top of page

Privacy Policy

For: Clients, Vendors and Users of our Platforms

Last Updated: 25 March 2024

 

Please read this Privacy Notice carefully to understand how we handle your Personal Data. If you object to any part of this Privacy Notice, please refer to the ‘Contact us’ section of this Notice, and provide reasons for your objection, as soon as possible. 

​

INTRODUCTION

 

This Notice applies to all Processing of Personal Data carried out by CloudPilot (Pty) Ltd  ("CloudPilot") acting as a Data Controller (‘Responsible Party’) and/or internal Processor for the purpose of CloudPilot’s business activities.

​

This Privacy Notice does not govern all the information we may process. This Notice only applies to the following external parties we interact with, including:

  1. our potential and existing clients;

  2. recipients of our Services;

  3. suppliers and contractors (“Vendors”);

  4. visitors to our offices;

  5. users of our website, platforms, mobile applications or related software systems (“Platforms”);

  6. individuals or entities who otherwise interact with us;

 

If you contract with an HRMS Affiliate, that company is the service provider and ‘Data Controller’ and/or Processor of your Personal Data.

​

Our commitments to job applicants, employees, and brokers are governed by separate privacy notices.

​

Capitalised terms as they appear in this Privacy Notice are defined in Appendix 1 (Definitions).

​

CONTACT US

 

Our Information Officer handles questions concerning this Privacy Notice, your data protection rights, access to information rights and any complaints.

 

Further contact information and forms attached to our Access to Information Manual which is available on our website at: https://www.cloudpilot.co.za/

​

OUR SERVICES

 

We offer a wide range of cloud based services for individuals and businesses, which include (among others):

  1. Google Workspace.

  2. Email branding.

  3. CRM and Productivity solutions.

  4. Cloud based accounting and payroll solutions..

(Collectively, “our Services”).

 

We collect Personal Data about you when you:

  1. contract with us for our Services;

  2. make an appointment or inquire about any of our Services;

  3. access our Platforms;

  4. contact us, or otherwise interact with us;

  5. visit our offices.

​​

YOUR ACKNOWLEDGEMENT

 

By providing us with your Personal Data, you acknowledge and confirm that you have read and understood this Privacy Notice.

​

WHAT PERSONAL DATA WE COLLECT, AND HOW WE COLLECT IT?

 

Information you provide directly to us

 

We collect a variety of Personal Data that you provide directly to us. For example, we collect information from you when:

​

  1. When you engage with our Services or make inquiries, you may provide us with Personal Data (including your business’ or Personal Data) such as:

    • Full names;

    • Contact information;

    • Physical, postal, billing addresses;

    • Identification documents (such as an identity document or passport);

    • Preferred languages;

    • Gender, race and marital status;

    • Financial information;

    • Business or related documents and registration numbers

  2. When you provide us with Personal Data related to your needs, including:

    • Correspondence, instructions, and preferences;

  3. Communication via various channels, including forms, email, or messaging platforms, where you provide information or feedback.

  4. Participation in surveys, research, or training programs related to cloud based IT platforms.

  5. Providing us with signed legal documents necessary for service provision.

  6. Information we collect through passive (automated) means

 

We collect certain information automatically, including but not limited to:

  1. Interaction data (clicks and views)

  2. IP address and technical details

  3. Device and internet connection details

  4. Geolocation data (general region, specific location with permission); and

  5. Cookies and similar technologies usage data

 

This means when you access or view our Marketplace, whether or not you are a registered user, we can see:

  1. what you click.

  2. what you view.

  3. how long you spend on pages.

  4. your city or town (not exactly where you are unless we ask permission).

  5. your device and internet connection details such as: type of device you’re using, IP address and details about your internet connection, technical details such as your screen size and the software you’re using, such as your web browser.

  6. your unique advertising or other identification numbers allocated to your browser or device

 

We don’t often know exactly who you are from this data. But sometimes we may connect this data with other information we hold about you, for example, when you submit a form to us.

​

To learn more about how we use cookies, view our Cookie Statement.

 

Some of this data is collected by:

  1. Our partners: These may be website hosts or social media sites.

  2. Cyber-security filtering technology: This keeps our website safe from fraud and crime.

  3. Cookies and similar technology: These are set on your device by us and our trusted partners, such as Google Analytics.

 

To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.

