Policies & Procedures

All data is processed lawfully and in full compliance with the POPI Act. Users are informed transparently about how their information is collected and used.

Explicit consent is obtained for all personal data processing activities, and records are maintained to ensure accountability and audit readiness.

All data is encrypted during storage and transmission to protect against unauthorized access and ensure confidentiality.

Access to sensitive data is granted according to defined roles, ensuring that users can only view or edit information necessary for their responsibilities.

Regular security audits and monitoring are conducted to identify potential risks, enforce compliance, and maintain system integrity.

Users are required to authenticate with multiple factors to prevent unauthorized access and strengthen account security.

Personal data is collected only for specific, legitimate purposes and only the minimum required data is stored to reduce risk and enhance privacy.

Data retention policies are enforced and users have the right to access, correct, or request deletion of their personal data.

Documented procedures are in place to respond immediately to potential data breaches, including internal and external communication plans.

Stakeholders and users are promptly notified of incidents in a clear and transparent manner, ensuring accountability and trust.

In terms of the Protection of Personal Information Act 4 of 2013 (POPIA), we are required to inform you of how we collect, use, store and protect your personal information.

If you believe your personal information rights have been violated, you may lodge a complaint with the Information Regulator of South Africa at inforegulator.org.za.