Privacy Policy

Last updated: 14 July 2026

1. Who we are

This website (optivohealth.com) is operated by Optivo Health Solutions (Pty) Ltd (“Optivo”, “we”, “us”), a company registered in South Africa (registration number 2025/902432/07).

Optivo provides a workflow-first digital health record platform for optometry practices. This policy explains how we handle personal information collected through this website, in line with the Protection of Personal Information Act, 2013 (POPIA). We are the responsible party for the personal information described in this policy.

2. Our Information Officer

Our registered Information Officer is Heinrich Wobbe. If you have any question about this policy or how we handle your personal information, contact us by email at admin@optivohealth.com.

3. What personal information we collect

a. When you submit our practice sign-up form. To register your interest in the Optivo beta and prepare your onboarding, we collect information you provide, which may include:

We do not collect banking or debit-order details through this website. Those are collected separately on the signed beta agreement.

b. When you contact us. If you email us or otherwise get in touch, we keep your contact details and the content of your message so we can respond and follow up.

c. Automatically, when you visit the site. Like most websites, our web server may log limited technical information — such as your IP address, browser type and the pages you view — to keep the site secure and working. Our pages also load fonts from Google Fonts, which means Google receives your IP address when a page loads. We do not run advertising or analytics tracking on the site. See section 8.

4. Why we collect it, and our lawful basis

We process this information to:

Our lawful bases under POPIA (section 11) are: your consent; the conclusion or performance of a contract to which you are a party (or steps taken at your request before contracting); compliance with a legal obligation; and our legitimate interests in operating and growing the service, balanced against your rights. Providing the sign-up information is voluntary, but without it we cannot register your practice or set up onboarding.

5. Who we share it with

We do not sell your personal information. We share it only with:

6. Storage and cross-border transfer

Our platform data is hosted with a reputable cloud provider on infrastructure located in the European Union (Ireland). Some supporting tools (for example logging and messaging services) may process limited technical data on servers outside South Africa, including in the European Union and the United States.

Where personal information is transferred outside South Africa, we do so in line with section 72 of POPIA — relying on the recipient being subject to laws or binding agreements that provide an adequate, comparable level of protection, and on contractual safeguards with our providers. Information is encrypted in transit (TLS) and at rest (AES-256).

7. How long we keep it

We keep your personal information only for as long as needed for the purposes above — while we are in contact about the beta and for the duration of any resulting relationship with your practice — and thereafter for as long as the law requires or as needed to resolve disputes and enforce our agreements. When it is no longer needed, we securely delete or de-identify it.

8. Cookies and analytics

Our website does not use advertising cookies, analytics, or third-party tracking, and we do not track you across other websites. Our hosting may set a strictly necessary cookie to keep the site working and secure; the site does not otherwise store cookies on your device. Our pages load fonts from Google Fonts, so Google receives your IP address when the fonts load — this does not place tracking cookies on your device. You can control or delete cookies through your browser settings. If we add website analytics in future, we will update this policy to name the tool and describe what it collects.

9. Your rights

Under POPIA you have the right to:

To exercise any of these rights, contact our Information Officer at admin@optivohealth.com. We may need to verify your identity before acting on a request.

10. Complaints to the Regulator

If you believe we have not handled your personal information lawfully, you may complain to:

The Information Regulator (South Africa)
Email: enquiries@inforegulator.org.za / POPIAComplaints@inforegulator.org.za
Telephone: +27 (0)10 023 5200
Website: inforegulator.org.za

We’d appreciate the chance to address your concern first — please contact us before, or alongside, approaching the Regulator.

11. Patient records in the Optivo application

This policy covers only the information collected through this website. Patient clinical records processed inside the Optivo application are handled by Optivo as an operator on behalf of each practice, and are governed by the agreement between Optivo and that practice — not by this policy.

12. Security

We take reasonable technical and organisational measures to protect personal information against loss, unauthorised access and misuse — including encryption in transit and at rest, access controls, and a documented data-breach response procedure. No system is perfectly secure, but we work to protect your information and to respond promptly if something goes wrong.

13. Changes to this policy

We may update this policy from time to time. The “last updated” date at the top shows when it last changed. Material changes will be posted on this page.