Part A — Terms of Service

1. Introduction

These Terms of Service (“Terms”) govern access to and use of the Naledi AI WhatsApp Receptionist service (“Service”), operated by Orion Ventures (“we”, “us”, “our”), a business operated by Graham Schubach.

By accessing or using the Service, you agree to be bound by these Terms.

If you do not agree, you may not use the Service.

2. Definitions

“Service”
ORION PRO or ORION PRO MED system and associated infrastructure
“Business Client”
Any entity using the Service to manage customer communications
“End User”
Any individual who interacts with ORION PRO or ORION PRO MED via WhatsApp
“Content”
Messages, documents, media, and data submitted through the Service
“Operators”
Third-party service providers processing data on our behalf
“POPIA”
Protection of Personal Information Act, 2013

3. Description of Service

ORION PRO or ORION PRO MED is an automated WhatsApp-based communication system that:

  • Responds to user enquiries on behalf of business clients (ORION PRO)
  • Processes incoming messages using AI systems (ORION PRO)
  • Retrieves information from client-provided knowledge bases (ORION PRO)
  • Facilitates lead generation and customer engagement (ORION PRO)
  • Analyses plant photos using AI vision models for health diagnosis (Orion PlantWise)
  • Provides plant care guidance, reminders, and encyclopedia (Orion PlantWise)

We do not guarantee uninterrupted availability or error-free operation of the Service.

4. Eligibility

You must be at least 18 years old or have legal capacity to enter into agreements in your jurisdiction to use the Service.

5. Account Registration

Business clients are responsible for:

  • Maintaining confidentiality of account credentials
  • Ensuring all provided information is accurate and lawful
  • Ensuring they have legal rights to upload any content or data provided to the Service

6. Acceptable Use

You agree not to:

  • Use the Service for unlawful, harmful, or deceptive purposes
  • Upload illegal, infringing, or offensive content
  • Attempt to reverse engineer or interfere with the system
  • Use the Service to send unsolicited spam or abuse users
  • Misrepresent identity or business information

We reserve the right to suspend or terminate access for violations.

7. Service Availability

We aim to provide continuous service but do not guarantee:

  • uninterrupted availability
  • error-free responses
  • compatibility with all third-party systems

The Service may be temporarily unavailable for maintenance, updates, or external provider outages.

8. Fees and Payment

Where applicable:

  • Fees are defined in a separate pricing agreement or invoice
  • Payments are processed via third-party payment processors
  • We do not store full payment card details

Failure to pay may result in suspension or termination of Service access.

9. Intellectual Property

All rights in the Service, including software, models, infrastructure, and branding, remain the property of Orion Dev Core or its licensors.

Business clients retain ownership of their uploaded business content.

10. Limitation of Liability

To the maximum extent permitted by law:

  • The Service is provided “as is” and “as available”
  • We are not liable for indirect, incidental, or consequential damages
  • We are not responsible for business losses, lost profits, or data loss
  • We are not liable for third-party service failures (including WhatsApp, AI providers, or hosting infrastructure)

11. Indemnity

Business clients agree to indemnify and hold harmless Orion Ventures against claims arising from:

  • misuse of the Service
  • unlawful content provided by the client
  • breach of these Terms
  • violation of third-party rights

12. Termination

We may suspend or terminate access:

  • for breach of these Terms
  • for legal or regulatory compliance reasons
  • for security or operational risks

Upon termination, data handling will follow the Privacy Policy retention rules.

13. Governing Law

These Terms are governed by the laws of the Republic of South Africa.

Part B — Privacy Policy (POPIA Compliant)

14. Responsible Party

Orion Ventures, operated by Graham Schubach, is the Responsible Party under POPIA.

We determine the purposes and means of processing personal information.

15. Information We Collect

15.1 End Users

  • WhatsApp number
  • Messages (text, voice, images, documents)
  • Voluntary personal identifiers (e.g., name)
  • Interaction metadata (timestamps, delivery status)
  • Plant photos submitted for AI diagnosis (Orion PlantWise)
  • Plant name, species, and care data (Orion PlantWise)

15.2 Business Clients

  • Identity and contact details
  • Business information
  • Uploaded knowledge base content
  • Billing metadata (processed externally)

15.3 Technical Data

  • System logs
  • Device and infrastructure metadata
  • API usage logs

16. Purpose of Processing

We process personal information to:

  • deliver AI-powered messaging services
  • respond to user queries
  • manage business customer engagement
  • maintain system performance and security
  • provide billing and administrative services
  • comply with legal obligations
  • improve service reliability and accuracy

17. Legal Basis (POPIA Section 11)

Processing is based on:

  • contractual necessity
  • legitimate interest (service operation, security, improvement)
  • legal obligation (tax, regulatory compliance)
  • consent (where voluntarily provided through usage)

18. Operators and Third Parties

We use contracted Operators including:

  • Cloudflare (hosting, security, infrastructure)
  • Cloudflare Workers AI / SiliconFlow (AI processing services)
  • WhatsApp / Meta Platforms (messaging infrastructure)
  • Payment processors (billing services)

All Operators are bound by written agreements requiring:

  • confidentiality
  • security safeguards
  • lawful processing
  • restriction of use to defined purposes

We do not sell personal information.

19. Cross-Border Data Transfers (POPIA Section 72)

Personal information may be processed outside South Africa.

Where cross-border transfers occur:

  • appropriate contractual safeguards are implemented
  • Operators are required to protect personal information to a standard comparable to POPIA
  • data is processed strictly for Service functionality

20. Data Retention

We retain personal information only as long as necessary:

  • Active conversations: duration of service relationship
  • Post-termination: deletion within ~60 days (unless legally required otherwise)
  • Business content: retained while account is active
  • Financial records: up to 5 years (legal compliance)
  • De-identified analytics: may be retained for service improvement

21. Security Measures

We implement reasonable safeguards including:

  • encrypted data transmission (TLS)
  • controlled access to systems
  • infrastructure-level security controls
  • monitoring and logging
  • reliance on secure third-party infrastructure providers

No system is fully secure, and we cannot guarantee absolute protection.

22. Data Subject Rights (POPIA)

You may:

  • request access to personal information
  • request correction or deletion
  • object to processing
  • request restriction of processing
  • request data portability
  • lodge complaints with the Information Regulator

Requests may be submitted via the contact details below.

23. Contact Details

Information Officer: Graham Schubach

WhatsApp: +27 72 497 1810

Email: info@oriondevcore.com

24. Information Regulator

Information Regulator of South Africa

https://www.justice.gov.za/inforeg/

inforeg@justice.gov.za

+27 10 023 5200

33 Hoofd Street, Forum III, Braampark, Johannesburg, 2001

25. Changes to Terms and Policy

We may update these Terms and Privacy Policy from time to time. Continued use of the Service constitutes acceptance of updated versions.

Investor / Due Diligence Notes (Non-Binding Summary)

This section is included for clarity in investment or enterprise review contexts:

  • The Service operates under a Responsible Party / Operator model aligned with POPIA
  • Data processing is primarily infrastructure-based (Cloudflare + AI APIs + messaging platforms)
  • No consumer data monetisation or advertising use occurs
  • System is designed for WhatsApp-based AI automation for SMEs
  • Core regulatory exposure: POPIA cross-border transfer compliance + AI vendor dependency risk