 

Information Collected from Third Parties

We may also receive your Personal Data indirectly from, among others, the following sources (including public parties):

  1. the United Nations Money Laundering and Financing of Terrorism Sanctions list and other equivalent sanctions lists to ascertain your international criminal status and risk profile;

  2. press, newspapers, and journalist publications in connection with our Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) obligations and to perform our Services;

  3. Government authorities and law enforcement;

  4. our clients (such as a business or Body Corporate) may supply us with their directors or trustees, owners, tenants, residents, contractors’, or employees’ Personal Data to allow us to render our Services to them;

  5. Our clients (such as businesses or Body Corporates), who may provide us with (or instruct their managing agent to provide us with) Personal Data of their directors or trustees, owners, tenants, residents, contractors, or employees to enable us to deliver our Services to them.

  6. Other Data Controllers, with whom we collaborate as contracted outsourced Processors or co-Data Controllers to perform our Services for legitimate business purposes, responding to requests for cloud based products and services, and as required by law, including:

    • Affiliates for legitimate business purposes, to respond to your requests or inquiries about cloud-based products and services;

    • your authorised agents to respond to your requests for cloud-based products and services as submitted by them to us on your behalf;

    • law enforcement; and

    • credit bureaus, where permitted.

    • third party social networks (such as Facebook, Instagram and Google) if you interact with us through them; and

    • advertising interactions (if you interact with one of our ads on a third-party website, we may receive information about that interaction).

​​

When we collect your Personal Data from third parties it is either because:

  1. you have given us express consent to do so, your consent was implied by your actions, or because you provided consent, either explicit or implicit, to the third party that provided this information to us;

  2. it is required by law; or

  3. it is strictly necessary for us to do so to protect the legitimate or vital interests of:

    • our clients;

    • CloudPilot or any Affiliate; or

      • the Data Subject; or

      • it is strictly necessary for us or the third party to perform in terms of a contract (or enter into a contract) with you (the Data Subject).

​​

When you provide us with Personal Data about others

​

If you provide us with Personal Data about someone else, such as your customers, owners, tenants, residents or employees, you are responsible for ensuring compliance with any obligations and consent requirements under applicable data protection laws regarding such disclosure.

​

You must ensure that you have provided the necessary notices to the individual and, if required by law, obtained the individual’s consent to provide us with this Personal Data. It is crucial that you explain to them how we collect, use, disclose, and retain their Personal Data, or direct them to read this Notice.

​

In cases where HRMS contracts with an authorised managing agent, to process Personal Data on their behalf, the managing agent and/or their Body Corporate client will act as the Data Controller, and the parties may enter into a data processing agreement to formalise their respective roles and responsibilities.

​

SPECIAL PERSONAL DATA

 

Where we need to process your Special Personal Data, we will do so with your authorisation, for a lawful purpose in the ordinary course of our business, or per applicable laws. We will explain why we are collecting it at the time of collection.

 

CHILDREN

  1. We do not generally process Personal Data about persons under the age of 18 years old. If a situation arises where it becomes necessary, we will rely on the consent of a competent person, such as a legal guardian, who has the authority to provide consent on behalf of the child unless it is necessary for us to establish, exercise, or defend a right or obligation in law.

  2. In all instances, we will handle information about children with utmost care and take appropriate measures to ensure their privacy and protection. Safeguarding the rights and well-being of children is of paramount importance to us.

  3. Please note that this privacy statement is subject to any specific legal requirements and regulations governing the processing of Personal Data about children, and we will comply with such obligations as applicable.

​​

HOW AND WHY, WE USE YOUR PERSONAL DATA?

 

Consent

​

  1. Where required by law, we will obtain your consent to process your name and email address to send you emails containing marketing materials;

  2. look at the way you use our website, so that we can improve the Services that we offer (for example, by personalising our communications with you) and to make sure you have the best experience on our website;

  3. make use of cookies on our website to distinguish users and improve your experience on our website.

  4. When collecting Personal Data about children, beneficiaries or dependants, we rely on consent from a competent person, such as a legal guardian, as required by law.

 

You may withdraw your consent at any time after giving it to us. This will not affect any processing done before you withdraw your consent – please refer to Paragraph 17 (Your Data Protection Rights) below on how to withdraw your consent.

