Privacy Policy (South Africa) — Aquaneers.co.za Effective date: [YYYY-MM-DD] 1. Introduction We respect your privacy and handle personal information in accordance with the Protection of Personal Information Act (POPIA), 2013 and other applicable South African laws. This policy explains what personal information we collect, why we collect it, how we use and protect it, and your rights. 2. Controller The data controller is: Aquaneers.co.za, trading as [Trading Name], located at [Address]. Contact: [email@example.com], Phone: [phone number]. 3. Personal information we collect We collect only the personal information necessary for specified purposes, which may include: - Identity and contact details (name, email, phone, address) - Account and transaction information - Communications and preferences - Usage, device and log information (including cookies) - Any other information you voluntarily provide 4. Purpose and lawful basis We process personal information for clear, specific purposes such as providing services, billing, support, improvement of products, marketing (with consent), fraud prevention and legal compliance. Processing is based on consent, contract performance, legitimate interests, or legal obligation as permitted under POPIA. 5. Use and disclosure We use information to provide and improve services. We may disclose information to: - Service providers and processors acting on our behalf - Payment processors and banks - Legal, regulatory or security authorities when required - Third parties with your consent We require third parties to maintain adequate safeguards. 6. International transfers Where personal information is transferred outside South Africa, we ensure adequate safeguards such as contractual protections, consent, or transferring to countries with comparable protection, as required by POPIA. 7. Data retention We retain personal information only as long as necessary for the purposes stated, to meet legal or regulatory obligations, or as reasonably required for legitimate business purposes. Retention periods vary by record type. 8. Security We implement reasonable technical and organizational measures to protect personal information against unauthorized access, loss, alteration or destruction. No system is completely secure; in the event of a breach we will follow applicable notification duties under POPIA and keep affected parties informed as required. 9. Your rights Subject to applicable law, you have rights to: - Request access to personal information we hold about you - Request correction or deletion of inaccurate or unnecessary data - Object to or restrict processing - Withdraw consent where processing is based on consent - Request portability where applicable To exercise rights, contact us at [email@example.com]. We may verify identity and respond within applicable timeframes. 10. Children We do not intentionally collect personal information from children under 18 without parental/guardian consent. If you believe we have collected such data improperly, contact us to have it removed. 11. Cookies and tracking We use cookies and similar technologies to operate and improve our services. You can manage cookie preferences via your browser or as provided in our cookie settings. 12. Complaints and regulator If you are dissatisfied with our handling of personal information, contact us first so we may address the matter. You may also lodge a complaint with the Information Regulator of South Africa: https://inforegulator.org.za 13. Changes to this policy We may update this policy. We will publish the updated policy with an effective date. Significant changes will be communicated where appropriate. 14. Contact For privacy queries, requests or complaints contact: [Data Protection Contact Name], [email@example.com], [phone number], [postal address]. --- End of Policy ---