Your Privacy Matters
Privacy Policy
How we collect, use, store, and protect your personal information โ in compliance with POPIA.
1. Introduction
Zoe Techno (Pty) Ltd ("Zoe Techno", "we", "us", "our") is committed to protecting your privacy and ensuring that your personal information is handled in a safe, secure, and responsible manner. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the Protection of Personal Information Act (POPIA) No. 4 of 2013 and other applicable South African laws.
By using our Website or services, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use our Website or services.
๐ Information Officer
Ingrid Maledimo serves as Zoe Techno's Information Officer as required by POPIA. For any privacy-related inquiries, please contact:
๐ง privacy@zoetechno.co.za
๐ +27 68 136 0758
๐ Rondebult Extension 23, Germiston, Johannesburg, 1401
2. What Personal Information We Collect
We may collect the following categories of personal information:
- Identity Information: Name, surname, ID number, passport number (for foreign nationals), company registration number.
- Contact Information: Email address, phone number, physical address, postal address.
- Financial Information: Bank account details, payment information, billing history.
- Technical Information: IP address, browser type, device information, cookies, usage data.
- Company Information: Company name, directors' details, shareholding structure, MOI, and other CIPC-related documents.
- Communication Information: Records of your correspondence with us, including emails, chat logs, and support tickets.
3. How We Collect Your Information
We collect personal information in the following ways:
- Directly from you: When you fill out forms on our Website, register for services, contact us via email, phone, or WhatsApp, or submit documents for company registration.
- Automatically: When you visit our Website, we may collect technical information through cookies and similar technologies.
- From third parties: With your consent, we may collect information from CIPC, SARS, or other regulatory bodies as part of our service delivery.
4. How We Use Your Information
We use your personal information for the following purposes:
- To provide our services, including company registration, KDS subscriptions, IT services, and logo design.
- To process payments and manage billing.
- To communicate with you about your account, services, or inquiries.
- To comply with legal and regulatory obligations (e.g., CIPC, SARS, POPIA).
- To improve our Website, services, and customer experience.
- To detect and prevent fraud or unauthorised access.
- To train our AI agents using documents you provide (with your consent).
๐ค AI Training & Your Data
Documents and data you upload for AI training purposes are used solely to train your designated AI agents. Your data is never used to train models for other clients. AI-generated content created using your data is owned by you. You may request deletion of your training data at any time.
5. Legal Basis for Processing
Under POPIA, we process your personal information based on one or more of the following lawful grounds:
- Consent: You have given us explicit consent to process your information for specific purposes.
- Contractual Necessity: Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
- Legal Obligation: Processing is necessary to comply with South African laws (e.g., CIPC, SARS, POPIA).
- Legitimate Interests: Processing is necessary for our legitimate business interests, provided those interests do not override your rights and freedoms.
6. Sharing Your Information
We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:
- With your consent: When you have explicitly authorised us to share your information.
- Service providers: With trusted third-party service providers who assist us in operating our business (e.g., payment processors, cloud hosting providers). These providers are bound by confidentiality agreements and may only use your information to perform services on our behalf.
- Legal requirements: When required by South African law, regulation, or legal process (e.g., CIPC, SARS, court order).
- Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.
7. Data Storage and Security
We take data security seriously and implement appropriate technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction. These measures include:
- Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
- Access controls: Only authorised personnel have access to personal information, and access is granted on a need-to-know basis.
- Secure hosting: All data is stored on South African servers (AWS Cape Town region) to ensure compliance with POPIA's data localisation requirements.
- Regular audits: We conduct regular security assessments and audits to identify and address vulnerabilities.
8. Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Specific retention periods:
- Client records: Kept for 5 years after the end of our business relationship, as required by SARS regulations.
- CIPC documents: Retained as required by the Companies Act and CIPC regulations.
- AI training data: Retained until you request deletion or terminate your subscription.
- Marketing communications: Retained until you unsubscribe.
9. Your Rights Under POPIA
As a data subject in South Africa, you have the following rights under POPIA:
- Right to access: You may request access to the personal information we hold about you.
- Right to correction: You may request correction of inaccurate or incomplete information.
- Right to deletion: You may request deletion of your personal information, subject to legal retention requirements.
- Right to object: You may object to the processing of your information for direct marketing purposes.
- Right to withdraw consent: You may withdraw your consent for processing at any time.
- Right to lodge a complaint: You may lodge a complaint with the Information Regulator of South Africa.
To exercise any of these rights, please contact our Information Officer at privacy@zoetechno.co.za. We will respond to your request within 30 days as required by POPIA.
๐ Information Regulator of South Africa
If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Information Regulator:
๐ง inforeg@justice.gov.za
๐ 012 406 4818
๐ JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
๐ www.inforegulator.org.za
10. Cookies and Tracking Technologies
Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and personalise content. Cookies are small text files stored on your device. You may disable cookies through your browser settings, but this may affect the functionality of our Website.
We use the following types of cookies:
- Essential cookies: Necessary for the Website to function properly.
- Analytics cookies: Help us understand how visitors interact with our Website (e.g., Cloudflare Analytics).
- Functional cookies: Remember your preferences and settings.
11. Third-Party Links
Our Website may contain links to third-party websites, including payment processors, CIPC, and social media platforms. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to read their privacy policies before providing any personal information.
12. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us, and we will delete it promptly.
13. International Data Transfers
We primarily store your data on South African servers. However, some third-party service providers we use (e.g., Cloudflare, email services) may operate outside South Africa. When we transfer your information internationally, we ensure appropriate safeguards are in place to protect your information and comply with POPIA.
14. Direct Marketing
We may use your contact information to send you promotional materials, newsletters, or information about our services that may interest you. You may opt out of receiving direct marketing communications at any time by clicking the "unsubscribe" link in our emails or by contacting us directly.
15. Security Breach Notification
In the event of a data breach that may compromise your personal information, we will notify you and the Information Regulator within 72 hours of becoming aware of the breach, as required by POPIA. We will take immediate steps to contain and remediate the breach.
16. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will be effective immediately upon posting on this page, with the "Last Updated" date revised accordingly. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our Information Officer:
- Information Officer: Ingrid Maledimo
- Email: privacy@zoetechno.co.za
- General Enquiries: info@zoetechno.co.za
- Phone: +27 68 136 0758
- Address: Rondebult Extension 23, Germiston, Johannesburg, Gauteng, 1401, South Africa