​

Contract

​

We process your Personal Data if it is necessary to enter or perform under a contract or policy that we have with you as a client, or to provide a solution to you. This includes:

​

  1. to provide clients with our Services, and solutions they have requested;

  2. processing, collecting, and administering payments (like a debit order) for our Services rendered;

  3. to communicate with you about the Services, your use of the Services, updates on your policy renewals or your inquiries related to the Services and send you communications on behalf of our Processors we use to carry out the Services to meet your needs;

  4. to respond to client enquiries and complaints (this typically requires the use of certain contact information and data regarding the reason for your enquiry (e.g., claim status, service or product question, or complaint);

  5. to meet our record-keeping and reasonable archiving obligations;

  6. to enforce and collect on any agreement when client or Vendor is in default or breach of the terms and conditions of an agreement, such as to institute legal proceedings against a client or Vendor;

  7. transferring or giving access to limited and necessary Personal Data to our contracted Vendors or consultants as needed to perform our obligations to you (for example, specialists).

  8. for security and identity verification, and to check the accuracy of Client or Vendor Personal Data; and

  9. for any other related and lawful purposes brought to your attention from time to time.

​​

By law

We process client and Vendor Personal Data if the law requires or permits it. This includes:

​

  1. for the enforcement of our contractual rights and obligations;

  2. verifying your identity and status to comply with legislative, regulatory, professional, risk and compliance requirements such as our recording and reporting obligations to the following bodies in the relevant jurisdictions:

    • Anti-money laundering and anti-terrorism financing  regulatory bodies;

    • Central banks or reserves;

    • Data protection authorities and regulators;

    • Government Departments of Labour or employment;

    • Tax revenue authorities;

    • Other public authorities.

  3. to enable you to participate in the debt review process under the National Credit Act 34 of 2005;

  4. performing internal accounting and auditing activities;

  5. to process data subject access requests under applicable data protection laws;

  6. to meet our record-keeping obligations; and

  7. for any other related and lawful purposes brought to your attention from time to time.

  8. Legitimate interests

 

Other

​

We process Personal Data when it is necessary to pursue your legitimate interests, our interests or those of our client. This may include to:

​

  1. answer any requests or questions you might have;

  2. manage client relationships and market our services to you;

  3. determine the effectiveness of our sales, marketing, and advertising;

  4. use secure and effective third-party technology platforms to administer and manage our client verification processes, servers and communications;

  5. detect, prevent, manage, and protect against fraud, security breaches, misuse, and other prohibited or illegal activity, claims and other liabilities;

  6. maintain the safety, security and integrity of our website, our Services, products, intellectual property, databases, networks, and other technology assets;

  7. protect our rights in any litigation that may involve you;

  8. do general due diligence and risk assessments;

  9. enforce and defend other legal claims;

  10. trace debtors;

  11. manage business continuity incidents and emergencies;

  12. analyse and gather metrics to better understand how customers and potential clients use our Services and Platforms, and to evaluate and improve our Services (such as content creation, product offerings and quality management); and

  13. conduct market and behavioural research, including scoring and analysis to determine if you qualify for products and services; and to market to you or provide you with products, goods and services. If you purchase products or services from us, we can market other similar products and services to you even after this membership agreement ends and share market innovations with you.

  14. achieve purposes otherwise described to you when collecting your information.

  15. Third-party collection

    • When we collect your Personal Data from third parties it is because we are required to do so by law or because such third parties have:

    • authorised or instructed us to do so; and

    • have represented to us (either express or implied) that:

    • their instructions are lawful;

    • they are allowed to disclose such Personal Data to us;

    • they have obtained your consent, or justified the legitimate or vital interest pursued, or recorded the legal obligation or public task pursued; and

    • they have provided all relevant privacy notices to you as a data subject.

 

We use your Personal Data only for the purpose for which it was originally collected by the relevant Data Controller and strictly following their instructions and authorisation.

 

Combined data

​

For the purposes discussed in this Notice, we may combine the data that we collect through the Services with data that we receive from other sources, and use and share such combined data in compliance with this Notice.

​

  • Further processing limitation

​​

We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without providing you notice and obtaining your consent.

​

WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

We may share your Personal Data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf as Processors and require access to such information to do that work.

  1. We have contracts in place with our Processors which are designed to help safeguard your Personal Data. This means they cannot do anything with your information unless we have instructed them to do it and they will also not share your Personal Data with any other organisation apart from us.

  2. The categories of Processors we may share, access or store your information are as follows:

    • cloud computing and data storage services;

    • IT systems, servers, email, communications and related infrastructure;

    • affiliated HRMS specialists, brokers, trainees and consultants;

    • IT support services;

    • cybersecurity services;

    • debt collection agencies;

    • couriers and transportation providers.

