Legal

Privacy policy

Last updated 7 July 2026

Who we are

Earshot is a brand-monitoring service operated by Bokang Sibolla Digital, Cape Town, South Africa, which is the responsible party under POPIA and the data controller under GDPR for the personal information described here. This policy explains what we collect, why, and what your rights are. It is written to be read, so if anything is unclear, email us at hello@bokangsibolla.com and we will explain it plainly.

What we process

We process three categories of data:

  • Public mentions data. Posts, articles, videos, comments and reviews that mention the keywords you track. All of it is already public on the source platform before we ever see it.
  • Account data. Your email address, your organization name, and your billing records.
  • Usage data. How you use the product: pages viewed inside the app, features used, and technical logs needed to keep the service running. We do not run advertising trackers, and the only cookies we set are the ones that keep you signed in.

Where mention data comes from

Earshot collects from public sources only. We do not access private accounts, private groups, or direct messages, and we do not scrape sources whose terms forbid it. Hellopeter is a concrete example: its terms do not allow scraping, so we refuse to scrape it, even though competitors’ dashboards would look fuller for it. If a source cannot be monitored properly and permissibly, we leave it out and say so.

Subprocessors

These companies process data on our behalf, each for one job:

  • Supabase: database and authentication hosting.
  • Vercel: application hosting.
  • Anthropic: AI classification of public mentions (sentiment, topic, severity).
  • Apify: collection of public mentions from social and review platforms.
  • Paystack: payment processing. We never see or store your full card number.
  • Resend: email delivery for alerts and reports.

If this list changes, this page changes with it.

Your rights under POPIA and GDPR

South Africa’s Protection of Personal Information Act (POPIA) and the European Union’s General Data Protection Regulation (GDPR) both give you rights over your personal data, and we honour them for everyone regardless of where you live. You can ask for a copy of the personal data we hold about you, ask us to correct it, or ask us to delete it. Email hello@bokangsibolla.com and we will act on the request within 30 days, usually much faster.

Retention and deletion

When you delete your account, your account data and your projects’ mention data are deleted from our systems within 30 days. Billing records are kept as long as South African tax law requires, and no longer.

Changes and contact

If this policy changes in a way that matters, we will email account holders before the change takes effect. Questions, requests and complaints all go to hello@bokangsibolla.com.