1. Introduction
CEOS Technologies (hereafter “the Company”) is committed to complying with the Protection of Personal Information Act, 4 of 2013 (“POPIA”), which promotes the constitutional right to privacy, while balancing this against the need to access and use personal information for legitimate business purposes.
This compliance statement sets out how CEOS Technologies lawfully processes, protects, stores, and manages personal information collected from clients, suppliers, employees, and website users.
2. The Purpose of Processing Personal Information
We collect and process personal information to:
-
- Provide and deliver our products and services.
-
- Comply with legal obligations (e.g., SARS, B-BBEE, UIF, SDL).
-
- Administer employment relationships.
-
- Communicate with stakeholders.
-
- Conduct internal analytics and service improvements.
-
- Fulfil contractual obligations and respond to enquiries.
3. Lawful Basis for Processing
Personal information will only be processed where there is a lawful basis to do so, such as:
-
- Consent: You have provided clear and voluntary permission.
-
- Contract: Processing is necessary to fulfil a contract.
-
- Legal Obligation: Processing is required by law.
-
- Legitimate Interest: Processing is required for our legitimate interests unless these are overridden by your data protection rights.
4. Personal Information We Process
This includes, but is not limited to:
-
- Name, contact details, identity number
-
- Email address, physical and postal address
-
- Banking and payment information
-
- Employment and educational background
-
- Device and browser data (when using our website)
5. Security Safeguards
We implement appropriate technical and organisational measures to:
-
- Protect personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.
-
- Limit access to personal information only to those who require it for business purposes.
-
- Regularly test and review our information security measures.
6. Data Subject Rights
Under POPIA, you have the right to:
-
- Access personal information held about you.
-
- Request correction, deletion, or restriction of processing.
-
- Object to processing of your personal data.
-
- Withdraw consent (where applicable).
-
- Lodge a complaint with the Information Regulator.
You may submit these requests by contacting our Information Officer via the contact details provided below.
7. Information Sharing and Disclosure
We do not sell your personal information. We may share your information with:
-
- Service providers and business partners who assist in delivering our services.
-
- Regulatory authorities as required by law.
-
- Parties in the event of a company merger, acquisition, or similar transaction.
8. Cross-Border Data Transfers
We do not transfer your personal information outside South Africa unless:
-
- The recipient country has laws that provide equivalent protection.
-
- We have concluded an agreement with the third party ensuring POPIA-compliant safeguards.
9. Retention and Destruction
We retain personal information only as long as necessary to:
-
- Fulfil our business purposes and legal obligations.
-
- Maintain service records and tax compliance.
-
- Resolve disputes and enforce agreements.
When no longer required, information is securely deleted or destroyed.
10. Children’s Information
We do not process personal information of minors without the express consent of a parent or legal guardian, or a lawful reason as defined in POPIA.
11. Contact Details
For any POPIA-related questions, access requests, or concerns, suggestions :
- Information Officer
- CEOS Technologies (Pty) Ltd
- 📧 Email: online@ceos.co.za
- 📞 Tel: +27861 111 231
- 💬WhatsApp : +27837 301 427
- 📍 Physical Address: 123 Drysdale, Northwold, Gauteng, 2188
12. Changes to This Statement
We may update this POPIA compliance statement from time to time to reflect legal or operational changes. Updated versions will be published on our website.