Last updated: August 01, 2024
This Privacy Policy is designed to provide you with transparency about how your personal information is handled when you use KasiConvocation. By using our services, you agree to the terms outlined in this document.
We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
The purpose of this Privacy Policy is to inform you, as a user of KasiConvocation, about how we collect, use, disclose, store, and protect your personal information when you engage with our platform and services. We recognize the importance of privacy and data security, especially given the sensitive nature of financial transactions and personal details involved in group savings activities, also known as stokvels, which form the core of KasiConvocation’s offerings. This document is designed to help you understand your rights regarding your data, as well as our commitment to safeguarding your privacy as required by applicable laws and regulations, such as the Protection of Personal Information Act (POPIA) in South Africa.
By using our platform, you agree to the practices described in this policy. It is crucial that you read this document carefully to fully understand how your data will be handled, as it outlines your rights and the steps we take to protect your information. If at any point you do not agree with the terms of this Privacy Policy, we ask that you discontinue using our services immediately.
This Privacy Policy applies to all individuals who interact with KasiConvocation, including but not limited to:
1.2.1. Users and members who register for and participate in group savings (stokvel) activities on our digital platform.
1.2.2. Visitors who browse and interact with our website, mobile application, or any other service channels.
1.2.3. Third-party partners, contractors, or service providers who may have access to limited data for operational purposes.
Whether you are accessing our services via the website, mobile app, or through any other means of communication, this policy applies. It covers how we handle data both online and offline, including data collected during the registration process, when making payments, participating in savings groups, or when you otherwise provide us with your personal details.
This policy not only describes how we handle personal data but also outlines our practices with respect to non-personal data and aggregate information that might be automatically collected during the use of our services.
As a company, we are committed to complying with all relevant data privacy laws and regulations in South Africa and other jurisdictions where we may operate or offer our services. This includes, but is not limited to, South Africa’s Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR) for any users based in the European Union.
1.3.1. POPIA Compliance POPIA is designed to ensure that companies operating in South Africa, like KasiConvocation, process personal data responsibly and lawfully. Under this law, we are required to inform you of the types of data we collect, the purpose for which we collect it, and how we protect that data. Additionally, we must provide you with an understanding of your rights concerning your personal information, such as the right to access, rectify, or request the deletion of your data.
1.3.2. GDPR Compliance Although primarily focused on South Africa, KasiConvocation may have users in other parts of the world, including the European Union. For users in the EU, we comply with the General Data Protection Regulation (GDPR), which governs the collection and processing of personal data for European users. This includes providing clear transparency about how we collect and use your personal information and ensuring that we take appropriate steps to secure and protect that information.
KasiConvocation is committed to maintaining a transparent relationship with its users and ensuring trust in the way personal information is handled. We believe that privacy is not only a legal obligation but a cornerstone of the trust our users place in us. As a platform aimed at modernizing traditional stokvel systems, where trust and financial security are paramount, we are dedicated to ensuring that you have confidence in our data practices.
To this end, we promise to:
1.4.1. Clearly explain what data we collect and why.
1.4.2. Provide users with easy-to-understand options for managing their privacy preferences.
1.4.3. Ensure that personal information is only used for the purposes that were initially disclosed.
1.4.4. Implement robust security measures to protect your data from unauthorized access or breaches.
KasiConvocation is committed to safeguarding the privacy of our users by ensuring transparency in how we collect, process, and store your personal information. The information we gather is vital for the functioning of our platform and ensures that we provide the best experience for users participating in group savings (stokvels). We collect two main types of information: personal information that you voluntarily provide, and non-personal information collected automatically. Below is a detailed breakdown of the information we collect and how we collect it.
Personal information refers to any data that can be used to identify or contact an individual. We collect personal information directly from you when you interact with our platform or services. This includes but is not limited to:
2.1.1. Full Name: We collect your full name during the registration process to help identify you within the platform and to enable personalized communications and transactions.
2.1.2. Email Address: Your email address is used as the primary means of communication between you and KasiConvocation. This includes sending important updates, notifications regarding transactions, and marketing communications (if consented).
2.1.3. Phone Number: We collect your phone number for additional communication, customer support purposes, and for two-factor authentication where applicable, ensuring the security of your account.
2.1.4. Physical Address: In some cases, especially for regulatory or delivery purposes, we may request your physical address. This is particularly important when engaging in activities that may require identification verification.
2.1.5. Banking or Payment Information: To facilitate financial transactions on the platform, we may collect payment information such as bank account details, debit/credit card numbers, or details required by third-party payment processors. This data is handled securely and in accordance with applicable laws to protect your financial information.
