Introduction

This Policy explains how we collect, process, store, and safeguard personal information, and outlines your rights as a data subject.

Purpose of this Policy

The purpose of this Policy is to:

• Inform you about how your personal information is collected, used, and protected.
• Demonstrate our compliance with POPIA.
• Outline your rights and our obligations under data protection law.

Definitions

For the purposes of this Policy:

• “Personal Information” refers to any information relating to an identifiable, living natural person or existing juristic person.
• “Processing” includes collecting, storing, using, sharing, or deleting personal information.
• “Data Subject” means the person to whom the personal information relates.
• “Information Officer” means the person appointed to ensure compliance with POPIA.

Categories of Personal Information Collected

We may collect and process the following types of personal information:

• Full name and surname
• Contact details (email address, phone number, postal/physical address)
• Service-related information (e.g., coaching, consultancy, or publishing inquiries)
• Billing and payment information (if applicable)
• Website usage data (IP address, cookies, analytics)
• Communication preferences (e.g., newsletter subscriptions)

Purpose of Processing Personal Information

We process personal information lawfully and only when necessary for:

• Delivering our services (coaching, leadership development, consulting, publishing).
• Responding to inquiries and managing client relationships.
• Marketing, newsletters, and communication (with your consent).
• Compliance with legal and regulatory requirements.
• Improving our Website and user experience.

Lawful Basis for Processing

We process personal information under the following legal bases:

• Consent – where you provide explicit permission (e.g., newsletter sign-ups).
• Contractual necessity – where processing is required to deliver services.
• Legal obligation – where required by law or regulation.
• Legitimate interests – where processing is necessary for our business operations and does not infringe on your rights.

Data Sharing and Third Parties

We do not sell or rent your personal information. We may share it only with:

• Trusted service providers (e.g., IT support, hosting providers, email marketing platforms) bound by confidentiality and POPIA-compliant contracts.
• Regulatory or legal authorities where required by law.

Data Security

We implement appropriate security measures to protect personal information, including:

• Secure servers and encrypted communication where applicable.
• Access controls ensuring only authorized personnel handle personal information.
• Regular monitoring of systems to prevent unauthorized access, loss, or misuse.

Data Retention

Personal information will only be retained for as long as necessary to fulfill the purposes for which it was collected or as required by law. Once no longer required, information will be securely destroyed or anonymized.

Data Subject Rights

As a Data Subject, you have the following rights under POPIA:

• Right to Access – request details of personal information we hold about you.
• Right to Correction – request corrections or updates to inaccurate information.
• Right to Deletion – request deletion of personal information where legally permissible.
• Right to Object – object to processing of your information for specific purposes.
• Right to Withdraw Consent – withdraw consent previously provided for marketing communications.

Requests may be made by contacting our Information Officer (see Section 12).

Cross-Border Transfers

Where personal information is transferred outside South Africa (e.g., cloud storage or email systems), we ensure that adequate data protection measures are in place in compliance with POPIA.

Information Officer Contact Details

In accordance with POPIA, the following Information Officer has been appointed: