Request a Quote
TKD Tech

Shopping Cart

Total R0.00
View Cart Checkout
Home / / POPIA Compliance Notice

POPIA Compliance Notice

How TKD Tech complies with the Protection of Personal Information Act in South Africa

POPIA Compliance

Our Commitment to Data Protection

TKD Tech (PTY) LTD is committed to complying with the Protection of Personal Information Act, 2013 (POPIA). This notice outlines our compliance framework, the personal information we process, and the rights of data subjects.

1. Introduction to POPIA

The Protection of Personal Information Act, 2013 (POPIA) is South Africa's comprehensive data protection law that regulates the processing of personal information by public and private bodies. POPIA gives effect to the constitutional right to privacy and sets conditions for the lawful processing of personal information.

TKD Tech (PTY) LTD takes its obligations under POPIA seriously. We have implemented policies, procedures, and technical measures to ensure that personal information we process is protected in accordance with the law. This notice serves as a summary of our compliance framework.

2. Information Officer

In accordance with Section 55 of POPIA, TKD Tech has appointed an Information Officer who is responsible for overseeing compliance with POPIA and handling data subject requests. The Information Officer is registered with the Information Regulator of South Africa.

  • Information Officer: The Information Officer, TKD Tech (PTY) LTD
  • Email: privacy@tkdtech.co.za
  • Phone: +27 11 568 4125
  • Address: Office 42, 33 Kelly Road, Meerlust Jet Park, Boksburg, 1459, Gauteng, South Africa

All requests relating to the processing of personal information, including access, correction, deletion, and complaints, should be directed to the Information Officer.

3. What Personal Information We Collect

We collect the following categories of personal information in the course of our business operations:

  • Contact Details: Name, surname, company name, job title, email address, telephone number, and physical address.
  • Identity Information: Identity or passport numbers, company registration numbers, and VAT numbers.
  • Financial Information: Bank account details, payment records, credit history, and invoicing information.
  • Transactional Information: Order history, product preferences, delivery records, and communication logs.
  • Technical Information: IP addresses, browser type, operating system, device identifiers, and website usage data collected through cookies.
  • Special Personal Information: We do not intentionally collect special personal information (such as race, religion, health, biometric information) unless required for a specific lawful purpose and with your explicit consent.

4. Purpose of Processing

We process personal information for the following purposes:

  • To provide products and services requested by our customers.
  • To process orders, payments, and deliveries.
  • To communicate with customers regarding orders, inquiries, and account management.
  • To manage supplier and vendor relationships.
  • To comply with legal and regulatory obligations, including tax and record-keeping requirements.
  • To improve our website, products, and customer service.
  • To send marketing communications where consent has been provided.
  • To prevent fraud and ensure the security of our systems.

5. Legal Basis

We process personal information based on the following lawful grounds under POPIA:

  • Consent: Where you have given your informed, voluntary consent for the processing of your personal information for a specific purpose. You have the right to withdraw your consent at any time.
  • Contractual Necessity: Where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: Where processing is required to comply with a legal obligation imposed on us by South African law.
  • Legitimate Interest: Where processing is necessary for our legitimate business interests or those of a third party, provided these interests do not override your fundamental rights and freedoms.
  • Public Interest: Where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

6. Information Security Measures

TKD Tech has implemented appropriate technical and organisational security measures to safeguard personal information against loss, unauthorised access, interference, modification, or disclosure. These measures include:

  • Encryption of data in transit and at rest using industry-standard protocols.
  • Access controls and authentication mechanisms to restrict access to personal information on a need-to-know basis.
  • Regular security awareness training for all employees who process personal information.
  • Firewalls, intrusion detection systems, and anti-malware protection.
  • Data backup and disaster recovery procedures.
  • Written information security policies and procedures.
  • Regular security assessments and vulnerability testing.

In the event of a data breach involving personal information, we will follow our breach response procedure and notify the Information Regulator and affected data subjects as required by POPIA.

7. Data Subject Rights

Under POPIA, you have the following rights as a data subject:

  • Right to be Informed: The right to be notified that your personal information is being collected and the purpose for which it is being processed.
  • Right of Access: The right to request a copy of the personal information we hold about you.
  • Right to Correction: The right to request that we correct or update inaccurate, incomplete, or outdated personal information.
  • Right to Deletion: The right to request that we delete your personal information, subject to legal retention requirements.
  • Right to Object: The right to object to the processing of your personal information for direct marketing purposes or on reasonable grounds relating to your particular situation.
  • Right to Restrict Processing: The right to request that we restrict the processing of your personal information while a complaint or verification is being conducted.
  • Right to Data Portability: The right to request that we provide your personal information in a structured, commonly used format.
  • Right to Withdraw Consent: The right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact our Information Officer using the contact details provided in Section 2 above. We will respond to your request within a reasonable timeframe and in accordance with the requirements of POPIA.

8. Access to Your Information

You have the right to request access to any personal information we hold about you. This is known as a "data subject access request". To make such a request, please contact our Information Officer in writing. We may request proof of identity before processing your request. We will respond to your request within 30 days, as prescribed by POPIA. There is no charge for making an access request, although we may charge a reasonable fee for providing additional copies of the information.

9. Correction of Information

If you believe that any personal information we hold about you is inaccurate, incomplete, misleading, or out of date, you may request that we correct it. Please provide us with the correct information and supporting documentation where applicable. We will make the requested corrections promptly and notify any third parties with whom we have shared the incorrect information.

10. Deletion of Information

You may request that we delete your personal information in the following circumstances:

  • The information is no longer necessary for the purpose for which it was collected.
  • You withdraw your consent and there is no other legal basis for processing.
  • You object to the processing and there are no overriding legitimate grounds for continued processing.
  • The information has been processed unlawfully.
  • Deletion is required to comply with a legal obligation.

Please note that we may be required to retain certain information for legal, accounting, or compliance purposes. Where we are unable to delete your information due to legal requirements, we will inform you of the reasons.

11. Complaints Process

If you believe that TKD Tech has processed your personal information in violation of POPIA or this notice, you have the right to lodge a complaint with our Information Officer. We will investigate all complaints and respond within a reasonable timeframe.

To lodge a complaint, please contact our Information Officer at privacy@tkdtech.co.za with the following information:

  • Your full name and contact details.
  • A description of the alleged violation.
  • Any supporting documentation or evidence.
  • The remedy or outcome you are seeking.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Regulator of South Africa:

  • Website: www.justice.gov.za/inforeg/
  • Email: enquiries@inforegulator.org.za
  • Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

12. Contact Information Officer

For all matters relating to POPIA compliance, data protection, and data subject rights, please contact our Information Officer:

  • Information Officer: The Information Officer, TKD Tech (PTY) LTD
  • Email: privacy@tkdtech.co.za
  • Phone: +27 11 568 4125
  • Address: Office 42, 33 Kelly Road, Meerlust Jet Park, Boksburg, 1459, Gauteng, South Africa