2.1.6. Identity Documentation: Depending on the requirements of our services and in compliance with financial regulations, we may request additional documents such as a national identity card, passport, or driver's license for identity verification purposes. This is necessary to prevent fraudulent activities, ensure compliance with Know Your Customer (KYC) policies, and secure your account.
Non-personal information is automatically collected as you navigate through the KasiConvocation platform. While this data does not directly identify you, it helps us understand user behaviour, improve the functionality of our platform, and deliver a better overall experience. This may include:
2.2.1. Device Information: We collect information about the devices you use to access KasiConvocation, such as your computer, smartphone, or tablet. This may include details like your IP address, browser type, operating system, and device settings. Collecting this information helps us optimize our platform for various devices and troubleshoot technical issues when necessary.
2.2.2. Usage Data: Usage data is collected through cookies and similar technologies that track how you interact with our platform. This includes which pages you visit, how long you spend on the platform, which features you use most frequently, and your navigation behaviour. This information helps us analyse trends, understand user preferences, and improve the platform’s functionality based on real-time insights.
2.2.3. Geolocation Data: With your consent, we may collect your geolocation information (such as your country or city) to provide location-specific services, offers, and content. For example, knowing your location can help us customize stokvel opportunities that are relevant to your geographic area. This information is not collected without your permission and can be disabled through your device settings.
2.2.4. Cookies and Tracking Technologies: Cookies and other tracking technologies (such as web beacons and pixels) are used to enhance your browsing experience, store your preferences, and provide personalized content. These technologies also help us understand user behaviour by tracking interactions on our platform and allow us to run analytics to monitor traffic and improve our services.
In some cases, we may collect additional information about you from trusted third-party sources. This typically happens in scenarios where we collaborate with third-party services for verification purposes, or where you choose to connect your KasiConvocation account with a third-party platform, such as:
2.3.1. Social Media Integration: If you register or log in to KasiConvocation using your social media account (e.g., Facebook, Google), we may access certain information from your social media profile, such as your name, profile picture, and email address. This is subject to the permissions you grant during the integration process and helps us streamline the account creation process.
2.3.2. Identity Verification Services: To ensure that your account is legitimate and compliant with financial regulations, we may obtain verification information from third-party services. These services might provide us with additional identity information, such as your public records or credit history, to validate your identity.
2.3.3. Marketing and Advertising Partners: We may work with marketing and advertising partners who provide us with information about your preferences and behaviours based on your interactions with their content. This allows us to tailor advertisements and promotions to your interests, ensuring that we deliver relevant marketing content to our users.
The above information is collected through various means, including:
2.4.1. Direct Interactions: When you provide your personal information directly by filling out forms on our platform, communicating with customer support, or participating in platform activities such as saving in a stokvel.
2.4.2. Automated Technologies: As you navigate and interact with our platform, we use automated technologies such as cookies and server logs to collect non-personal data about your browsing behaviour and device.
2.4.3. Third-Party Sources: Information collected from third-party platforms or services that you engage with, or from public databases and service providers, as outlined above.
At KasiConvocation, your privacy is a top priority, and we are committed to ensuring that your personal information is handled responsibly and transparently. We collect and process your information for various legitimate business purposes, all aimed at providing you with a seamless and secure experience on our platform. This section outlines in detail how we use your information:
We primarily use the personal information you provide to deliver, maintain, and enhance our core services:
3.1.1. Group Savings (Stokvels) Management: Your information, such as your name, contact details, and financial data, is essential for creating and managing group savings accounts. This enables the platform to organize and monitor stokvel activities securely and efficiently. We also use this data to track member contributions, withdrawals, and distribution of pooled savings.
3.1.2. Transaction Processing and Payments: For any financial transactions carried out within KasiConvocation, whether it's making contributions to a stokvel, withdrawing funds, or purchasing services, we use your payment information (e.g., banking details or credit card information). This ensures that payments are processed securely, and funds are transferred correctly. We comply with industry-standard security measures (such as encryption) to protect sensitive payment data.
3.1.3. Account Management: Your personal information is used to manage your account on KasiConvocation. This includes activities such as logging in, resetting passwords, and managing your profile. By using your data, we can provide personalized experiences, track your progress in group savings, and update your account status as needed.
3.1.4. Service Improvements: We analyse the information collected from your interactions with our platform to continuously improve our service. This could include identifying new features, resolving technical issues, and enhancing user navigation for a better experience.
3.2.1. Service-Related Communication: We use your personal information to communicate directly with you. This includes sending you important notifications about your account, updates to our services, and any changes to terms, conditions, or policies. For example, if there's a security update or a major platform change, you’ll be promptly notified.
