Cart
Account

Privacy Policy

1. Introduction / Purpose

This Privacy Policy explains how [Your Company Name] (“we”, “us”, “our”) collects, processes, and protects your personal information when you use our online store. We are committed to protecting your privacy in accordance with the Protection of Personal Information Act 4 of 2013 (“POPIA”) and all other applicable South African data privacy laws.

2. Who We Are

Company Name: [Insert Company Name]
Registration Number: [Insert Registration Number]
Registered Address: [Insert Address]
Contact Details: [Insert Email and Phone]
Information Officer: [Insert Information Officer’s Name and Contact Email]

3. Definitions

  • Personal Information: Any information relating to an identifiable natural or juristic person, as defined by section 1 of POPIA.

  • Processing: Any operation or activity involving personal information, including collection, use, storage, sharing, or destruction.

  • Data Subject: The person to whom the personal information relates (i.e., our customer or site visitor).

  • Responsible Party: The entity deciding the purpose and means of processing personal information (i.e., [Company Name]).

4. What Personal Information is Collected

We may collect and process the following categories of personal information:

  • Name and surname

  • Identity number

  • Contact details (email, phone, physical address)

  • Billing and shipping addresses

  • Order history and transaction details

  • Account login details (username, password—encrypted)

  • Payment information (credit/debit card details via secure providers)

  • Device data (IP address, browser type, OS, cookies, analytics ID)

  • Marketing preferences and communication history

5. How Data is Collected

We gather personal information in the following ways:

  • Directly from you via order forms, registration, checkout, and customer support queries.

  • Automatically through cookies, analytics tools, and similar tracking technologies when you use our website.

  • From payment processors and shipping/courier partners involved during order fulfilment.

  • From third-party plugins or integrations (e.g., reviews, wish lists, loyalty programs) when you interact with these services.

6. Purpose of Processing

Your personal information is processed for the following purposes:

  • To fulfil and deliver your orders.

  • Provide customer service and process returns/refunds.

  • Send service-related notifications, order updates, and invoices.

  • Customize your shopping experience and display relevant products.

  • Manage and improve our website performance (analytics/statistics).

  • Comply with legal and tax requirements.

  • Communicate promotions, if you opt in for marketing.

7. Legal Basis for Processing

We process your data on the following legal grounds:

  • Your explicit consent.

  • To perform contractual obligations (e.g., processing and delivering orders).

  • To comply with applicable legal obligations (tax, accounting, regulatory).

  • Our legitimate business interests (running and securing our eCommerce store).

8. Consent

  • We will obtain your explicit consent wherever required by law—especially for marketing communications and placing non-essential cookies.

  • You can withdraw your consent at any time by [describe how: e.g. updating profile settings, clicking ‘unsubscribe’, or contacting us].

  • If you do not provide certain mandatory information, we may not be able to process your order or provide specific services.

9. Cookies & Tracking

  • Our website uses essential and non-essential cookies.

  • Essential cookies are required for website operation and order processing.

  • Non-essential cookies (analytics, marketing) are used only if you consent.

  • You can manage cookies via your browser settings or use the cookie consent tool on our website for granular control.

10. How Data is Used and Shared

  • Your data is processed for eCommerce and support purposes only.

  • We do not sell your personal data.

  • Data is shared with:

    • Payment processors (e.g., PayFast, PayPal)

    • Couriers and delivery companies

    • IT and web hosting providers

    • Customer service support software providers

    • Legal and compliance advisors where necessary

  • If we transfer data outside South Africa, we ensure adequate data protection safeguards as required by POPIA.

11. Cross-Border Transfers

  • If personal information is transferred outside South Africa (for hosting or backup), we ensure the recipient is subject to binding agreements or laws that offer an adequate level of protection compliant with POPIA.

12. Security Safeguards

  • We take reasonable technical and organisational precautions to protect your information, including SSL encryption, secure data storage and backup, access controls, and staff training.

  • However, the internet is not perfectly secure, and absolute security cannot be guaranteed.

13. Data Retention

  • We retain your information only for as long as necessary:

    • Order, payment, and invoice data: 5 years (as required by tax laws)

    • User account data: as long as your account remains active

    • Marketing data: until you withdraw consent/unsubscribe

  • After these periods, your data is securely destroyed or anonymized.

14. Data Subject Rights

Under POPIA you have the right to:

  • Access your personal data

  • Correct or update your personal data

  • Request deletion (“right to be forgotten”)

  • Object to or restrict data processing

  • Receive a copy of your data in a portable format (data portability)

  • Lodge a complaint with us or the Information Regulator

To exercise these rights, please contact our Information Officer (see section 18).

15. Automated Processing / Profiling

  • Our website may use limited automated processing (e.g., to screen orders for suspected fraud), and marketing segmentation based on purchase history. No significant decisions are made solely by automated means.

16. Children’s Privacy

  • Our services are not directed at children under the age of 18.

  • We do not knowingly collect personal information from children. If we discover such data has been collected, we will promptly delete it.

17. Complaint Process

  • If you believe your data has been handled unlawfully, contact our Information Officer (details below).

  • Should you remain unsatisfied, you may lodge a complaint with the South African Information Regulator:

18. Contact Information

Information Officer: [Insert Information Officer Name]
Company Name: [Insert Company Name]
Email: [Insert Email Address]
Telephone: [Insert Phone Number]
Postal Address: [Insert Postal Address]

19. Policy Updates

  • This policy may be updated from time to time.

  • We will display the latest version and the effective date at the top of this page.

  • Substantial changes may be communicated via email or website notification.

Scroll to Top