Legal

Privacy Policy

Last updated: 2026. This policy explains how Paarl IT collects, uses, and protects your personal information in accordance with the Protection of Personal Information Act (POPIA).

1. Who We Are

Paarl IT is the Responsible Party as defined under POPIA. We determine the purpose and means of processing your personal information.

Contact: info@paarlit.co.za | +27 21 501 0105

2. Information We Collect

We collect the following categories of personal information:

  • Identity: Full name, company name
  • Contact: Email address, phone number, physical/postal address
  • Account: Login credentials (passwords are hashed and never stored in plain text)
  • Transaction: Order history, invoices, payment status (we do not store card numbers)
  • Technical: IP address, browser type, device information, usage data
  • Support: Communications, ticket content, call logs

We collect information directly from you when you register, make a purchase, book a service, or contact us. Some technical data is collected automatically.

3. Why We Process Your Information

We process your personal information for the following purposes:

  • To deliver and manage services you have requested
  • To process payments and issue invoices
  • To dispatch and track product orders
  • To communicate with you about your account, services, and support requests
  • To comply with legal and regulatory obligations
  • To improve our website and services
  • With your consent: to send promotional communications

4. Legal Basis for Processing

We process your information on the following grounds:

  • Contract: To fulfil our obligations under a service agreement or purchase
  • Legal obligation: Where required by law (e.g. tax records)
  • Legitimate interest: For fraud prevention, security, and service improvement
  • Consent: For marketing communications (you may withdraw consent at any time)

5. Third Parties We Share Information With

We share your information only where necessary, with the following categories of third parties:

  • iKhokha — payment processing for once-off transactions and card payments. Their privacy policy applies to payment data.
  • PayFast — payment processing for subscription billing. Their privacy policy applies to subscription payment data.
  • The Courier Guy / Shiplogic — delivery of physical products. Your name and delivery address are shared for fulfilment.
  • Suppliers — your delivery address may be shared with our supplier network for drop-ship orders.
  • Hosting providers — our infrastructure providers process data as part of service delivery, under data processing agreements.

We do not sell your personal information to third parties.

6. International Transfers

Some of our service providers may process data outside South Africa. Where this occurs, we ensure appropriate safeguards are in place in accordance with POPIA and applicable data protection law.

7. How Long We Keep Your Data

We retain your personal information for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specifically:

  • Account data: for the duration of your account and up to 5 years after closure
  • Transaction and invoice records: 5 years (SARS requirement)
  • Support communications: 2 years
  • Marketing consents: until withdrawn

8. Your Rights Under POPIA

As a data subject you have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your information (subject to legal retention obligations)
  • Objection: Object to processing based on legitimate interest
  • Withdraw consent: Unsubscribe from marketing at any time
  • Complain: Lodge a complaint with the Information Regulator of South Africa

To exercise any of these rights, email us at info@paarlit.co.za. We will respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, or destruction. These include encrypted data storage, secure HTTPS connections, and access controls.

In the event of a data breach that poses a risk to your rights, we will notify you and the Information Regulator as required by POPIA.

10. Cookies

Our website uses session cookies necessary for site functionality (such as keeping you logged in). We do not use tracking or advertising cookies. By using our site you accept the use of these essential cookies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised date. Material changes will be communicated to registered users via email.

12. Contact and Complaints

For privacy queries or to exercise your rights, contact our Information Officer:

Paarl IT
info@paarlit.co.za
+27 21 501 0105
Paarl, Western Cape, South Africa

To lodge a complaint with the Information Regulator of South Africa:

The Information Regulator (South Africa)
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
complaints.IR@justice.gov.za

Terms of Service Refund Policy POPIA Compliance
WhatsApp