​​

We may also share your Personal Data in any of the following situations:

​

Affiliates. We may share your information with our Affiliates.

  1. where an Affiliate provides 1 of the above services to us as a Processor; or

    • for example, we may share your name and contact information with an Affiliate who handles customer requests, lead inquiries or performs any part of the Services on our behalf; or

    • if we, in good faith, believe that such access, retention or disclosure to our Affiliate is reasonably necessary to:

  2. comply with legal process (e.g., a subpoena or court order);

  3. enforce our terms and conditions, this Privacy Notice, or other contracts with you, including investigating any potential violations to such terms and policies;

  4. respond to claims that any content violates the rights of third parties;

  5. respond to your requests for customer service; or

  6. to mitigate any reasonable risk, or to protect the rights, property or personal safety of the Affiliate and its service providers, its customers or the public.

  7. Business Partners. For example, we may:

    • collect and process your Personal Data provided by your property managing agent or their agent, which may include Personal Data about your owners, tenants, residents, members, and trustees/directors, as well as property-related information, to respond to your requests for Services;

    • use this information to request, on your behalf, quotes and product information, from our Business Partners in response to your request or inquiry; and

    • sharing limited Personal Data with Business Partners only to the extent necessary to enable HRMS and your property managing agent to procure or facilitate the procurement of the requested quotes and information from our Business Partners.

    • Business transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

  8. With government departments and other regulatory or self-regulatory bodies, if required to do so by law or there is a reasonable belief that such is necessary for:

    • compliance with the law or with any legal process; or

    • the protection and defence of the rights, property or safety of HRMS, any Affiliate, our clients, users, employees, Vendors, brokers, or any third party.

  9. As you direct us. We may also disclose your Personal Data in other ways you direct us to.

  10. ​

COMPULSORY INFORMATION AND CONSEQUENCES OF NOT SHARING

 

Where we must process certain Personal Data by law, or in terms of a contract that we have entered with you, and you fail to provide such Personal Data when requested to do so (for example, identification verification documents), we may be unable to perform in terms of the contract in place or are trying to enter with you. In such a case, we may have to terminate the contract and/or relationship with you, upon due notice to you, which termination shall be done in accordance with the terms of that contract and any applicable legislation.

​

WILL WE USE YOUR DATA TO MAKE AN AUTOMATED DECISION ABOUT YOU?

 

We do not use your Personal Data to make any automated decisions about you. If we use formulas or algorithms to assess your risk profile as a client, a human being will always input, review, and assess the information manually before making any decisions.

​

STORAGE AND TRANSFER OF PERSONAL INFORMATION

 

Generally, the Personal Data collected about you will be processed in the Republic of South Africa (“RSA”) or the country of the Affiliate that you are contracting with.

​

If you contract with HRMS, then we may transfer and store your Personal Data onto our servers located within the European Economic Area (“EEA”) and subject to strict data protection laws such as the EU GDPR.

​

If you contract with an Affiliate, limited Personal Data may be transferred to or accessible from countries outside of the country in which you reside or operate, depending on which Affiliate you contract with.

​

Some of these countries may not necessarily have data protection laws as comprehensive as the EEA. However, we’ll ensure your Personal Data has an appropriate level of protection and that the transfer is in line with applicable legal requirements.

​

We may need to transfer your data in this way to carry out our contract with you, to fulfil a legal obligation, and/or for our legitimate interests.

​

When transferring Personal Data outside of RSA, we have implemented appropriate safeguards as required by the POPIA and other applicable data protection laws , including but not limited to:

​

  1. Standard Contractual Clauses (“SCCs”): Ensure that we, as the Data Controller, have SCCs in place when transferring Personal Data to non-RSA and non-EEA countries or to third-party Processors outside these territories. These clauses serve as legally binding agreements that guarantee the protection of Personal Data at the same level as within RSA.

  2. Encryption of data: Encrypting Personal Data before transfer helps to ensure that it cannot be accessed by unauthorised parties.

 

For more information about the safeguards we implement to protect your Personal Data during international transfers, please contact our Information Officer.

