Privacy Policy

1. The Company collects, uses and, in some circumstances, shares the personal information of users in and through this website and during the provision of services to you.
2. The Company respects the rights of users whose personal information is collected and used by it, including their right to protection against the unlawful collection, retention, sharing and use of such personal information.
3. The purpose of this privacy policy is to provide users with information about the information processing activities of The Company and the manner in which their rights are protected.
4. This privacy policy shall serve as a notification to users about The Company’s processing activities which will remain valid for as long as one has an active account with or is using the services of The Company, including the browsing of this website.
5. The Company may amend the provisions of this privacy policy to comply with any changes in the law, and/or pursuant to any changes to its information processing activities or privacy practices. Such amendments will be published on the website and will become operable from the date of such publication.
6. This privacy policy, and the interpretation and enforcement thereof, will be governed by the laws of the Republic of South Africa.
7. The provisions of this privacy policy are, as far as possible, incorporated into any agreement between The Company and users.

1. In this privacy policy, the following words bear the following meanings:
   1. “consent” means any voluntary, specific and informed expression of will in terms of which permission is given by or on behalf of a user for the processing of their personal information.
   2. “direct marketing” means to approach a data subject, either in person or by mail or electronic communication, for the direct or indirect purpose of promoting or offering to supply any goods or services to the data subject.
   3. “information officer” means the Information Officer of The Company from time to time.
   4. “operator” means an outside third party who processes personal information for or on behalf of The Company in terms of a contract or mandate.
   5. “PAIA” means the Promotion of Access to Information Act 2 of 2000.
   6. “personal information” means any information linked to a user or information that can identify a user, including but not limited to: information relating to a user’s gender, nationality, ethnic or social origin, age, language; a user’s email address, physical address, telephone number, location information or online identifier; a user’s financial information including banking details and invoice information; a user’s personal opinions, views or preferences; correspondence sent by a user which is of a private or confidential nature; the user’s special personal information; and the user’s name if it appears with other personal information relating to that user.
   7. “POPIA” means the Protection of Personal Information Act of 2013, including any regulations or codes of conduct promulgated under it.
   8. “processing” means any operation or activity relating to personal information, including collection, receipt, recording, organisation, storage, updating, retrieval, use, dissemination, merging, linking, restriction, erasure or destruction of that information.
   9. “special personal information” means the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health, sex life or any biometric information of a user.
   10. “services” means the services provided to any user by The Company.
   11. “user” means a visitor or user of this website or application, or any of the content or services associated with this website.
   12. “the website” means the website accessible from www.siteessence.co.za.

1. The Company will be the party who will be collecting and processing a user’s personal information and as such is designated as the “responsible party” for the purposes of this policy.
2. The Company’s contact details are as follows:
   1. Email: support@siteessence.co.za
   2. Website: www.siteessence.co.za
3. The Company may instruct third-party operators from time to time to undertake certain processing activities relating to the user’s personal information.

1. The types of personal information we may collect include:
   1. Personal information — such as your name, date of birth, home language, address, account information, and email address.
   2. Your contact with us — such as a note or recording of a call you make to our call centre, an email or other records of any contact you have with us.
   3. Account information — such as product type, dates of payment owed and received, top-up information or any other information related to your account.
   4. Financial information — such as bank account details for debit orders.
2. The supply of personal information by the user to The Company is voluntary and not mandatory. However, if the user refuses to supply any personal information, certain consequences may naturally flow from such a refusal, such as preventing The Company from concluding or performing any contract with the user.
3. There are certain laws which require or authorise The Company to collect a user’s personal information, including RICA, FICA and directives issued under these Acts.

1. The Company shall only collect a user’s personal information for a specific, explicitly defined and lawful purpose relating to a function or activity of The Company’s business.
2. Such purposes may include the following:
   1. to enter into a contract with a user;
   2. to perform any obligations under a contract with a user;
   3. to comply with a legal obligation;
   4. to protect a legitimate interest of a user;
   5. to pursue its own legitimate interests or the legitimate interests of a third party;
   6. to process personal information for direct marketing purposes (only if the user has opted in);
   7. to customise and display content to the user in a way that The Company feels may interest or benefit them;
   8. to send content including products, articles, listings and advertisement content to the user via email or other electronic media, where the user has consented;
   9. to enable the user to voluntarily participate in interactive features;
   10. to notify the user about changes to the website or services.
3. If The Company intends to process a user’s personal information for any other purpose, it shall ensure that it obtains the user’s written consent to do so.
4. The Company will not sell a user’s personal information to any third party without the prior written consent of the user.

