Privaatheidsbeleid

Effective Date: 29 June 2024

1. Introduction

Cape Thermal (Pty) Ltd (“Cape Thermal”) respects your privacy and is committed to protecting your personal information in compliance with the Protection of Personal Information Act (POPIA) of South Africa and international best practices. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, purchase our products or services, or interact with us in other ways.

2. Information We Collect

  • Personal Information: We collect personal information, such as your name, billing and shipping addresses, email address, phone number, and ID number. We collect this information only for the purpose of fulfilling your orders, providing customer support, and communicating with you about our products and services, as detailed in this policy. The lawful basis for processing this information is the performance of a contract and our legitimate interests in providing and improving our services. We will not use your personal information for any other purpose without your express consent.

  • Payment Information: We collect payment information, including credit card numbers, solely to process your transactions securely. We do not store your full credit card information on our servers. The lawful basis for processing this information is the performance of a contract.

  • Device Information: We automatically collect information about your device, such as your IP address, browser type, time zone, and cookies. This information is used solely to improve our website functionality, analyse usage patterns, and personalize your experience. The lawful basis for processing this information is our legitimate interest in understanding how our website is used and making improvements to better serve you.

  • Usage Information: We collect information about your interactions with our website, including pages visited, products viewed, and search terms used. This information helps us personalize your experience and tailor our marketing efforts. We will obtain your explicit consent before using your information for marketing purposes.

3. How We Use Your Information

We use your personal information only for the purposes stated in this Privacy Policy or as required by law. These purposes include:

  • Fulfilling Orders: Processing and shipping your orders, sending order confirmations and updates, and providing customer support.

  • Improving Our Services: Analysing your information to understand how you use our website and services to enhance our offerings and personalize your experience.

  • Communicating with You: Sending you emails or messages about our products, services, promotions, or other relevant information, with your consent.

  • Complying with Legal Obligations: Processing your information to comply with applicable laws and regulations, including POPIA.

  • Marketing and Advertising (with consent): Personalizing marketing communications and showing you targeted advertisements based on your interests.

4. How We Share Your Information

  • Service Providers: We share your information with trusted third-party service providers who help us operate our business, such as payment processors (Pay Fast), shipping companies, and marketing platforms (Google Analytics, Meta Pixel). These providers are contractually obligated to protect your information and only use it for the purposes we specify.

  • Legal Compliance: We may share your information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful requests for information we receive, or to otherwise protect our rights.

  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred to the new owner.

  • Suppliers: We may share your address and contact information with our relevant suppliers to fulfil your orders for thermal imaging technology, in compliance with the Wassenaar Arrangement. We will only share the minimum necessary information to fulfil your order and will not share your information for any other purpose without your consent.

5. Cookies and Tracking Technologies

  • Cookies: We use cookies and similar technologies (e.g., web beacons, pixels) to enhance your browsing experience, analyse website traffic, personalize content, and track the effectiveness of our advertising campaigns. You can manage your cookie preferences through your browser settings. We will obtain your consent before placing any non-essential cookies on your device.

    • Essential Cookies: These cookies are necessary for the website to function properly and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.

    • Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

    • Functional Cookies: These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages.

    • Targeting Cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.

  • Google Analytics: We use Google Analytics to analyse website usage and gather insights about our audience. You can opt out of Google Analytics by installing the opt-out browser add-on.

  • Meta Pixel: We use the Meta Pixel for marketing and advertising purposes, including tracking conversions from our Facebook ads, optimizing ads, building targeted audiences, and remarketing to qualified leads.

  • WhatsApp: We may use WhatsApp to communicate with you about your orders, provide customer support, or send marketing messages if you have opted in to receive them.

6. Your Rights Under POPIA

Under the Protection of Personal Information Act (POPIA), you have the right to:

  • Access: Request access to your personal information held by Cape Thermal.

  • Correction: Request correction of any inaccurate or incomplete personal information.

  • Deletion: Request deletion of your personal information, subject to certain exceptions (e.g., legal obligations).

  • Object: Object to the processing of your personal information for direct marketing or based on legitimate interests.

  • Restrict: Request restriction of the processing of your personal information in certain circumstances.

  • Data Portability: Request a copy of your personal information in a structured, commonly used, and machine-readable format.

To exercise your rights, please submit a written request to our Information Officer using the contact information provided below. You can also access and update your information by logging into your account on our website.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Encryption of sensitive data during transmission and storage using industry-standard encryption protocols.

  • Access controls to restrict access to your information to authorized personnel only, based on the principle of least privilege.

  • Regular security assessments and vulnerability scans conducted by third-party security experts to identify and address potential vulnerabilities.

  • Employee training on data protection and security best practices to ensure that our staff is aware of the importance of protecting your information.

  • Incident response plans to address any potential security breaches promptly and effectively, including notification to affected individuals and relevant authorities as required by law.

8. Data Retention

We retain your personal information for no longer than is necessary for the purposes for which it was collected. We will retain:

  • Order information for 7 years for tax and accounting purposes.

  • Customer support inquiries for 3 years.

  • Website usage data for 2 years for analytics and improvement purposes.

  • Marketing information (with your consent) for as long as you remain subscribed to our marketing communications or until you withdraw your consent.

We will securely delete or anonymity your personal information when it is no longer needed for the purposes outlined in this policy.

9. Cross-Border Data Transfers

We may transfer your personal information to countries outside of South Africa, including the United States and the European Union, for processing or storage. In such cases, we will ensure that your information is protected by appropriate safeguards, such as standard contractual clauses approved by the European Commission or binding corporate rules, in accordance with POPIA and other applicable data protection laws.

10. Direct Marketing

We may use your personal information to send you marketing communications about our products and services, but only with your explicit consent. You can withdraw your consent for direct marketing at any time by clicking the “unsubscribe” link in our emails or contacting our Information Officer.

11. Children's Privacy

Our website and services are not intended for children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us, and we will take steps to delete that information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by making our latest privacy policy available on this website.

13. Contact Us

If you have any questions or concerns about our Privacy Policy or how we handle your personal information, please contact us at:

Cape Thermal (Pty) Ltd

+27 87 183 2652

popi@capethermal.com

Mr CD Vangelder (Information Officer)

You also have the right to lodge a complaint with the Information Regulator of South Africa:

Information Regulator (South Africa)

Stiemens Street

Braamfontein, Johannesburg, 2001

P.O Box 31533

Braamfontein, Johannesburg, 2017

14. Breach Notification

In the event of a data breach that poses a risk of harm to your rights and freedoms, we will notify you and the Information Regulator of South Africa without undue delay, as required by POPIA. A “data breach” refers to a confirmed security incident that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal information. This includes instances where the security of personal information has been compromised, whether through cyberattacks, human error, or other means.