​​

SECURITY AND INTEGRITY

 

We will take appropriate and reasonable technical and organisational steps to protect all Personal Data held by us in line with industry practices, including protection against accidental or unlawful destruction, accidental loss or alteration, and unauthorised disclosure or access. This includes the following:

  1. keeping systems secure (such as monitoring access and usage);

  2. storing records securely;

  3. controlling the access to our premises, systems and records;

  4. safely destroying or deleting records;

  5. encrypting and/or password protecting sensitive data;

  6. protecting our servers using firewalls and limiting access to information on a strictly need to know basis;

  7. testing the security of our website and IT systems;

  8. periodically reviewing our collection, storage and processing practices, including physical and digital security measures.

 

Despite these robust security measures, Data Subjects acknowledge that the possibility exists, whilst unlikely, for unauthorised third parties to access their information , e.g., because of an illegal activity.

​

We will let you and the Competent Regulator(s) know of any data breaches or security compromises where we are legally required to do so and within the prescribed time.

​

RETENTION AND DELETION

 

We will only retain your Personal Data for as long as it is necessary to fulfil the purposes explicitly set out in this Notice. The length of time for which we retain information depends on the purposes for which we collect and use it or as required to comply with applicable laws.

​

We determine the appropriate retention period for Personal Data by considering, among other things, the nature and sensitivity of the Personal Data, the potential risks or harm that may result from its unauthorised use or disclosure, the purposes for which we process it and whether those purposes may be achieved through other means. We will always comply with applicable legal, regulatory, tax, accounting, labour, or other requirements as they apply to the retention of Personal Data.

​

If there are no other lawful grounds for us to continue processing your Personal Data, we will destroy such information using secure methods.

​

If we act as your Processor, then we will retain and destroy your Personal Data in accordance with your documented instructions.

​

MAINTENANCE, CORRECTIONS AND ACCESS

 

Where we act as a Data Controller, we are required to take all necessary steps to ensure that your Personal Data is accurate, complete, not misleading, and up to date.

​

Anyone about whom we maintain Personal Data may request to inspect and, if appropriate, correct the Personal Data held by us. It is your responsibility to inform us should your Personal Data be incorrect, incomplete, misleading or out-of-date by contacting us. We may require additional information from the requesting party to confirm the legitimate basis for the request and your identity and authority to do so. Upon receipt and verification of the corrected Personal Data, we will adjust our information or records accordingly.

​

A request for correction/deletion of Personal Data or destruction/deletion of a record of Personal Data must be submitted using the prescribed form which is available in our Access to Information Manual. A copy of this Manual is available on our website.

​

REDUCING THE COLLECTION OF UNNECESSARY INFORMATION

 

We have service level agreements or engagement terms with clients and third parties who send us Personal Data (either in our capacity as a Data Controller or Processor).

​

These state that only relevant and necessary information is to be provided as it relates to the processing activity we are carrying out.

​

We have destruction procedures in place where a data subject or third party provides us with Personal Data that is surplus to our requirements.

​

DATA SUBJECT ACCESS RIGHTS (“DSARs”)

 

You have several rights in relation to the Personal Data that we hold about you. These rights include:

the right to see information we hold about you and to get information about what we do with it;

​

  1. if we rely on your consent to process your Personal Data, you have the right to withdraw your consent at any time, that you can do at any time. We may continue to process your data if we have another legitimate reason for doing so;

  2.  in some circumstances, the right to receive certain information you have provided to us in an electronic format and/or ask that we send it to a third party;

  3. the right to ask that we correct your Personal Data if it’s inaccurate or incomplete;

  4. in some circumstances, the right to ask that we delete your Personal Data. We may continue to keep your information if we’re entitled or required to keep it;

  5. the right to object to, and to ask that we limit our processing of your Personal Data in some circumstances. Again, there may be situations where you object to, or ask us to limit our processing of your Personal Data but we’re entitled to continue and/or to refuse that request.

 

You can exercise your rights by contacting us using the details set out in the ‘Contact Us’ section of this Notice and referring to our Access to Information Manual.

​

You also have a right to complain to the Competent Regulator, or the regulator in the country where you reside or operate.

​

WEBSITE COOKIES

 

We may place small text files called “cookies” on your device when you visit our website. Cookies do not hold Personal Data, but they do contain a personal identifier allowing us to affiliate your Personal Data with a certain device. Cookies serve useful purposes for you, including:

​

  1. remembering who you are as a user of our website to remember any preferences you may have selected on our website, such as saving your username and password, or settings (“functional cookies”);

  2. allowing our website to perform their essential functions. Without these cookies, some parts of our website would stop working (“essential cookies”). For example, data on error messages displayed to Users will be collected and the developer team will assess and solve it;

  3. monitoring how our website are performing, and how you interact with it to understand how to improve our website or Services (“site analytics”).

