1.1. The Organisation: Xpello SA (Pty) Ltd
1.2. Registration number: 2017/198659/07
1.3. VAT registration number: 489093196
1.4. Physical address: Wilro Heights Office Park, 168 Ouklip Road, Helderkruin, Roodepoort
1.5. Email address: firstname.lastname@example.org
1.6. Website address: www.xpello.co.za
2. COMMITMENT TO YOUR PRIVACY
2.1. Welcome to the Website set out in item 1.6 of the Schedule (“Website”), owned and operated by the Organisation set out in item 1.1 of the Schedule
(“Organisation”). The Organisation is committed to protecting the privacy of the user of the Website. The Organisation values the trust of its subscribers
and all others who work with it, and the Organisation recognises that maintaining your trust requires transparency and accountability in how the
conditions and the general terms relating to the use of the Website.
2.2. In performing the Organisation’s services in the ordinary course of business, the Organisation may collect, use and disclose Personal Information. Anyone
from whom the Organisation collects such information can expect that it will be appropriately and lawfully protected and that any use of or other dealing
with this information is subject to consent, where this is required by law. This is in line with the general privacy practices of the Organisation.
2.3. This Policy sets out how the Organisation collects, uses, discloses, and safeguards the Personal Information it processes in the course of its business.
3.1. In this Policy, in addition to the other terms that have been defined in the body of the Policy, the Organisation makes use of the following terms:
3.1.1. "Personal Information" means all information which may be considered to be personal in nature or information about an identifiable natural and / or
existing juristic person (where applicable) in terms of the Electronic Communications and Transactions Act 25 of 2002 ("ECTA"), the Consumer
Protection Act 68 of 2008 ("CPA") and the Protection of Personal Information Act 4 of 2013 (“POPIA”); and
3.1.2. “User, you, your or yourself” refers to any person who makes use of the Website for any purposes whatsoever, whether or not such use is free of
charge or paid for.
3.2. In addition, unless the contrary is specified, terms that are used in the Policy that are specifically defined in POPIA, are given the meanings ascribed to
to them in POPIA.
4. WHAT PERSONAL INFORMATION DOES THE ORGANISATION COLLECT AND WHY?
The Organisation may collect Personal Information in conducting its ordinary business operations, including through the use of its Website. In processing
such Personal Information, the Organisation at all times ensures that (i) it complies with the provisions of POPIA, and (ii) such Personal Information is
used for legitimate business purposes.
5. OBTAINING CONSENT
The Organisation does not, except where otherwise permitted by law, collect, use or disclose your Personal Information without your consent.
6. USE AND DISCLOSURE OF PERSONAL INFORMATION
6.1. The Organisation operates its Website, and conducts its business in general, in accordance with South African legislation. The Organisation considers it
imperative to protect the privacy interests of data subjects.
6.2. In the event that the Organisation sends Personal Information outside of South Africa (including if such information is hosted offshore), the Organisation will
ensure that it takes all reasonable steps to ensure that it complies with all applicable laws in this regard, including POPIA.
7. RETENTION OF PERSONAL INFORMATION
All Personal Information retained on the Organisation’s database, including such information obtained through the use of the Website, is in accordance with
the retention provisions set out in the applicable laws and regulations of South Africa, including those set out in POPIA
8. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
8.1. It is important to note that you have rights in relation to your Personal Information.
8.2. You have the right to contact the Organisation at any time to ask the Organisation to:
8.2.1. confirm that it holds your Personal Information (at no charge);
8.2.2. provide you access to any records containing your Personal Information or a description of the Personal Information that the Organisation hold
about you (subject to payment of a prescribed fee); and / or
8.2.3. confirm the identity or categories of third parties who have had, or currently have, access to your Personal Information (also subject to payment of a
8.3. The Organisation’s contact information is as set out in item 1.1 of the Schedule.
8.4. When you make a request regarding your Personal Information, the Organisation will take reasonable steps to confirm your identity.
8.5. There may be times when the Organisation cannot grant access to your Personal Information, including where granting you access would (i) interfere with
the privacy of others, or (ii) result in a breach of confidentiality. The Organisation will always provide you with reasons if this is the case.
8.6. If you are of the view that any Personal Information that the Organisation holds about you is incorrect in any way, including that it is inaccurate, irrelevant,
outdated, incomplete or misleading, you are allowed to ask the Organisation to correct it. If you believe that any Personal Information that the Organisation
holds about you is excessive or has been unlawfully obtained, you can ask the Organisation to destroy or delete it. You may do the same if you think that
the Organisation has retained if for longer than necessary, given the purpose. The Organisation will do so unless there are good grounds not to (such as
that the Organisation is required to hold it for a period prescribed by any applicable legislation).
8.7. It is important, however, to understand that if you withdraw your consent for the Organisation to use some of your Personal Information, it may affect the
quality and level of service that the Organisation can provide to you.
9.1. The Organisation has adopted a security model to protect your Personal Information that complies with generally accepted information security practices
and procedures. As part of the Organisation’s security systems, the Organisation has implemented fire-wall technology, password controls, encryption
processes and antivirus software. This is in addition to the physical security measures adopted by the Organisation to ensure that it takes all appropriate,
reasonable technical and organisational measures to prevent (i) loss of, damage to, or unauthorised destruction of Personal Information, and (ii) unlawful
access to or processing of Personal Information. The Organisation has a stringent security policy in place that every officer, employer and supplier of the
Organisation must adhere to.
9.2. The Organisation confirms that it takes all reasonable measures to:
9.2.1. identify all reasonably foreseeable internal and external risks to any Personal Information in its possession or under its control;
9.2.2. establish and maintain appropriate safeguards against any risks that are identified by the Organisation;
9.2.3. regularly verify that these safeguards are effectively implemented by or on behalf of the Organisation; and
9.2.4. ensure that such safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards.
10.2. Cookies are small files containing information that a Website uses to track a visit by a user. The Organisation uses session cookies to better understand
how the Website is used by users to improve the performance of the Website for users, particularly the way search pages are delivered. The Organisation
has installed settings on the Website to ensure that session cookies do not remain on your computer at the end of your visit to the Website, and cannot be
used to obtain any personally identifiable details.
11. THIRD-PARTY WEBSITES
11.1. The Website may contain links to third party websites. In the event that you follow a link to any of these websites, it is important to note that these websites
the Organisation, or (ii) are a user of the Website, and you have purchased products or services from the Organisation, the Organisation may use your
contact details to send you details of any new similar products or services which the Organisation thinks you would be interested in. In doing so, the
Organisation will at all times comply with any applicable direct marketing laws.
11.2. Any communications that you do receive from the Organisation pursuant to clause 11.1 will set out how to opt out of receiving future communications from
the Organisation, free of charge, if you no longer wish to receive material for any reason whatsoever. The Organisation will only send you marketing
messages when you tick the relevant boxes at certain times when engaging with the Organisation.
11.3. As the Organisation is not responsible for any representations, information, warranties and / or content on any Website of any third party (including
websites linked to this Website), the Organisation does not exercise control over third parties' privacy policies and the onus is on the User to refer to the
The Organisation, in its sole discretion, reserves the right to update, modify or amend this Policy from time to time with or without notice. You therefore
agree and undertake to review the Policy whenever you visit the Website. Save as expressly provided to the contrary in this Policy, any amended version of
the Policy shall supersede and replace all previous versions thereof.
13. CONTACT INFORMATION
Questions, concerns or complaints related to this Policy or the Organisation’s treatment of Personal Information should be directed to the email address set
out in item 1.5 of the Schedule.