VoteChain
Get Started

Compliance

Compliance and governance information.

Last updated: March 2026

This page summarises how Deepsink Partners Technologies, operator of VoteChain, approaches governance, data protection, and regulatory alignment. It is for general information and does not replace our Privacy Policy, Terms of Service, or professional advice.

1. Regulatory alignment

We design and operate VoteChain with POPIA (South Africa), PAIA (access to records), and, where applicable, the GDPR (EU/UK) in mind. No summary on this page guarantees compliance in every customer use case; each organisation remains responsible for its own legal obligations when using the Service for regulated decisions or elections.

2. POPIA and PAIA (South Africa)

We aim to process personal information in line with accountability, lawfulness, purpose limitation, minimisation, security, and data-subject rights under POPIA.

For access to records held by us, PAIA may apply. Requests can be directed to support@votechain.app and will be handled in line with applicable law.

Information Officer: support@votechain.app

Users may lodge complaints with the Information Regulator (South Africa).

3. GDPR (European Union / UK)

Where GDPR applies, we support lawful bases, rights requests, data protection by design, subprocessor transparency, and international transfer safeguards as described in our Privacy Policy.

EU/UK users may contact support@votechain.app or a supervisory authority.

We do not claim ISO 27001, SOC 2, or similar certifications unless we publish a specific attestation.

4. Data location and transfers

Our primary hosting and processing for personal data is intended to be in the Republic of South Africa and the European Union. We use subprocessors (hosting, email, payments, sign-in, push, security challenges, monitoring) who may process data in other countries as needed to operate the Service. See the Privacy Policy and section 17 of the Terms of Service.

5. Subprocessors

We maintain contractual and practical controls with vendors appropriate to the risk. A detailed public subprocessors list may be provided on request or on our website as we formalise it.

6. Law enforcement and legal requests

We disclose information when required by valid legal process, or when necessary to protect safety, rights, or integrity of users and the platform. Unless prohibited by law, we may notify affected users of requests where feasible.

7. Accessibility and inclusion

We strive to improve accessibility of our public-facing experiences over time. Specific commitments may evolve with product updates.

8. Contact