3.2.2. Customer Support: When you reach out to us for assistance (e.g., resolving issues with your account or transactions), we use your contact information to respond to your queries efficiently. We may also use communication logs to improve our support services and address common issues more proactively.
3.2.3. Service Announcements and Updates: Occasionally, we may send you important announcements, such as scheduled maintenance or service downtime notifications. We might also share relevant updates about new features, tips for using the platform more effectively, or changes to your group savings terms.
We may use your personal information to send you marketing communications, but only if you have provided explicit consent to receive them. These communications could include:
3.3.1. Promotional Offers and News: You may receive notifications about promotions, events, or services we believe will be valuable to you. These may include special deals on our services, invitations to financial literacy webinars, or updates on new platform features.
3.3.2. Personalized Content: Based on your usage of the platform, we may tailor marketing messages specifically to your interests. For example, if you're part of a stokvel group saving for a vacation, we might inform you about travel-related savings products that may benefit you.
3.3.3. Third-Party Offers: We may partner with third parties to provide exclusive offers to our users. If applicable, your information will only be shared for marketing purposes with third-party partners if you have given us consent to do so. You can opt-out of receiving these communications at any time.
KasiConvocation operates in compliance with South African and international legal and regulatory frameworks. Your information may be used for:
3.4.1. Regulatory and Compliance Purposes: We may use your personal data to comply with financial and legal regulations, such as Know Your Customer (KYC) requirements and anti-money laundering laws. For instance, we may need to verify your identity and address before allowing financial transactions on the platform.
3.4.2. Audits and Reporting: We may use your information to comply with audits and other reporting requirements from regulatory bodies or government authorities. If we are subject to a financial audit, for instance, certain transaction data may be required for compliance purposes.
3.4.3. Legal Disputes or Claims: In the event of any legal disputes, claims, or lawsuits, we may use your information to protect our rights and interests. For example, if a user violates our terms of service or participates in fraudulent activity, your information may be used to investigate and resolve the issue.
3.5.1. Usage Analytics: We analyse aggregated, anonymized data from users to better understand how the platform is being used. This helps us identify trends, optimize performance, and make data-driven decisions to improve the platform’s usability. For example, we might analyse which features users engage with the most to prioritize future updates or development.
3.5.2. Improving Services: By studying usage patterns and preferences, we can develop new tools and features tailored to the needs of our users. This allows us to keep evolving our platform in a way that adds value to our user base.
3.5.3. User Behaviour Insights: Understanding how users navigate and interact with the platform helps us troubleshoot problems and ensure that we're offering the best possible user experience. For example, if we notice that many users are struggling with the stokvel setup process, we can refine that part of the platform.
We are deeply committed to ensuring that your personal information is kept secure, and that the platform remains a safe environment for all users. We use your information to:
3.6.1. Monitor Suspicious Activity: We actively monitor for any unusual or suspicious activities within our platform, such as unauthorized access or fraudulent transactions. If suspicious activity is detected, we will take immediate action to protect your account and our platform.
3.6.2. Account Protection: To ensure your account is protected, we may require additional verification steps if suspicious or potentially malicious activity is detected. This could involve requesting additional identity verification or temporarily restricting account access until the situation is resolved.
3.6.3. Security Enhancements: Your data is also used to implement and improve our security measures, including encryption and fraud detection systems. These systems help to protect both your personal information and your financial assets on the platform.
At KasiConvocation, we value your privacy and are committed to ensuring that your personal information is handled with the utmost care and transparency. This section explains in detail how and why we share your information with third parties and under what circumstances such sharing may occur.
We may share your personal information with trusted third-party partners, service providers, and vendors to enhance and facilitate the services we offer. These third parties are carefully selected and required to uphold the privacy standards stipulated in this Privacy Policy. The types of third parties with whom we may share your information include:
4.1.1. Service Providers We engage third-party companies to assist in performing various business operations. This may include service providers responsible for:
• Payment Processing: We share your financial and transactional data with payment processors to ensure that your contributions and withdrawals in stokvels are securely processed.
• Cloud Storage and Hosting: Your personal data may be stored on third-party cloud storage providers to ensure security, scalability, and continuous availability of our platform.
• Email and SMS Communication Providers: We may share your contact details with companies that help us send email or SMS updates regarding your transactions, app notifications, or marketing messages (only with your consent).
4.1.2. Business Partners and Collaborators We may share your information with partners who collaborate with KasiConvocation on specific features or initiatives. For example:
• Market Research and Analytics Providers: To improve our services and understand user preferences, we may share non-personal or aggregated data with companies that provide market insights or analytics.