1. The Company shall, as far as possible, collect personal information about a user directly from the user, except in specific circumstances such as where the information is available in a public record, or where it is more practicable to collect it from another source.
2. If The Company collects personal information from a source other than the user, it shall record in writing the details of that source.
3. The Company may collect personal information through various interactions including use of an iOS or Android application; use of the service via a computer or mobile browser; requests for further services or information; contact to report a problem; and when completing any forms on the website.
4. The user may visit the website without providing any personal information. However, the website’s servers may still collect technical information regarding the use of the website, which is aggregated for analytical purposes, technical maintenance and for improving the content offered.

1. “Cookies” are small text files transferred by a web server to a user’s hard drive and thereafter stored on their computer. The types of information a cookie collects includes a user’s username, the date and time of their visits, their browsing history and preferences.
2. The Company may use cookies on this website to:
   1. distinguish one user from another on the website;
   2. remember the user’s last session when they return;
   3. estimate the website’s audience size and usage patterns;
   4. store information about the user’s preferences, allowing The Company to customise the website; and
   5. speed up searches on the website.
3. The provisions of this clause are only applicable to cookies used by The Company. In some instances, third-party service providers may use cookies on the website. The Company cannot and does not control cookies used by third-party service providers.
4. The user has the right and ability to either accept or decline the use of cookies on their computer’s web browser. However, declining the use of cookies may limit a user’s access to certain features on the website.

1. The Company shall comply with all laws, contracts or regulations when it processes a user’s personal information.
2. The Company shall not act unreasonably when processing a user’s personal information — it will collect and process information in a way that the user can reasonably expect and in a way that is fair.
3. The Company shall respect the user’s right to privacy at all times.
4. The Company shall ensure that the personal information collected and processed is relevant to the identified purpose/s and is adequate but not excessive for achieving those purposes.
5. The Company shall be entitled to store the personal information of users indefinitely unless the user objects thereto. In the event a user objects, once The Company has achieved the purpose for the collection it will destroy or delete such information, unless required by law to retain it.
6. If The Company no longer needs to process personal information to achieve the purpose originally specified, it will stop using that information.

1. The Company may share certain personal information with third-party operators who perform certain processing activities on behalf of The Company.
2. You consent to us sharing your personal information with the following categories of operators:
   1. Partners or agents involved in delivering the products and services to the user.
   2. Partners or agents that conduct network performance, client satisfaction surveys and any other surveys related to the products or services provided.
   3. Law enforcement agencies, regulatory organisations, courts or other public authorities if The Company has to, or is authorised to by law.
   4. The Company will release information if it’s reasonable for the purpose of protecting it against fraud, defending its rights or property, or to protect the interests of its users.
   5. If The Company is reorganised or sold to another organisation, it may transfer any personal information it holds to that organisation.
3. The Company may also share aggregated, de-identified information about users and their usage patterns. Individual personal information will not be disclosed in such cases.
4. Other than as stated above, The Company shall not share a user’s personal information with any third parties unless it has the user’s express consent to do so.

1. Users shall have the following rights in relation to the processing of their personal information:
   1. to access and correct any personal information held by The Company about them;
   2. to object to the processing of their information; and
   3. to lodge a complaint with the Information Regulator at justice.gov.za/inforeg/.

1. The Company shall not process a user’s personal information for any purpose not previously specified except where: the user has consented; the further processing is necessary for the exercise of contractual rights; the further processing is linked to or compatible with the original purpose; it is necessary for the prevention, detection or prosecution of an offence; necessary to enforce any law; necessary for legal proceedings; necessary to prevent a serious threat to life or health; or necessary for historical, statistical or research purposes.
2. The Company shall notify the user of any intended further processing and the possible consequences thereof.

1. The Company shall take reasonably practicable steps to ensure that the personal information kept about users is complete, accurate, not misleading, and is updated when necessary.
2. If a user is aware of any personal information in The Company’s custody that is incorrect or needs to be updated, the user must make a written request to The Company’s information officer at feedback@siteessence.co.za.
3. If a user has contested the accuracy of any personal information, The Company shall immediately stop using that information until its accuracy has been verified.

1. The Company is committed to protecting the personal information in its custody against any loss of, damage to or unauthorised destruction of that information, and to prevent any unauthorised parties from accessing that information.
2. The Company takes steps to continually identify and document any risks to the personal information it has in its possession and ensures appropriate security safeguards are in place.
3. The Company shall ensure that contracts entered into with third-party operators include obligations requiring: no processing without The Company’s authority; confidentiality of all personal information; adequate security measures; immediate notification of any breach; compliance with relevant data protection laws; and notification to The Company before any legally obliged disclosure.
4. The Company shall ensure that all personal information on its systems is properly backed-up and that back-up copies are stored separately from the live files.

1. If personal information about a user is inadvertently leaked or The Company’s security has been unlawfully breached by any unauthorised party, The Company shall immediately identify the relevant users who may be affected and shall contact them at their last known email address or contact details or by the quickest means possible.
2. The Company shall provide sufficient information to the user to allow them to take the necessary protective measures against the potential consequences of the compromise, or shall advise users of the steps to be taken and the possible consequences that may ensue from the breach.

1. The user consents that personal information (including special personal information) may be transferred transborder, even to countries without data protection laws similar to those of South Africa, for storage purposes, or if it is in The Company’s legitimate interests or those of a third party to do so.

1. The user consents that The Company may keep record of his/her personal information for an indefinite period of time, unless the user objects. In such cases The Company will only keep such records if it is lawfully entitled or obliged to do so.

1. Where The Company is no longer authorised to retain a record of any personal information, it shall either:
   1. ensure that the information is permanently destroyed or deleted as soon as reasonably practicable; or
   2. return the information to the user or transfer it to a third party, if requested by the user in writing to do so.

1. The user hereby consents to the processing of their personal information in terms of the provisions of this privacy policy.
2. The user acknowledges and agrees that such consent has been given voluntarily after the user has read and understood the provisions of this privacy policy, in particular regarding: the types of personal information to be processed; the specific processing activities to be undertaken; the specific purpose/s for such processing; and the possible consequences for the user that may arise from such processing.
3. Should a user wish to withdraw any consent previously given, they must notify The Company’s information officer in writing.

1. You can request the removal of certain information by sending an email to support@siteessence.co.za.
2. What information can be requested to be removed:
   1. Personal Information — First name, surname, email address, cellphone number, company name, ID number, all addresses.
   2. Payment Details — Any bank details or debit/credit card information used with this account.
   3. Personal Information AND Payment Details — both categories together.
3. ⚠️

   If you have an active product or service with us, you cannot request the removal of your personal or payment information, as we need that information to continue providing you with our services.
4. What happens once a request is made:
   1. The request will be sent to the dedicated Site Essence POPI team. The team will review requests on a case-by-case basis and will contact you on the outcome of your request.
   2. Please note that not every request will necessarily result in the removal of the information.

1. A user may, on reasonable grounds, object to the processing of their personal information at any time after that processing has started.
2. If a user wishes to object to the processing of their personal information, they should contact The Company’s information officer in writing and provide reasons for doing so. Users may use the process and forms contained within The Company’s PAIA manual available on our website.

This privacy policy shall be governed and interpreted in accordance with the laws of the Republic of South Africa.

1. The Company reserves the right to change, update, add, remove, and/or amend any of the provisions of this privacy policy from time to time. Such changes will become effective from the date of their publication on this website.
2. The user must periodically check the provisions of this privacy policy for any such changes.
3. The user’s continued use of this website following any changes to this privacy policy will be considered acceptance of the policy as amended.

1. For more information on your rights to privacy over your information, or the information processing activities of The Company, please do not hesitate to contact us directly at support@siteessence.co.za.