Data We Collect
We collect only the personal data necessary to provide our services:
- Contact Information: Name, email address, phone number
- Business Information: Company name, role, industry
- Usage Data: How you interact with our platform
- Technical Data: IP address, browser type, device information
Why We Process Your Data
We process your personal data for these lawful purposes:
- Service Delivery: To provide and maintain our services
- Customer Support: To respond to inquiries and provide assistance
- Billing: To process payments and manage subscriptions
- Security: To protect our platform and prevent fraud
- Legal Compliance: To meet regulatory requirements
- Legitimate Interests: To improve our services (with proper safeguards)
Your Privacy Rights
Under GDPR and POPIA, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your personal data
- Right to Portability: Receive your data in a structured format
- Right to Restrict Processing: Limit how we use your data
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Remove consent for voluntary processing
Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- AES-256 encryption for data at rest and in transit
- Multi-factor authentication and access controls
- Regular security audits and penetration testing
- Staff training on data protection best practices
- Incident response and breach notification procedures
Data Transfers
Your data is primarily processed and stored in South Africa. Any international transfers are protected by appropriate safeguards including:
- Adequacy decisions
- Standard contractual clauses
- Binding corporate rules
- Certified transfer mechanisms
Data Retention
We retain your personal data only as long as necessary for the purposes outlined in our Privacy Policy or as required by law:
- Account Data: Duration of your account plus 7 years for legal compliance
- Marketing Data: Until you unsubscribe or withdraw consent
- Analytics Data: Anonymized and retained for up to 2 years
- Legal Requirements: Some data may be retained longer to comply with legal obligations
Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.
Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee our data protection activities. You can contact our DPO regarding any data protection matters at dpo@rozitech.com.
Contact Us
For any data protection queries or to exercise your rights:
Data Protection Officer
Email: dpo@rozitech.com
Post: Rozitech (Pty) Ltd, Attn: DPO, Cape Town, South Africa
Information Regulator (South Africa)
If you're not satisfied with our response, you can lodge a complaint with the Information Regulator at inforegulator.org.za
EU Supervisory Authority
EU residents can also contact their local supervisory authority.
Updates to This Notice
We may update this notice from time to time to reflect changes in our practices or applicable law. We will notify you of material changes via email or through our platform.
Last Updated: January 1, 2025
Effective Date: January 1, 2025