Privacy Policy

Last updated: 15 July 2026

This document is provided for general information and does not constitute legal advice. We recommend that it be reviewed by a qualified legal professional before it is relied upon.

virtualverselabs(“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at virtualverselabs.comor interact with us. We handle personal information in accordance with the Protection of Personal Information Act, 2013 (“POPIA”) of South Africa and, where applicable, the EU/UK General Data Protection Regulation (“GDPR”).

1. Scope

This Policy applies to personal information we collect through our website, our contact and newsletter forms, and our communications with you. It does not apply to third-party websites or services that we link to but do not control. Our Products, such as Zerobillbot, may be governed by their own privacy notices.

2. Who We Are (Responsible Party / Data Controller)

For the purposes of POPIA, we are the “Responsible Party”, and for the purposes of the GDPR, we are the “Data Controller” for the personal information described in this Policy.

  • Entity: Virtualverselabs (Pty) Ltd
  • Registration number: 2024/685128/07
  • Information Officer: Fundo Thabethe
  • Address: 29 Kerk Street, Newtown, Johannesburg, 2001
  • Email: contact@virtualverselabs.com

3. Information We Collect

We collect only the information we need to respond to you and provide our Services:

  • Contact form: your name, email address, company name, the service you are interested in, and the contents of your message.
  • Newsletter signup: your email address.
  • Information you send us directly: any details you include when you email or otherwise communicate with us.
  • Technical data: when you visit the website, our hosting infrastructure may automatically log limited technical information such as your IP address, browser type, and the pages you visit, for security and reliability purposes.

We do not currently use analytics, advertising, or behavioural tracking technologies on the website. We do not knowingly collect special categories of personal information.

4. How We Use Your Information and Legal Basis

We use your personal information for the following purposes, relying on the legal bases indicated (under the GDPR) and the corresponding conditions for lawful processing (under POPIA):

  • To respond to enquiriessubmitted through the contact form or by email — on the basis of your consent and our legitimate interest in responding to you, and where relevant to take steps at your request prior to entering into a contract.
  • To send newsletters and updates— on the basis of your consent, which you may withdraw at any time by using the unsubscribe option or contacting us.
  • To provide and manage our Services— on the basis of performing a contract with you or your organisation.
  • To maintain the security and integrityof our website and to comply with our legal obligations — on the basis of our legitimate interests and legal compliance.

5. Cookies and Similar Technologies

Our website uses only essential/functional cookies necessary for the site to operate. We do not use advertising or analytics cookies.

Some pages include third-party embedded content — for example, a Google Maps embed on our contact page and Credly certification badges on our about page. These third parties may set their own cookies or collect usage data when their content loads. Their use of information is governed by their own privacy policies. You can control or block cookies through your browser settings, though this may affect how some features work.

6. How We Share Your Information

We do not sell your personal information. We share it only with trusted service providers (operators/processors) who help us run our website and communicate with you, and only to the extent necessary. These include:

  • Resend— email delivery service used to send form submissions and communications.
  • Notification webhook endpoint(s)— where configured, contact and newsletter submissions may be delivered to an internal endpoint we control.
  • Hosting and infrastructure providers Amazon Web Services (AWS) and Railway, which host our website and supporting infrastructure.
  • Embedded content providers— Google Maps and Credly, as described above, and image content delivery networks.

We may also disclose personal information where required by law, to protect our rights, or in connection with a business transfer.

7. International Data Transfers

We are based in South Africa, and some of our service providers may process personal information outside South Africa or outside your country of residence. Where we transfer personal information across borders, we take steps to ensure it receives an adequate level of protection, consistent with section 72 of POPIA and, for transfers subject to the GDPR, appropriate safeguards such as adequacy decisions or Standard Contractual Clauses.

8. Data Retention

We keep personal information only for as long as necessary for the purposes for which it was collected, to maintain our business records, and to comply with legal obligations. Newsletter subscription data is retained until you unsubscribe. When information is no longer needed, we securely delete or anonymise it.

9. How We Protect Your Information

We implement reasonable technical and organisational measures to protect personal information against loss, misuse, and unauthorised access, disclosure, or alteration. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Your Rights

Subject to applicable law, you have the right to:

  • access the personal information we hold about you;
  • request correction of inaccurate or incomplete information;
  • request deletion of your personal information where there is no lawful reason to keep it;
  • object to, or request that we restrict, certain processing of your information;
  • request a copy of certain information in a portable format (data portability, where the GDPR applies);
  • withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us at contact@virtualverselabs.com. We may need to verify your identity before responding.

11. Children's Privacy

Our website and Services are not directed at children, and we do not knowingly collect personal information from children without appropriate consent. If you believe a child has provided us with personal information, please contact us so we can remove it.

12. Third-Party Links

Our website may contain links to third-party websites and services. We are not responsible for their privacy practices, and we encourage you to review their privacy policies before providing them with personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last updated” date. We encourage you to review it periodically.

14. Complaints and Contact

If you have any questions or concerns about this Policy or how we handle your personal information, please contact our Information Officer, Fundo Thabethe, at contact@virtualverselabs.com. We will do our best to resolve your concern.

If you are not satisfied, you have the right to lodge a complaint with the Information Regulator (South Africa) at inforegulator.org.za. If you are located in the European Union or the United Kingdom, you may also lodge a complaint with your local data protection supervisory authority.

See also our Terms & Conditions.