Placeholder — operator/legal review required. OneMobile processes personal information under the Protection of Personal Information Act (POPIA) for South African clients (DEC-006). We do not target GDPR-specific rights in v1.
Recording retention
Call recordings and related metadata are retained per your tenant policy. The default retention horizon is 90 days (DEC-008). Shorter horizons can be set by your tenant administrator; longer retention requires written approval from OneMobile and is logged in our audit trail.
Erasure requests
Data-subject erasure requests are handled through our support ticket process in v1 (DEC-009). Sign in to the portal and raise a ticket, or email support — a self-serve delete control for recordings is planned for v1.5.
Payment data
Card payments are processed on PayFast hosted pages; card data does not touch OneMobile portal servers (PCI SAQ-A scope).