 

Refer to our Cookie Statement for more information on our use of cookies.

Your internet browser may accept cookies automatically and you can delete cookies manually. However, no longer accepting cookies or deleting them may prevent you from accessing certain aspects of our website where cookies are necessary.

 

As cookies are stored in the web browser used to access our website, to disable cookies you need to change the settings on that browser. Many websites use cookies and more information is available at: www.allaboutcookies.org.

​

LINKS TO THIRD PARTY WEBSITES

 

While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, or the security or privacy practices employed by other sites. We recommend that you always read the privacy and security statements on such sites.

​

GOVERNING LAW

 

This Notice is governed by the laws of the Republic of South Africa. Specific Data Protection Laws may also apply to your Personal Data based on your location or the location of the Affiliate with which you are contracting.

​

We aim to ensure compliance with the relevant Data Protection Laws in each jurisdiction where we operate and strive to align our data protection practices with international best practices.

​

If any provision of this Privacy Notice is determined to be illegal, void or unenforceable due to applicable law or by order of court, it shall be deemed to be deleted and the continuation in full force and effect of the remaining provisions shall not be prejudiced.

​

CHANGES TO THIS NOTICE

 

We may amend this Privacy Notice from time to time, and we will take reasonably practicable steps to inform you when changes are made. Without limiting the manner in which we may inform you, we may notify you by email, or by posting an updated notice on our website.

 

DEFINITIONS

​

Affiliates

Includes any subsidiaries, joint venture partners, or other companies that form part of CloudPilot, or that we control or that are under common control with us;

​

Applicable Data Protection Laws

the legal regulations and requirements that govern the collection, processing, storage, and protection of Personal Data. These laws vary by jurisdiction and may include, among others, South Africa’s POPIA, EU’s GDPR, Mauritius’ Data Protection Act,  and other data protection laws specific to the country of operation, and industry-specific regulations.

 

Business Partners

Includes our Affiliates and CloudPilot’s network of product and solutions providers.

 

Competent Regulator

means the relevant data protection authority, as determined by Applicable Data Protection Laws, which may include:

 

  • EU member state - Equivalent authority in any EU member state edpb.europa.eu

  • Mauritius - Data Protection Office - dataprotection.govmu.org

  • South Africa - Information Regulator - Inforegulator.org.za

 

Data Controller

A Data Controller is the entity responsible for determining the purposes and means of processing Personal Data. In the context of this Privacy Notice, the Data Controller refers to the relevant Affiliate that collects and manages your Personal Data. (Also known as ‘Responsible Party’ under POPIA)

 

Data Subject

A Data Subject is an individual or legal entity whose Personal Data is being collected, processed, or stored. In this Privacy Notice, Data Subjects are our clients (including their owners, members, trustees, directors, tenants, residents, employees and vendors), and our Vendors.

 

EU

European Union.

​

GDPR

The General Data Protection Regulation. A comprehensive data protection regulation enacted by the European Union (EU) to safeguard the rights and privacy of EU citizens’ Personal Data. It sets out principles and requirements for the processing of Personal Data.

​

CloudPilot

CloudPilot (Pty) Ltd, a private company registered in South Africa.

​

Personal Data

any information that relates to an identifiable individual or legal entity, referred to as a ‘Data Subject’. Personal Data includes but is not limited to those types described in Paragraph 5 (What information we collect) of this Notice, and any other information specific to a person.

​

POPIA

Protection of Personal Information Act 4 of 2013, as amended.

​

Processor

an entity or organisation that processes Personal Data on behalf of the Data Controller. Processors are typically engaged by the Data Controller to perform specific data processing activities, and they are required to adhere to data protection obligations and security measures. (Also known as ‘Operator’ under POPIA)

​

Special Category Personal Data

Personal Data that uniquely characterises an individual and falls under the special categories defined by Applicable Data Protection Laws, such as racial or ethnic origin, religious beliefs, health data, or biometric information.

​

Vendor

third party providers of various services with whom we engage, including, but not limited to, software licensors, developers and suppliers of software, providers of information technology, communication, file storage, data storage, copying, printing, couriers, distribution/logistics, accounting or auditing services, counsel, investigators, attorneys, and our insurers, brokers, and professional advisors.

bottom of page