(In compliance with the PROTECTION OF PERSONAL INFORMATION ACT 4 of 2013 “POPI” (RSA) and GENERAL DATA PROTECTION REGULATIONS “GDPR” (EU) 2016/679)
Code X Creations (Pty) Ltd is a South African registered private company with registration number 2013/230400/07. It is in the business of building accounting, customer relationship management software, and web and mobile applications for various industries.
Personal information is collected and stored on behalf of our clients to ensure the smooth operations of their businesses. How users use the information and how that information is used depends on how the users use the services and how they manage your privacy controls.
Code X Creations (Pty) Ltd is strongly committed to protecting your privacy and complying with your choices. Both personal and non-personal information collected is safeguarded according to the highest privacy and data protection standards adopted worldwide.
We have always had a robust and effective data protection program that complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR and the POPI Act.
• Your information will not be shared, rented or sold to any third party without your prior consent.
• We use state-of-the-art security measures to protect your information from unauthorised users.
• We give you the possibility to control the information that you shared with us (opt-out)
Code X Creations (Pty) Ltd is committed to processing data per its responsibilities under the GDPR and the POPI Act.
Article 5 of the GDPR requires that personal data shall be:
a. processed lawfully, fairly and in a transparent manner in relation to individuals;
b. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
Section 4 of the Protection of Personal Information Act 4 of 2013 (Republic of South Africa) provides conditions for the lawful processing of information by and or a “responsible party” as follows:
(a) ‘‘Accountability’’, as referred to in section 8;
(b) ‘‘Processing limitation’’, as referred to in sections 9 to 12;
(c) ‘‘Purpose specification’’, as referred to in sections 13 and 14;
(d) ‘‘Further processing limitation’’, as referred to in section 15;
(e) ‘‘Information quality’’, as referred to in section 16;
(f) ‘‘Openness’’, as referred to in sections 17 and 18;
(g) ‘‘Security safeguards’’, as referred to in sections 19 to 22; and
(h) ‘‘Data subject participation’’, as referred to in sections 23 to 25.
(2) The conditions, as referred to in subsection (1), do not apply to the processing of personal information to the extent that such processing is—
(a) excluded, in terms of section 6 or 7, from the operation of this Act; or
(b) exempted in terms of section 37 or 38 from one or more of the conditions concerned in relation to such processing.
(3) The processing of the special personal information of a data subject is prohibited in terms of section 26 unless the—
(a) provisions of sections 27 to 33 are applicable; or
(b) Regulator has granted authorisation in terms of section 27(2), in which case, subject to section 37 or 38, the conditions for the lawful processing of personal information as referred to in Chapter 3 must be complied with.
(4) The processing of the personal information of a child is prohibited in terms of section 34 unless the—
(a) provisions of section 35(1) are applicable; or
(b) Regulator has granted authorisation in terms of section 35(2), in which case, subject to section 37, the conditions for the lawful processing of personal information as referred to in Chapter 3 must be complied with.
(5) The processing of the special personal information of a child is prohibited in terms of sections 26 and 34 unless the provisions of sections 27 and 35 are applicable, in which case, subject to section 37, the conditions for the lawful processing of personal information as referred to in Chapter 3 must be complied with.
(6) The conditions for the lawful processing of personal information by or for a responsible party for the purpose of direct marketing by any means are reflected in Chapter 3, read with section 69 insofar as that section relates to direct marketing by means of unsolicited electronic communications.
(7) Sections 60 to 68 provide for the development, in appropriate circumstances, of codes of conduct for purposes of clarifying how the conditions referred to in subsection (1), subject to any exemptions which may have been granted in terms of section 37, are to be applied or are to be complied with within a particular sector.
We will inform you when information that personally identifies you (“personal information”) is asked for, and you will have the choice to provide it or not. Generally, this information is requested when you install, download, or subscribe to any of our product offerings, newsletters, or other online services.
2. What information we collect from you
When you interact with us, you may provide us with personal information, or we may collect personal information from you by law (we are required by law to verify the identity of our clients), or under terms of a contract, we have with you (for example by subscribing to our products and services). You can choose not to provide personal information when requested. However, without your requested personal information, we may not be able to provide or continue to provide you with the products and services offered by the Company or allow you full access to our site. If you refuse, we may have to cancel a product and service you have with us, but we will notify you if this is the case. We will only collect, use, store and transfer the minimum personal information that we deem necessary to process for ordinary business purposes.
Personal information we collect from you may include:
• Your first and last name or company name, email address, phone number, billing information, VAT registration number and other contact information, and any other information that you may provide to us via the site or any of our software applications;
• Login and account information for authentication purposes and account access;
• Your marketing preferences;
• Demographic data such as your gender, age, country, and preferred language;
• Data about how you and your PC or device interact with us, including web pages you visit when using our Sites and device, connectivity, and configuration data.
• To send you a quote or invoice, we might collect your publicly available personal information from the Internet.
It is not standard practice for us to collect sensitive personal information about you, such as information relating to your health, religion, political beliefs, race or sexual orientation, except your express consent or unless we are required to do so by law.
If we link other data with your personal information as provided to us, we will treat that linked data as personal information.
When you interact with us, you may provide us with personal information, or we may collect personal information from you by law (we are required by law to verify the identity of our clients), or under terms of a contract, we have with you (for example by subscribing to our products and services).
