How we collect, use and protect your personal data when you visit our website, use the Orbit app or run the Meshtrack platform.
Last updated · 12 May 2026
This notice applies across the Meshtrack website, the Orbit mobile app and all related Meshtrack services (collectively, the "services"). It explains how we collect, use, store and share personal data.
When we say "personal data" we mean identifiable information about you — name, email, phone, address, payment details, support history, and so on. Anonymised or aggregated data that cannot identify you is outside the scope of this notice.
We may update this notice from time to time. Where a change is significant, we'll tell you — usually by email or via the website footer.
Who we are
When we refer to "we", "our" or "us", we mean Sethala (Pty) Ltd and its wholly-owned subsidiaries. Sethala is a South African Technology Solutions company headquartered in Gauteng. We design, build and run Meshtrack (indoor location), IDLINK (IoT), Tracepoint (RFID) and adjacent enterprise platforms for customers across Africa and beyond. We are ISO 27001 certified across our information-security management.
Our principles of data protection
Four principles sit at the heart of every decision we make about personal data.
Transparency
We take a human approach to how we process personal data — open, honest and clearly written.
Enablement
We use data to make our customers' operations more efficient — never to surveil their people or sell information onwards.
Security
ISO 27001 certified. We apply industry-leading controls to every product, every server, every endpoint.
Stewardship
We accept the responsibility that comes with processing personal data. Period.
How we collect your data
When you visit our website or use our services, we collect personal data in three broad ways.
Information you provide directly
When you contact us via the website form, request a demo, sign up for an account, or email us — we collect what you provide: name, company, role, email, phone, and the details of your enquiry.
Information we collect automatically
When you visit the Meshtrack website or use the Orbit app we automatically collect technical signals such as your IP address, device type, browser, and which pages or screens you visited. Some of this uses cookies and similar tools.
Information from the Orbit mobile app
With your consent we collect data the app needs to deliver indoor location and setup:
·Device information — type, model, OS version, unique device IDs.
·Usage data — features used, screens viewed, time and date of sessions.
·Location data — phone position during setup and the position of any tags / anchors you bind. This is functional, not behavioural — disabled per role or per zone if you configure it that way.
·AR room-scan data — wall geometry of the spaces you scan, retained against your tenancy.
How we use your data
First and foremost, to deliver the services you've engaged us for. Beyond that, we use personal data to:
Operate the Meshtrack platform and Orbit app for you
Communicate with you about your account, enquiries and support requests
Provide technical and customer support
Improve the website and product (anonymised analytics)
Detect, prevent and respond to security incidents
Send you product updates or marketing (only if you've opted in — unsubscribe links on every email)
How we share your data
We do not sell your personal data. We disclose it only to:
Other Sethala group companies operating the product (IDLINK, Tracepoint, etc.)
Sub-processors and integration partners strictly necessary to deliver the service (e.g. SendGrid for transactional email, Cloudflare for edge / DNS, your chosen mobile carrier for SMS)
Regulators, law enforcement and courts where we are legally required to disclose
An actual or potential acquirer in the event of a business merger or sale
Anyone you explicitly give us consent to share with
Security
Security is a priority. We're ISO 27001 certified and operate against an audited security baseline. Personal data is encrypted at rest, transmitted over TLS, and access is role-based and audited.
Retention
We keep personal data only as long as we have an ongoing business or legal need. After that period we delete or anonymise it in accordance with our retention policies. Customers can configure shorter retention for location data per role or zone.
Your rights
Under POPIA and equivalent laws, you have the right to:
Know what personal data we hold about you and request a copy
Have inaccurate or out-of-date information corrected
Ask us to delete your personal data, subject to legal retention obligations
Restrict or object to our processing of your personal data
Withdraw consent for marketing communications at any time
Lodge a complaint with the Information Regulator of South Africa (the POPIA regulator)
How to contact us
Questions about this notice, what we hold about you, or how to exercise your rights: