fbpx

In accordance with the Protection of Personal Information Act, 2013.

 

The Protection of Personal Information Act 4 of 2013 (“the Act”) serves the purpose of giving effect to the constitutional right to privacy by ensuring information is processed responsibly to prevent security breaches, theft, and discrimination. At Eco Diva, we value your trust and endeavour to uphold the provisions of the Act for your protection and peace of mind.

Definitions to assist you:

  • “Responsible Party” is the person or entity that processes information on behalf of a Data Subject
  • “Data Subject” is any person that provides a Responsible Party with their personal information
  • “Operator” is any person who processes information of a Responsible Party in terms of a contract or mandate. An example of this is where a Responsible Party outsources a function of their business to a third party.

 

According to the Act, ‘personal information’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.

For clients:

  • Identity data: your first name and surname.
  • Contact data: address, email address, contact number
  • Transaction data: details about payments and products/services you have purchased from us
  • Technical data: includes IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website. As well as information about your visit, including the full URLs, clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page
  • Profile data: username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
  • Usage data: information about how you use our Website, products and services
  • Marketing and communications data: your preferences in receiving marketing from us and our third parties and your communication preferences.

For third parties, where applicable (such as affiliates or potential customers):

  • Identity data: your first name and surname
  • Contact data: address, email address, contact number
  • Transaction data: details about payments and products/services you have supplied to us
  • Technical data: includes IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website. As well as information about your visit, including the full URLs, clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page
  • Usage data: information about how you use our Website, products and services
  • Marketing and communications data: your preferences in receiving marketing from us and our third parties and your communication preferences

We do not collect any special categories of personal information about you. This information includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political persuasion, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offenses.

 

By using our product/services, you understand that we will collect and use your personal information as indicated in this policy.

You have the right to decline consent and/or if provided, to withdraw consent at any time. This will not affect the lawfulness of processing prior to the withdrawal of your consent. At any time, you can request that we stop using your personal information for direct marketing purposes.

 

Direct interactions: by way of filling in forms, email, purchasing or subscribing to products/services, and via our Website.

Automated technologies or interactions: we automatically collect technical data about your equipment, browsing actions and patterns as you use our Website. We collect this personal information by using cookies and other similar technologies.

 

  • To register you as a new customer.
  • To manage our relationship with you, as a client which will include: notifying you about changes to our terms or privacy policy and asking you to leave a review or take a survey.
  • To administer and protect our business and the Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
  • To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.
  • To use data analytics to improve our Website, products/services, marketing, customer relationships and experiences.
  • To make suggestions and recommendations to you about goods or services that may be of interest to you.

We will only use your personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason. We may process your personal information without your knowledge or consent in compliance with the Act, where this is required or permitted by law.

 

We will provide you with choices regarding certain personal information uses, particularly around marketing and advertising. You will receive marketing communications from us if you have requested information from us or purchased goods from us. You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or where you opt out of receiving these marketing messages, this will not apply to personal information provided to us as a result of a product/service purchase, product/service experience or other transactions.

You may set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our Website may become inaccessible or not function properly.

 

We will not sell personal information and no personal information will be disclosed to anyone except as provided in this policy. We may disclose your personal information if required by a subpoena or court order; or to comply with any law or regulation.

We may share your personal information:

  • with other related companies in terms of our Agreement with you, as our Client.
  • with our service providers under contract, as permitted by law.
  • with credit bureaus to report account information, as permitted by law.
  • with social media platforms when you use tools or functionality on our Website provided by those platforms (such as “recommend” or “share” buttons); and with marketing partners where you register for events, webinars or other related events.
  • with public or government authorities to follow applicable law or to respond to legal process (like a subpoena). We also may share your personal information when there are threats to the physical safety of any person, violations of this policy or other agreements, or to protect the legal rights of third parties, including our employees, users, or the public as required by law.
  • for business transactions like a merger, or sale of our assets, or as part of the due diligence for such contemplated transactions. If a corporate transaction occurs, we will provide notification of any changes to control of your personal information, as well as choices you may have.
  • with your consent. For example, when we post user testimonials that may identify you or for a third party application that may be of use to you and with your employer or organisation where you create an account or user role with an email address assigned to you as an employee, contractor or member of an organisation, that organisation may find your account and take specific actions that may affect your account.
  • We may need to disclose personal information to our employees that require the personal information to do their jobs. These include our responsible management, human resources, accounting, audit, compliance, information technology, or other personnel. Any of our employees or personnel that handle your personal information will have signed non-disclosure and confidentiality agreements.

 

We may transfer personal information outside South Africa to be stored on servers located outside South Africa where the laws protecting personal information may not be as stringent as the laws in South Africa. You consent to us processing your personal information in a foreign country whose laws regarding the processing of personal data may be less stringent.

 

We have put into place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, such as password protection, two-factor authentication, device control policies and other stringent security measures.

In addition, we limit access to your personal information to those employees, agents, contractors and other third parties. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We execute regular penetration tests using third-party software to test and indicate our technical defences’ strength continually.

 

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal Information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

Under certain circumstances you are entitled to:

  • Request access to your Personal Information
  • Request correction of your Personal Information
  • Request erasure of your Personal Information
  • Object to processing of your Personal Information
  • Request restriction of processing your Personal Information
  • Request transfer of your Personal Information
  • Withdraw consent
  • Not be subjected to automated decision-making

 

This policy was last updated on 14 June 2021. The personal information we hold about you must be accurate and current. Please keep us updated if your information changes during your relationship with us.

No products in the cart.