You can choose not to provide personal information when requested. However, without your requested personal information, we may not be able to provide or continue to provide you with the products and services offered by the Company or allow you full access to our site.
If you refuse, we may have to cancel a product and service you have with us, but we will notify you if this is the case. We will only collect, use, store and transfer the minimum personal information that we deem necessary to process for ordinary business purposes.
3. How we access your personal information
We use your personal information for the following purposes:
• you create an account with us;
• you engage us to provide our products and services;
• we process orders and payment transactions;
• we respond to your enquiries and requests;
• as a result of communications between you and our representatives;
• we obtain feedback from you about our products and services;
• we conduct our administrative and business functions;
• you register for any of our events, workshops, webinars and seminars;
• you subscribe to our mailing lists and newsletters;
• we market our solutions and services to you
4. The purpose for which we may use your personal information.
• to send communications to you;
• establish, manage, and maintain our business relationships;
• respond to inquiries and requests;
• develop, provide, and improve our services and products;
• inform you about our services and solutions;
• obtain feedback from you on our services and solutions;
• provide you with a more personalised experience when you interact with us;
• conduct administrative and business functions;
• update our records and keep contact details up to date;
• enable you effectively to use and to improve our site or software applications,
• compile website usage statistics;
• enable you to subscribe to newsletters and mailing lists;
• enable you to register for our or any of our business partners events, workshops, webinars and seminars;
• assess the performance of our Sites and to improve their operation; and
• send you updates on the latest legal developments.
• to automatically customise your documents with your information
• to alert you of software upgrades, updates, or other services from Code X Creations (Pty) Ltd.
• to distribute monthly statements and invoices.
• to verify your identity for login purposes
• To comply with any applicable legislation.
When you provide your personal information, you consent that it can be used for the above purposes and that Code X Creations (Pty) Ltd is an authorised holder of such information. When you activate your account, you are providing your consent to receive information from us occasionally. In each communication from us, you will have the opportunity to unsubscribe from further communications; alternatively, you may contact us to express your choices at the address provided at the bottom of this page.
6. Access to your information
You are entitled to review the personal information you have provided us and ensure that it is accurate and current at all times. To review or update this information, amend this information in your user settings screen.
7. Security of information
Code X Creations (Pty) Ltd is strongly committed to protecting your information and ensuring that your choices are honoured. We have taken strong security measures to protect your data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. All sensitive data is stored behind multiple firewalls on secure servers with restricted employee access.
We guarantee that all e-commerce transactions follow the latest security measures and use the best available technologies. Secure Sockets Layer (SSL) technology is employed when you place online orders or transmit sensitive information. SSL is one of the safest methods of passing information over the Internet.
8. Retention of information
9. Users’ Rights
You always have the right to access, rectify, download, or erase your information, as well as the right to restrict and object to specific processing of your information. While some of these rights apply generally, certain rights apply only in certain limited circumstances. We describe these rights below:
You have the right to access your personal data and, if necessary, have it amended or deleted or restricted. In certain instances, you may have the right to the portability of your data. You can also ask us not to send marketing communications and not use your personal data when we carry out profiling for direct marketing purposes. You can opt-out of receiving email newsletters and other marketing communications by following the opt-out instructions provided to you in those emails. Transactional account messages will be unaffected if you opt-out of marketing communications.
10. Sharing your information
Your information is never shared outside the Company without your permission. Inside the Company, data is stored behind multiple firewalls on secure servers with restricted user access.
We may, on occasion, require the help of other companies to provide limited services on our behalf, such as packaging, shipping and delivery, customer support and processing event registrations. We will only provide such companies with the information required to perform these services; these service providers are bound by strict privacy policies and are prohibited from using your information for any other purpose.
We may disclose your personal information to third parties on the following basis:
• Where we have your consent; or
• Where we are required to do so by law; or
In rare instances, Code X Creations (Pty) Ltd may disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to:
• conform to the requirements of any applicable law or comply with a legal process served on Code X Creations (Pty) Ltd;
• protect and defend the rights or property of Code X Creations (Pty) Ltd and its family of websites, software applications and properties; and
• act in urgent circumstances to protect the personal safety of users of Code X Creations (Pty) Ltd, its websites, or the public.
11. How to opt-out
We provide users with the opportunity to opt-out from receiving updates on our products, newsletters, and other communications from us. You can opt-out by clicking on a link provided in our electronic mailings or contacting us at the address at the bottom of this page.
Our sites or software applications may contain links to websites of third parties. Code X Creations (Pty) Ltd is not responsible for the actions of these third parties, including their privacy practices and any content posted on their websites. We encourage you to review their privacy policies to learn more about what, why and how they collect and use personal information. Code X Creations (Pty) Ltd adheres to industry recognised standards to secure personal information in our possession and secure it from unauthorised access and tampering.
However, as is true with all online actions, third parties may unlawfully intercept transmissions of personal information, or other users of the site may misuse or abuse your personal information that they may collect from the site.
13. Changes to this policy
14. Enforcement of policy
If, for some reason, you believe Code X Creations (Pty) Ltd has not adhered to these principles, please notify us, and we will do our best to make corrections promptly.
15. Questions or comments
Address: Code X Creations (Pty) Ltd Block C, Maine, Menlyn Corporate Park, 175 Corobay Ave, Menlyn, Pretoria, 0083
For information about contacting Code X Creations (Pty) Ltd, please visit our contact page.