Privacy Policy

Privacy Policy

Your Privacy Matters

Alu-Cab is committed to protecting your privacy. This policy explains how we collect and use your data when you visit our website. By using our website, you agree to these terms.

We may collect information you provide directly or automatically through your use of our website. We use this information to operate our website, improve your experience, and provide relevant services.

Your information may be stored and processed in different jurisdictions. We will retain your information as long as necessary.

You have control over your information. You can choose not to receive marketing communications from us.

We recommend reviewing this policy regularly for updates.

EXTERNAL PRIVACY NOTICE – DOWNLOAD PDF

In this document, references to “the business”, “we”, “us”, are to Alu -Cab Holdings (PTY) Ltd.

We recognise our accountability in terms of the Protection of Personal Information Act (hereinafter referred to as POPIA), to all our clients, suppliers, service providers and other third parties when processing their personal information.

To maintain a trust relationship with our Stakeholders, we are committed to complying with both the spirit and the letter of POPIA, other privacy protection legislation, and to always act with due skill, care, and diligence when dealing with personal information.

We will only process your personal information for purposes set out below and we will therefore only request information that is relevant and necessary for such processing. Your failure/refusal to provide this information could prevent or cause a delay in the fulfillment of our obligations to you.

PERSONAL INFORMATION:

Personal Information according to POPIA, means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to –
Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language, and birth of the person;
Information relating to the education or the medical, financial, criminal, or employment history of the person;
Any identifying number, symbol, e-mail address, telephone number, location information, online identifier, or other particular assignment to the person;
The biometric information of the person;
The personal opinions, views, or preferences of the person;
Correspondence sent by the person that would reveal the contents of the original correspondence;
The views or opinions of another individual about the person; and
The name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

HOW DO WE COLLECT PERSONAL INFORMATION:

Directly from you when you contact us directly, via telephone, email or our website.

WHEN WILL WE PROCESS YOUR SPECIAL PERSONAL INFORMATION:

Special personal information refers to the following categories of information:
Religious and philosophical beliefs;
Race;
Ethnic origin;
Trade union membership;
Political beliefs;
Health including physical or mental health, disability, and medical history;
Biometric information;
Criminal behaviour where it relates to the alleged commission of any offence or the proceedings relating to that offence.

We will process special personal information in the following instances:
You have consented to the processing (in circumstances where we are legally obliged to obtain your consent); or
It is necessary to exercise or defend a right or obligation in law; or
It is necessary to comply with an international legal obligation of public interest; or
It is for certain historical, research, or statistical purposes that would not adversely affect your privacy; or
You have deliberately made your personal information public.

WHAT INFORMATION DO WE COLLECT, AND HOW DO WE USE YOUR INFORMATION:

Kindly note that the following list is not comprehensive. It sets out the main purposes and data elements collected by us.

Client:

  • Personal information:
  • Full names
  • Phone numbers
  • Email address
  • Address

Purpose:

  • Provide you with goods and services.
  • To comply with legislation.
  • Record & warranty keeping purposes.
  • Handling Complaints
  • Debt Recovery purposes.

Service Providers / Suppliers

Purpose:

  • Purchase Orders
  • Contact and communication
  • Audit and Record-keeping,
  • Invoicing
  • Contracts

Personal information:

  • Business registration numbers & VAT numbers
  • Contact person names and ID numbers
  • Bank account information
  • Contact details
  • Physical and postal addresses

HOW WE SHARE YOUR INFORMATION:

Auditors
IT Digital Solutions

Legal Disclosures:
We may need to share your information when we believe it is required by law, legal process or to help protect the rights and safety of you, us, or others. We attempt to notify members about legal demands for their data when appropriate in our judgment unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, at our discretion, that the requests are overbroad, vague, or lack proper authority, but we do not promise to challenge every demand.


YOUR RIGHTS AND OBLIGATIONS:

Data Retention:
We keep most of your personal information while we still have a purpose, we need to provide you with services or where we are legally obligated to do so.
We will also keep your information where you have agreed for us to do so, or have given your consent that we are allowed to do so.
We keep some of your information even after our business relationship has terminated, if it is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our other user agreements, or fulfil your request to object to our processing of your information.
You have rights in connection with your personal information. You have many choices about how your information is collected, used, and shared.

