TamboValet

Privacy Notice

Last updated: 12 May 2026

1. Who we are

OR Tambo Airport Parking ("we", "us", "our") operates the website at ortamboparking.xyz. We are the data controller responsible for the personal data described in this notice.

2. Personal data we collect

  • Identity and contact data — name, email address, phone number.
  • Booking data — vehicle registration, flight number, check-in/out dates, chosen operator.
  • Account and support data — messages you send us via the contact form.
  • Technical data — IP address, browser type, device identifiers, usage telemetry.

Payment card details are collected directly by Paddle (our Merchant of Record) and are not stored on our systems.

3. How we use your data

  • To create and manage your booking and forward it to the chosen parking operator.
  • To provide customer support and respond to enquiries.
  • To send transactional emails (booking confirmations, receipts, cancellations).
  • To detect, prevent and investigate fraud, security incidents and policy violations.
  • To improve the service and our website.

4. Legal basis

We process your data to perform our contract with you (your booking), to comply with legal obligations, and where it is in our legitimate interests to operate, secure and improve the service.

5. Sharing your data

  • Parking operators — we share booking details with the operator you choose so they can deliver the service.
  • Paddle.com — our Merchant of Record, which processes payments, manages subscriptions, handles tax compliance, invoicing and refunds.
  • Service providers — hosting, database, email delivery and analytics subprocessors acting on our instructions.
  • Professional advisers — legal and accounting advisers where necessary.
  • Authorities — where required by law or to protect our rights.

6. Data retention

We keep booking records for as long as needed to provide the service and to meet our legal, tax and accounting obligations. Contact-form messages are kept for up to 24 months. Data is deleted or anonymised when no longer needed.

7. Your rights

Subject to applicable law (including South Africa's POPIA and, where it applies, the GDPR), you have the right to access, correct, delete or restrict the processing of your personal data, to object to processing, to data portability, to withdraw consent, and to lodge a complaint with your supervisory authority. Contact us using the details below to exercise any of these rights.

8. Security

We use appropriate technical and organisational measures including encryption in transit, access controls and least-privilege service credentials to protect your personal data.

9. Cookies

We use strictly necessary cookies to operate the site and limited analytics cookies to understand usage. You can manage cookies through your browser settings.

10. International transfers

Some of our service providers (including Paddle) may process data outside South Africa. Where this happens, appropriate safeguards (such as Standard Contractual Clauses) are in place.

11. Contact

Questions about this notice? Reach us via our contact page.