Effective Date: October 2024

Introduction

Design Afrique (“we”, “our”, “us”) is committed to protecting your privacy and ensuring that your personal information is collected and used correctly, lawfully, and transparently. This privacy policy outlines how we collect, use, disclose, and protect your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) for the European Union and the Protection of Personal Information Act (POPIA) in South Africa.

 

  1. Data Controller Information
  • For EU/UK Residents: Design Afrique, registered at 41a Porter St, Rawsonville, 6845, is the data controller for the General Data Protection Regulation (GDPR).
  • For South African Residents: Design Afrique, registered at 41a Porter St, Rawsonville, 6845, is the responsible party under the Protection of Personal Information Act (POPIA).

If you have any questions or concerns regarding the processing of your personal data, you may contact our Data Protection Officer (DPO) at:

 
 
  1. Information We Collect

We collect and process the following personal data from you:

  • Technical information (e.g., IP address, browser type, cookies)
  • Any other information you provide us through forms, emails, or other communication methods.
 
 
  1. Purpose for Processing Personal Information

We collect personal data for the following purposes:

  • To provide services and products requested by you.
  • To manage and respond to your inquiries.
  • To personalise and improve user experience.
  • To comply with legal obligations.
 
 
  1. Legal Basis for Processing (GDPR Compliance)

Under the GDPR, we rely on the following lawful bases for processing personal data:

  • Consent: You have given explicit consent for us to process your data.
  • Legal obligation: Where processing is required to comply with a legal obligation.
  • Legitimate interests: Where processing is in our legitimate interests, and those interests are not overridden by your data protection rights.
 
 
  1. Lawful Basis for Processing (POPIA Compliance)

Under POPIA, we process personal information based on the following justifications:

  • Consent: You have given voluntary, specific, and informed consent.
  • Contractual necessity: Processing is necessary for fulfilling or entering a contract.
  • Legal requirement: Where the processing is required by law.
  • Legitimate interest: To pursue our legitimate business interests, provided it does not override your rights.
 
 
  1. Sharing Your Information

We may share your data with:

  • Third-party service providers assist us with data processing, hosting, or analytics under strict confidentiality agreements.
  • Legal authorities when required by law or to protect legal rights.
  • International data transfers, including sharing data with organisations outside your country, will be done with appropriate safeguards (e.g., EU Standard Contractual Clauses for GDPR compliance).
 
  1. Data Retention

We will only retain your personal information for as long as necessary to fulfil the purposes outlined in this privacy policy. Retention periods may vary depending on legal requirements, the nature of the information, or business needs.


  1. Data Security

We implement appropriate technical and organisational security measures to protect your personal data from unauthorised access, disclosure, modification, or destruction. These measures include encryption, access controls, and regular security audits.


  1. Your Rights (GDPR & POPIA)

You have the following rights regarding your personal data:

  • Access: You have the right to request access to the personal data we hold about you.
  • Rectification: You can ask us to correct any incorrect or incomplete personal data.
  • Erasure: You can request that we delete your personal data in certain circumstances.
  • Restriction: You can ask us to limit or suspend the processing of your personal data.
  • Data portability: You can request the transfer of your data to another organisation.
  • Objection: You may object to processing your data where we rely on legitimate interests as the legal basis.
  • Withdraw consent: You can withdraw your consent at any time, where processing is based on consent.

To exercise these rights, contact us at bettina@designafrique.co.za


  1. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience and improve the functionality of our website. You can manage or turn off cookies in your browser settings. For more details, please refer to our Cookie Policy below.


  1. Complaints

If you have any concerns about our processing of your personal data, you have the right to lodge a complaint with the relevant data protection authority:

  • For EU/UK Residents: Contact the UK Information Commissioner’s Office (ICO) or your local data protection authority in Europe.
  • For South African Residents: Contact the Information Regulator (South Africa).
  • South Africa Information Regulator Contact Information:
    • Website: https://www.justice.gov.za/inforeg/
    • Email: complaints.IR@justice.gov.za


  1. Changes to This Privacy Policy

We may update this privacy policy occasionally to reflect changes in our practices, legal requirements, or other operational reasons. We encourage you to review this policy periodically.


Contact Us If you have any questions about this Privacy Policy, please get in touch with us at: