POPI Act Compliance

1. Information We Collect

We collect the following types of personal information:

1.1 Order Information

• Full name
• Email address
• Delivery address
• Phone number
• Payment information (processed securely through PayFast - we do not store card details)

1.2 Website Usage Information

• IP address
• Browser type and version
• Pages visited and time spent
• Device information
• Cookies (see our Cookie Policy)

1.3 Communication Information

• Email correspondence
• Customer support inquiries
• Feedback and reviews

2. How We Use Your Information

We use your personal information for the following purposes:

• Order Fulfillment: Processing and delivering your orders
• Customer Support: Responding to inquiries and providing assistance
• Communication: Sending order confirmations, shipping updates, and important notices
• Marketing: Sending promotional emails (only with your consent - you can opt out anytime)
• Improvement: Analyzing website usage to improve our services
• Legal Compliance: Meeting legal and regulatory requirements

3. Legal Basis for Processing

We process your personal information based on:

• Contract Performance: To fulfill your order and provide services
• Consent: For marketing communications and optional services
• Legitimate Interest: To improve our services and prevent fraud
• Legal Obligation: To comply with South African laws

4. Information Sharing

We may share your information with:

• Payment Processors: PayFast for secure payment processing
• Courier Services: For order delivery
• Service Providers: Trusted third parties who assist in operations (hosting, analytics)
• Legal Authorities: When required by law

We never sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• SSL/TLS encryption for data transmission
• Secure servers and databases
• Access controls and authentication
• Regular security audits
• Staff training on data protection

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this notice:

• Order Information: 7 years (for tax and legal compliance)
• Marketing Consent: Until you withdraw consent
• Website Analytics: 24 months

7. Your Rights Under POPIA

You have the right to:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information (subject to legal requirements)
• Object: Object to processing of your information
• Restriction: Request restriction of processing
• Portability: Receive your information in a structured format
• Withdraw Consent: Withdraw marketing consent at any time
• Complain: Lodge a complaint with the Information Regulator

8. How to Exercise Your Rights

To exercise any of your rights under POPIA, please contact us:

9. Information Regulator Contact

If you believe we have not handled your personal information properly, you may lodge a complaint with:

10. Children's Privacy

Our services are not intended for children under 18 years old. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Transfers

We primarily store data within South Africa. If we transfer data internationally, we ensure adequate protection measures are in place as required by POPIA.

12. Changes to This Notice

We may update this notice from time to time. We will notify you of significant changes by email or by posting a notice on our website. The "Last Updated" date at the top indicates when this notice was last revised.

13. Contact Information