ComplianceIQ SA ("we", "us", "our") is committed to protecting your privacy and handling your personal information responsibly. This policy explains what information we collect, why we collect it, how we use and safeguard it, and the rights you have under POPIA.
As a compliance advisory firm, we hold ourselves to the same standards we advise our clients to meet. We process personal information lawfully, transparently, and only for the purposes set out below.
1. Who we are (the Responsible Party)
For the purposes of POPIA, the responsible party is:
- ComplianceIQ SA
- Northmead, Benoni, Gauteng, South Africa
- Email: info@complianceiqsa.co.za
- Phone / WhatsApp: +27 75 338 4195
2. Our Information Officer
In line with POPIA, we have designated an Information Officer who is responsible for ensuring our compliance with the Act and for handling any queries, requests or complaints relating to your personal information. You can reach our Information Officer at info@complianceiqsa.co.za.
3. What personal information we collect
We collect only the information we need to respond to your enquiry and provide our services. Depending on how you interact with us, this may include:
- Contact details — your name, job title, email address and phone or WhatsApp number.
- Business information — your company name, registration number, sector, number of employees, trading history and physical address.
- Enquiry details — the services you are interested in, your compliance needs, deadlines, budget range, and any other information you choose to share with us.
- Documents you upload — such as tender documents, existing contracts, or registration certificates submitted through our enquiry form.
- Technical information — limited website usage data collected through cookies (see section 9).
4. How we collect your information
We collect personal information directly from you when you:
- Complete our online enquiry / intake form;
- Email, call, or message us on WhatsApp;
- Engage us to provide a service and share documents with us; or
- Browse our website (technical and cookie data only).
Where we need to verify information about a supplier or third party as part of a vetting engagement, that information is obtained from public registries (such as CIPC) and from documents provided to us by our client. We process such information solely for the purpose of the engagement.
5. Why we process your information
We process your personal information for the following purposes:
- To respond to your enquiry and provide a quotation;
- To deliver the advisory, compliance, tender, vetting or AI services you have engaged us for;
- To communicate with you about your matter and our services;
- To meet our own legal, regulatory and record-keeping obligations; and
- To improve our website and services.
We rely on your consent, the performance of our agreement with you, our legitimate interests, and compliance with the law as the lawful bases for processing, as applicable.
6. Sharing your information
We do not sell your personal information, and we do not share it with third parties for marketing purposes. We may share limited information with trusted service providers who help us operate our business, including:
- Our online form provider (JotForm), which captures and securely transmits your enquiry to us;
- Our email, document storage and productivity providers (such as Google Workspace), used to manage correspondence and securely store client files; and
- Professional advisors or specialists, only where necessary for your matter and with appropriate confidentiality safeguards.
These providers process information on our behalf and are required to keep it secure and confidential.
7. Cross-border transfers
Some of the service providers we use (such as our form and email providers) may store data on servers located outside South Africa. Where this occurs, we take reasonable steps to ensure your information is protected by a comparable level of security and that any transfer complies with POPIA.
8. How long we keep your information
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, to provide our services, and to comply with our legal and record-keeping obligations. When information is no longer needed, we securely delete or destroy it.
9. Cookies
Our website uses a small number of cookies to help the site function correctly and to understand how visitors use it, so we can improve their experience. You can control or disable cookies through your browser settings. By continuing to use our website after being shown our cookie notice, you consent to our use of cookies as described here.
10. How we protect your information
We take reasonable and appropriate technical and organisational measures to safeguard your personal information against loss, unauthorised access, and misuse. This includes secure storage, controlled access to client files, and using reputable service providers. While no system can be guaranteed completely secure, we continually review our safeguards.
11. Your rights under POPIA
You have the right to:
- Request access to the personal information we hold about you;
- Request that we correct or update inaccurate or incomplete information;
- Request that we delete information we no longer have a lawful basis to keep;
- Object to the processing of your information in certain circumstances; and
- Withdraw any consent you have given (this will not affect processing already carried out).
To exercise any of these rights, please contact us at info@complianceiqsa.co.za. We may need to verify your identity before acting on your request.
12. Access to information (PAIA)
In line with the Promotion of Access to Information Act, 2000 (PAIA), you may request access to records we hold. Please direct any such request to our Information Officer at info@complianceiqsa.co.za.
13. Lodging a complaint
If you believe we have not handled your personal information in accordance with POPIA, we would appreciate the opportunity to address your concern directly — please contact us first. You also have the right to lodge a complaint with the Information Regulator:
Information Regulator (South Africa)
14. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or the law. The latest version will always be available on this page, with the "last updated" date shown above.
15. Contact us
If you have any questions about this policy or how we handle your personal information, please get in touch:
- Email: info@complianceiqsa.co.za
- Phone / WhatsApp: +27 75 338 4195