In certain circumstances, by law, you have the right to:

  • Request access to your information: You will be able to ask us what information we have about you as well as ask for a copy of this information. This should be done on request to our information officer. There are some exemptions, which means you may not always receive all the information we process. When we can give you a copy it might be done at a certain fee, which will also be communicated to you at the time of your query.
  • Change or correct information: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Delete information: You can ask us to delete or remove personal information under certain circumstances.
  • Object to processing: You can do this where we are relying on your legitimate interest, public interest, or our legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your data for direct marketing purposes or where you have given your consent for the specific processing, and you want to retract your consent. Retracting your consent does not invalidate the information we lawfully processed while we had your consent to do so.
  • Request the restriction of processing: You can ask us to suspend the processing of personal data about you, for example, if you want us to establish its accuracy or the reason for processing it.

CHANGES TO OUR PRIVACY NOTICE:

Changes to the privacy notice apply to your use of our services. We may modify this privacy notice from time to time, as required by changes in legislation.

You acknowledge that your continued use of our services after we publish our changes to this privacy notice means that the collection, use, and sharing of your personal information is subject to the updated privacy notice.
OTHER IMPORTANT INFORMATION:
Security:
The Company maintains various Information Technology (“IT”) records to support business operations, ensure data security, and comply with applicable legislation, including the Promotion of Access to Information Act (“PAIA”) and the Protection of Personal Information Act (“POPIA”).
All systems utilised by the Company are cloud-based and secured with username and password access controls. Additional measures include:
• Google Single Sign-On (SSO) for Asana;
• Two-Factor Authentication (2FA) for Unleashed Software (ERP) and Xero Accounting.
The categories of IT records held include:

  1. Systems and Infrastructure Records
    • Hardware and Support Management: Hardware inventories and support requests maintained in Altera.
    • Network Management: Firewall configurations, Wi-Fi usage, and network monitoring logs managed through the Ubiquiti UniFi system.
    • Enterprise Resource Planning (ERP): Inventory, supply chain, and operational data stored in Unleashed Software, with access restricted to authorised users and protected by 2FA.
    • Accounting and Financial Systems: Financial and transactional records maintained in Xero Accounting, secured with 2FA.
  2. Communication and Documentation Records
    • Email and Documentation: Company correspondence, shared files, and documentation maintained in Google Workspace (Gmail, Google Docs, Google Sheets, and Google Drive).
    • Internal Communications: Usage records from Google Meet and Google Chat.
  3. Task and Workflow Management Records
    • Project and Task Management: Task allocation, workflow, and project progress records maintained in Asana, secured via Google SSO.
  4. Operational IT Records
    Managed and monitored through Atera, including:
    • IT usage policies, procedures, and guidelines.
    • Change management records (system updates, upgrades, and patches).
    • Incident logs relating to downtime, security breaches, and IT support requests.
  5. Information Security Records
    • User access control records across Google Workspace, UniFi, Asana, and Altera.
    • Firewall and network monitoring logs.
    • Encryption, password, and authentication management records.

Transborder information transfers:
We transfer information worldwide. The purpose for sharing personal information worldwide is solely to facilitate service delivery, including product shipping, customer support, and related operational requirements.
The following categories of information is transferred:
Client contact details
Client address
CONTACT INFORMATION:

OUR INFORMATION OFFICER: Simone’ Wilkins – admin@alu-cab.co.za
THE INFORMATION REGULATOR:
You have the right to lodge a complaint with the South African Information Regulator. See the Information Regulator contact details below.
ADDRESS:
Woodmead North Office Park, 54 Maxwell Drive, Woodmead, Johannesburg

COMPLAINTS:
POPIAComplaints@inforegulator.org.za
PAIAComplaints@inforegulator.org.za

GENERAL QUERIES: enquiries@inforegulator.org.za