Skip to content
Vela, Contemporary Portuguese
Sign In
Legal

Privacy Policy

Last updated 7 July 2026

Vela Contemporary Portuguese (“Vela”, “we”, “us”) respects your privacy. This policy explains what personal information we collect when you use www.velarestaurant.co.za and buy tickets to our events, how we use it, who we share it with, and your rights under South Africa’s Protection of Personal Information Act, 2013 (POPIA).

1. Personal information we collect

Information you give us

  • Account and booking details: your name, email address and phone number. When you set a password, we store it only as a secure, one-way hash; we never see or keep your actual password.
  • Order and ticket information: the events you buy, quantities and amounts, your order reference, ticket codes, and whether tickets have been used at the door.
  • Reservation details: if you book a table, our reservation partner Dineplan collects your booking details (name, contact, party size, date and time) through its widget.
  • Messages: anything you send us by email or through the site.

Information collected automatically

  • Payment information: payments are processed by PayFast. We do not receive or store your card details. We do keep a record of the amount, the payment method and PayFast’s payment reference.
  • Technical and log data: our server records standard information such as your IP address, browser type and time stamps, to keep the service secure and working.
  • Cookies: we set one essential cookie to keep you signed in (vela_session). Where you consent, we also use analytics and advertising cookies (see section 6 and our Cookie Policy).

2. How we use your information and our lawful basis

  • To create and manage your account and to fulfil ticket orders, issue tickets and manage door check-in (to perform our contract with you).
  • To process payments through PayFast (to perform our contract).
  • To send you transactional messages such as order confirmations and set-password links (to perform our contract).
  • To respond to enquiries and reservations (our legitimate interest, or to take steps at your request).
  • To keep the site and accounts secure and prevent fraud (our legitimate interest and legal duty).
  • To understand site usage and reach the right audiences through analytics and advertising, only where you have given consent (see section 6).
  • To meet legal, tax and accounting obligations.

3. Payments

Card payments are handled entirely by PayFast, a licensed South African payment provider. We share the name, email address, amount and order reference needed to take the payment. We never receive your full card details. See PayFast’s own privacy terms at payfast.io.

4. Who we share your information with

We share personal information only with the operators that help us run the service, and only as needed:

  • PayFast — to take and confirm payments.
  • Dineplan — to manage table reservations you make through the widget.
  • Our email service provider (Creative & Stuff) — to send confirmations and account emails.
  • Google (Google Analytics) and Meta (Facebook Pixel) — for site analytics and advertising, once enabled and only with your consent.
  • Our hosting provider — which stores the site and its data on secure servers.
  • Authorities or advisers — where we must comply with the law, or to establish or defend legal claims.

We do not sell your personal information.

5. Cross-border transfers

Some of these operators (for example Google and Meta) may process information outside South Africa. Where that happens, we take reasonable steps to ensure your information is protected to a standard consistent with POPIA (section 72).

6. Cookies, analytics and advertising

We use a small number of cookies. The only one that is strictly necessary keeps you signed in. Analytics (Google Analytics) and advertising (Meta Pixel) cookies are not set unless you accept them through our cookie banner, and you can change your choice at any time. Full detail is in our Cookie Policy.

7. How we protect your information

We take reasonable technical and organisational measures to protect your information, including secure one-way hashing of passwords, encrypted connections (HTTPS/TLS), restricted administrative access, and time-limited login sessions. No system is perfectly secure, but we work to keep your information safe.

8. How long we keep it

We keep your account and order information until you ask us to delete it. Where the law requires us to keep certain records (for example tax and accounting records of a purchase), we retain the minimum necessary for the required period, then delete or anonymise it.

9. Your rights under POPIA

You have the right to:

  • ask what personal information we hold about you and get a copy;
  • ask us to correct or update it;
  • ask us to delete it, subject to any records we must keep by law;
  • object to processing based on our legitimate interests;
  • withdraw consent for analytics or advertising at any time; and
  • complain to the Information Regulator.

To exercise any of these, contact info@velarestaurant.co.za. You can also complain to the Information Regulator (South Africa) at inforegulator.org.za.

10. Children

The site and ticketing are intended for people aged 18 and over. We do not knowingly collect information from children without parental consent.

11. Changes to this policy

We may update this policy from time to time. The current version is always the one published here.

12. Contact