Privacy Policy

Personal Information Provided Directly:

• Contact details including name, email address, phone number, and company name • Billing and payment information for invoicing and transactions • Communication records including emails, messages, and support tickets • Project requirements, specifications, and related documentation • Account credentials for accessing our client portals and dashboards

Automatically Collected Information:

• Device information such as IP address, browser type, and operating system • Usage data including pages visited, time spent on pages, and navigation paths • Cookies and similar tracking technologies for session management and analytics • Log files containing access times, referring URLs, and error reports

Information from Third Parties:

• Business information from publicly available sources • Referral information from partners or clients who recommend our services • Data from integrated services such as analytics providers and payment processors

Client Project Data:

When developing software solutions for clients, we may process data on your behalf. This includes any information stored, processed, or transmitted through applications we build or maintain for you. We act as a data processor for such information and handle it strictly according to our service agreements.

Service Delivery:

• Developing, deploying, and maintaining custom software solutions • Providing technical support, updates, and maintenance services • Managing client accounts and project communications • Processing payments and maintaining billing records • Fulfilling contractual obligations and service agreements

Communication:

• Responding to inquiries, support requests, and feedback • Sending project updates, milestones, and status reports • Delivering newsletters, product announcements, and promotional materials (with consent) • Notifying you of changes to our services, policies, or terms

Improvement and Analytics:

• Analysing usage patterns to improve our website and services • Conducting research to develop new features and offerings • Monitoring and enhancing security measures • Troubleshooting technical issues and optimising performance

Legal and Compliance:

• Complying with applicable laws, regulations, and legal processes • Enforcing our terms of service and other agreements • Protecting our rights, property, and safety, and that of our users • Detecting, preventing, and addressing fraud, security breaches, or technical issues

Service Providers:

We engage trusted third-party service providers to assist in our operations, including: • Cloud hosting and infrastructure providers (e.g., AWS, Vercel, Neon) • Payment processors for secure transaction handling • Analytics services for website and application performance monitoring • Email delivery services for communications • Project management and collaboration tools

Business Transfers:

In the event of a merger, acquisition, reorganisation, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change and your options regarding your information.

Legal Requirements:

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including: • Court orders, subpoenas, or other legal processes • Requests from law enforcement or regulatory agencies • Protection against legal liability

With Your Consent:

We may share your information with third parties when you have given us explicit consent to do so, such as when integrating with third-party services at your request.

Technical Safeguards:

• Encryption of data in transit using TLS/SSL protocols • Encryption of sensitive data at rest in our databases • Secure authentication mechanisms including multi-factor authentication • Regular security assessments, penetration testing, and vulnerability scanning • Firewalls, intrusion detection systems, and access controls • Secure coding practices following OWASP guidelines

Organisational Measures:

• Access to personal data is limited to authorised personnel on a need-to-know basis • Regular staff training on data protection and security best practices • Incident response procedures for addressing potential data breaches • Confidentiality agreements with all employees and contractors • Regular audits of our security policies and procedures

Client Data Protection:

For client applications we develop and host, we implement: • Logical separation of client data in multi-tenant environments • Regular backups with secure, encrypted storage • Disaster recovery and business continuity planning • Compliance with industry-specific security standards as required

Retention Periods:

• Active client data: Retained throughout the duration of our business relationship • Project files and documentation: Retained for 5 years after project completion • Financial and billing records: Retained for 7 years as required by tax regulations • Communication records: Retained for 3 years for reference and quality assurance • Website analytics data: Aggregated and anonymised after 26 months • Marketing consent records: Retained until consent is withdrawn

Post-Retention:

When personal information is no longer required, we will: • Securely delete or destroy the information • Anonymise data so it can no longer be associated with you • Ensure any third parties with whom data was shared also delete the information

Client Data:

For software applications we build and maintain for clients, data retention is governed by individual service agreements. Upon termination of services, client data is typically exported or deleted according to the agreed-upon terms.

Right of Access:

You have the right to request a copy of the personal information we hold about you. We will provide this information within 30 days of your request.

Right to Rectification:

If your personal information is inaccurate or incomplete, you have the right to request correction or completion of your data.

Right to Erasure:

You can request deletion of your personal information where there is no compelling reason for continued processing. This is also known as the "right to be forgotten."

Right to Restrict Processing:

You can request that we limit the processing of your personal information in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability:

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object:

You can object to processing of your personal information for direct marketing purposes or where processing is based on legitimate interests.

Right to Withdraw Consent:

Where we rely on your consent for processing, you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing.

Right to Lodge a Complaint:

You have the right to lodge a complaint with the Information Regulator (South Africa) or relevant supervisory authority in your jurisdiction if you believe your rights have been violated.

Essential Cookies::

These are necessary for the website to function properly. They enable basic features like page navigation, secure areas, and authentication. The website cannot function properly without these cookies.

Analytics Cookies::

These help us understand how visitors interact with our website by collecting and reporting information anonymously. We use this data to improve our website's performance and user experience.

Functional Cookies::

These enable the website to provide enhanced functionality and personalisation, such as remembering your preferences and settings.

Marketing Cookies::

With your consent, these may be set to track your online activity and display relevant advertisements. We currently do not use third-party marketing cookies.

Managing Cookies:

Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer. However, this may prevent you from taking full advantage of our website.

Do Not Track:

Our website does not currently respond to "Do Not Track" signals from browsers. However, you can manage your preferences through your browser settings and our cookie management tools.

Transfer Locations:

Our data may be processed in: • South Africa (primary location) • European Economic Area (EEA) for certain services • United States for cloud hosting and infrastructure services

Safeguards:

When transferring data internationally, we ensure appropriate safeguards are in place: • Standard Contractual Clauses approved by the European Commission • Adequacy decisions where the destination country ensures adequate data protection • Binding Corporate Rules for transfers within our corporate group • Your explicit consent for specific transfers

Cloud Services:

Our cloud infrastructure providers maintain compliance with international data protection standards and have implemented appropriate security measures. We carefully select providers who demonstrate commitment to data protection.

Notification of Changes:

• Material changes will be communicated via email to registered users • Updates will be posted on this page with a revised "Last Updated" date • Continued use of our services after changes constitutes acceptance

Review Recommendations:

We encourage you to periodically review this Privacy Policy to stay informed about how we protect your information. We recommend checking this page at least quarterly or whenever you interact with our services.

Version History:

Previous versions of this policy are available upon request. Please contact us if you would like to review earlier versions.