):

Futures Group (Pty) Ltd (Reg: 2024/663048/07)

Trading as GreatHearts and SA Rejects

Ballito, KwaZulu-Natal, South Africa

Contact: privacy@sarejects.com

2. What We Collect

We collect information you voluntarily provide:

Account Information

  • Name and email address
  • Password (encrypted, we never see it)
  • LinkedIn profile URL (for verification)

Profile Information

  • Professional headline and summary
  • Work history and company names
  • Skills and expertise areas
  • Proof of work (achievements, projects, metrics)
  • Methodologies and frameworks you use
  • Professional photo
  • Attachments (certificates, portfolio items, documents)

Usage Information

  • How you interact with the platform
  • Device and browser type
  • IP address and general location

Optional Information

  • Salary expectations (if you choose to share)
  • International readiness details
  • Contact preferences

3. How We Use Your Information

We use your information to:

  • Deliver the service: Build and host your professional profile
  • Verify your identity: Confirm your LinkedIn profile ownership
  • Connect you with opportunities: Show your profile to employers and recruiters (with your consent)
  • Improve the platform: Understand how people use GreatHearts
  • Communicate with you: Send service updates, not marketing spam
  • Ensure security: Detect and prevent fraud or abuse

We process your data based on:

  • Your consent (you signed up and agreed)
  • Contract performance (delivering the service you requested)
  • Legitimate interest (improving and securing the platform)

4. Who We Share Your Information With

Your Published Profile

When you publish your profile, it becomes visible at greathearts.io/[your-slug]. Anyone with the link can view it. This is the point: you're showcasing your work.

Employers and Recruiters

If you opt in to be discoverable, verified employers and recruiters on our platform can search and view your profile. You control this visibility in your settings.

Service Providers

We use trusted third parties to run the platform:

  • Supabase (database and authentication) - US/EU servers
  • Vercel (hosting) - Global edge network
  • Resend (email delivery) - US servers
  • Anthropic (AI processing for profile generation) - US servers
  • Logo.dev (company logo fetching)

These providers only access data necessary to perform their services and are bound by confidentiality.

Legal Requirements

We may disclose information if required by law or to protect the rights, safety, or property of GreatHearts, our users, or the public.

We Never Sell Your Data

We don't sell, rent, or trade your personal information to third parties for marketing purposes. Ever.

5. International Data Transfers

Your data may be processed outside South Africa, including in the United States and European Union, where our service providers operate.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses
  • Provider certifications and security measures
  • Encryption in transit and at rest

6. How We Protect Your Information

We implement appropriate security measures:

  • All data transmitted via HTTPS (TLS encryption)
  • Passwords are hashed (we cannot see them)
  • Database encryption at rest
  • Access controls limiting who can view data
  • Regular security reviews

No system is 100% secure, but we take reasonable steps to protect your information.

7. How Long We Keep Your Data

We retain your information for as long as your account is active or as needed to provide services.

If you delete your account:

  • Profile data is deleted within 30 days
  • Backups are purged within 90 days
  • Anonymized analytics may be retained

We may retain certain information longer if required by law or for legitimate business purposes (e.g., resolving disputes).

8. Your Rights Under POPIA

As a South African resident, you have the right to:

Access

Request a copy of the personal information we hold about you.

Correction

Ask us to correct inaccurate or incomplete information.

Deletion

Request that we delete your personal information. We'll comply unless we have a legal obligation to retain it.

Objection

Object to processing of your information in certain circumstances.

Restriction

Ask us to limit how we use your information.

Data Portability

Receive your data in a structured, commonly used format.

Withdraw Consent

Withdraw consent at any time where we rely on consent to process your data.

To exercise these rights:

Email privacy@sarejects.com with your request. We'll respond within 30 days.

Complaints:

If you're not satisfied with our response, you can lodge a complaint with the Information Regulator:

  • Website: www.justice.gov.za/inforeg
  • Email: inforeg@justice.gov.za

9. Cookies

We use minimal cookies:

Essential Cookies

Required for the platform to function (authentication, security).

Analytics Cookies

Help us understand how people use GreatHearts. We use privacy-focused analytics that don't track you across the web.

We don't use advertising cookies or sell cookie data.

10. Children's Privacy

GreatHearts is not intended for anyone under 18. We don't knowingly collect information from children. If we learn we've collected data from a child, we'll delete it promptly.

11. Data Breaches

If we experience a data breach that poses a risk to your rights and freedoms, we will:

  • Notify you within 72 hours
  • Inform the Information Regulator as required
  • Take immediate steps to contain and remedy the breach

12. Changes to This Policy

We may update this policy from time to time. We'll notify you of significant changes via email or a notice on the platform.

Continued use of GreatHearts after changes constitutes acceptance of the updated policy.

13. Contact Us

Questions about this policy or your data?

Email: privacy@sarejects.com

This policy complies with the Protection of Personal Information Act (POPIA) of South Africa. For users in the EU, we also respect GDPR principles.