Data Deletion
Last updated: 12 June 2026
1. Your Right to Deletion
You can ask VaultAir Systems (Pty) Ltd to delete the personal information we hold about you. This right is recognised under the Protection of Personal Information Act, 2013 (POPIA) in South Africa, the General Data Protection Regulation (GDPR) Article 17 ("right to erasure") in the EU/EEA, the UK GDPR, and other applicable data protection laws.
This page covers deletion of data held through the VaultAir corporate website. Our products manage their own data and have their own deletion routes (see Section 6).
2. What You Can Request
In addition to deletion, you may also request to:
Access: Receive a copy of the personal information we hold about you.
Correct: Fix inaccurate or incomplete information.
Delete: Have your personal information erased where there is no overriding legal reason to keep it.
Restrict or object: Limit or object to certain processing of your information.
3. How to Request Deletion
Email privacy@vaultair.systems with the subject line "Data Deletion". Tell us what you would like deleted and, where relevant, which service the request relates to (for example, a website contact-form enquiry).
To protect your information, we may need to verify your identity before we act on a request. We will only use the details you provide to handle your request.
4. What Happens Next
- We acknowledge your request and may ask for verification or clarification.
- We aim to complete verified requests within 30 days (or one month where GDPR/UK GDPR applies). If a request is complex, we will let you know and may extend this period as permitted by law.
- We confirm in writing once your request has been actioned.
- There is no charge for a reasonable request. We may decline or charge a reasonable fee only where the law allows (for example, manifestly unfounded or excessive requests).
5. Exceptions and Retention
We will delete or anonymise your personal information unless we are required or permitted by law to keep it. We may retain limited information where necessary to:
- comply with legal, tax, accounting, or regulatory obligations;
- establish, exercise, or defend legal claims; or
- detect and prevent fraud, abuse, or security incidents.
Information held in routine encrypted backups is removed as those backups cycle out of retention. Where we cannot fully delete data, we restrict its processing until deletion is possible.
6. Product-Specific Deletion
Data you create inside our products is governed by each product’s own privacy policy and deletion process:
Jan on Health: Email privacy@vaultair.systems with the subject line "Data Deletion", see janonhealth.com/datamanagement, or message JoH on WhatsApp.
LenNotes: Email privacy@vaultair.systems with the subject line "Data Deletion", see vaultair.systems/lennotes/privacy, or use the LenNotes support form.
7. Lodging a Complaint
If you are unhappy with how we handle your request, you may lodge a complaint with a supervisory authority: the Information Regulator (South Africa) at inforegulator.org.za; your local EU data protection authority (see edpb.europa.eu); or the UK Information Commissioner’s Office (ICO) at ico.org.uk.
8. Ongoing Improvements
We are building automated, self-service data deletion tools to make requests faster and more transparent. Until those are available, requests are handled manually so each one is reviewed and processed correctly. We will publish updates on this page as new tools become available.
