Privacy Policy for Sunscan in South Africa

At Sunscan, we respect your privacy and are committed to protecting your personal information. This privacy policy outlines how we collect, use, and protect your personal information when you use our website, products, and services.

Collection of Personal Information
We may collect personal information from you when you use our website, products, and services, including but not limited to your name, email address, physical address, phone number, and payment information. We may also collect non-personal information such as IP addresses, browser types, and access times.

Use of Personal Information
We may use your personal information to:

Provide you with our products and services
Communicate with you regarding your account, products, and services
Respond to your inquiries and requests
Process payments
Analyze and improve our products, services, and website
Prevent fraud and other prohibited or illegal activities
Comply with applicable laws and regulations
Protection of Personal Information
We take reasonable and appropriate measures to protect your personal information from unauthorized access, use, and disclosure. We use secure servers, firewalls, and encryption to protect your personal information.

Sharing of Personal Information
We may share your personal information with our affiliates, partners, and service providers as necessary to provide you with our products and services. We may also share your personal information to comply with applicable laws and regulations or in response to a subpoena or court order.

Cookies
We use cookies to personalize your experience and improve our website. Cookies are small files that are placed on your computer or device. You may disable cookies in your browser settings, but this may limit your ability to use our website and services.

Third-Party Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these websites. We encourage you to review the privacy policies of these websites before providing any personal information.

Children’s Privacy
Our website, products, and services are not intended for children under the age of 18. We do not knowingly collect personal information from children under the age of 18.

Changes to Privacy Policy
We may update this privacy policy from time to time. The updated privacy policy will be posted on our website, and we will notify you of any material changes by email or other reasonable means.

POPIA Compliance Policy

1. Introduction
This policy outlines the measures SunScan has implemented to comply
with the Protection of Personal Information Act (POPIA) of South Africa. Our commitment is to
protect the privacy and personal information of our clients, employees, and partners.

2. Scope
This policy applies to all personal information collected, processed, stored, and disposed of by
SunScan, regardless of the format in which it is held.

3. Personal Information Handling

Collection via Website: Our website uses Google Analytics for analytics and advertising
purposes. We also collect personal information through contact forms on our website. This
information is collected lawfully, fairly, and transparently with explicit consent.
Processing and Usage: Personal information is processed in accordance with the individual’s
consent and only for the purposes explicitly stated at the time of collection, including website
analytics and responding to inquiries.
Storage and Security: All client information collected through our website is securely stored
using Google Sheets. To enhance security, all staff users are required to have two-factor
authentication to access this data. We employ robust security measures, including encryption
and access controls, to protect personal information from unauthorized access, disclosure,
alteration, or destruction.

4. Data Subject Rights
Individuals have the right to access their personal data, request correction or deletion, and
withdraw consent for processing. We have established procedures to facilitate these rights in a
timely manner.

5. Employee Training and Awareness

All employees are trained on the principles of POPIA and their responsibilities in protecting
personal information. This includes understanding the importance of secure data handling
practices and the use of two-factor authentication for accessing sensitive information.

6. Third-Party Compliance
We ensure that all third-party service providers, including those involved in website analytics
and advertising, are compliant with POPIA. We regularly review our agreements and practices
with these providers to ensure the ongoing protection of personal data.

7. Breach Notification
In the event of a data breach, we have an incident response plan to promptly assess the
situation and take appropriate steps, including notifying the Information Regulator and affected
individuals. This includes any breaches that may involve data stored in Google Sheets or data
collected through our website.

8. Monitoring and Review
This policy and our data protection practices are regularly reviewed and updated to ensure
ongoing compliance with POPIA and to reflect any changes in our operations, such as updates
to our website’s use of analytics and advertising tools.

9. Contact Information
For any inquiries or complaints regarding our handling of personal information, please contact
our Information Officer at 021 551 5906. Our Information Officer is also responsible for
overseeing compliance with this policy and with POPIA requirements.