• Financial Service Providers: If your stokvel chooses to work with financial institutions for savings, loans, or investments, we may share relevant data to facilitate these services.
In the event of a major business transaction, such as a merger, acquisition, or the sale of KasiConvocation’s assets, your personal information may be part of the transferred assets. However, we will ensure that your information remains subject to the protections outlined in this Privacy Policy.
4.3.1. Merger or Acquisition: Should KasiConvocation merge with another company or be acquired, your information may be transferred to the new entity. The new company would then take responsibility for your personal data, subject to the terms of this Privacy Policy or an equivalent standard.
4.3.2. Asset Sale: If KasiConvocation sells all or part of its assets, including your information, the purchaser would assume the responsibility of managing your data, and we will take steps to notify you of such changes.
We value your privacy when it comes to marketing and advertising, and we will only share your information for these purposes with your explicit consent. If you opt-in to receive marketing messages, we may share relevant data with:
4.4.1. Marketing Partners: We may collaborate with marketing agencies or third-party companies to create advertising campaigns and offer you promotions, discounts, or special services. However, this is only done with your permission.
4.4.2. Third-Party Advertisers: While we may use non-personal data (such as anonymized usage data) to allow advertisers to present relevant ads to our users, we will not share your identifiable personal information with advertisers unless you have explicitly opted-in.
4.5.1. Research and Development: We may share aggregated data to help improve the development of financial tools, educational resources, or the overall user experience on the platform.
4.5.2.
Public Relations:
Non-identifiable, aggregated data may be shared with the public or media to showcase success stories or highlight trends in community savings and investment.In instances where your consent is required for data sharing, we will ensure that your approval is obtained before proceeding. For instance:
4.6.1. New Partnerships or Features: If KasiConvocation enters into a new partnership that involves sharing your information in ways not outlined in this Privacy Policy, we will notify you and request your consent before sharing any personal data.
4.6.2. Optional Services: Should we offer optional services (e.g., third-party integrations, additional financial services), we will provide clear details on how your information will be shared and ask for your explicit agreement.
You retain the right to withhold consent for certain types of information sharing, particularly for marketing purposes or optional services. However, please be aware that restricting some data sharing may limit the functionality of the platform or prevent us from providing certain services, such as payment processing or secure access.
Data retention refers to how long we keep your personal information once it has been collected. It is essential for ensuring that we use the data effectively while still complying with legal and regulatory obligations. At KasiConvocation, we take the privacy and security of your personal information very seriously, and our data retention policy ensures that your data is retained for only as long as necessary to serve the purposes for which it was collected or as legally required.
The length of time that we retain your personal information depends on several factors, including the nature of the information, the purpose for which it was collected, and any legal requirements that apply. Here is an overview of how we manage retention:
5.1.1. User Account Information: Personal data related to your user account, such as your name, email address, payment information, and transaction history, will be retained for as long as your account is active on the KasiConvocation platform. This allows us to provide you with our services and maintain a record of your activities. Once your account is closed or becomes inactive, we may retain this information for a limited period to comply with legal obligations, resolve disputes, or enforce our agreements.
5.1.2. Transaction Data: For transactions conducted through the platform (such as group savings, payments, or other financial interactions), we may retain financial and transactional data for a specific duration to comply with tax, accounting, and regulatory requirements. Typically, this data will be retained for 5-7 years as required by financial regulations and industry best practices.
5.1.3. Legal Compliance: In certain circumstances, we may need to retain your information for longer periods in order to comply with legal, regulatory, or contractual obligations. For instance, information required for legal claims or investigations will be retained until the matter is resolved, even if your account has been deleted or the services have ceased.
5.1.4. Backup and Archival: We maintain secure backups of user data to ensure continuity of service in case of a system failure or data loss incident. Data stored in backups is retained in line with our retention policies and is securely deleted once the retention period has expired. However, it is important to note that deleted data may remain in backup archives for a limited time before it is permanently erased.
You have the right to request the deletion of your personal information under certain conditions. Once we receive and verify a request for data deletion, we will delete your data unless one or more of the following apply:
5.2.1. Legal Obligations: If we are required to retain certain information for compliance with legal obligations (such as tax records, dispute resolution, or other regulatory requirements), we may be unable to delete your data immediately.
5.2.2. Legitimate Business Interests: In some cases, we may retain information for legitimate business purposes, such as fraud prevention, risk management, or improving the security of our services.
5.2.3. Backup Systems: It is important to note that while we may delete personal data from our active systems, it may remain in backup systems for a limited time before it is automatically overwritten or securely deleted.
5.2.4. Process of Data Deletion: Upon receiving a verified deletion request, we will take reasonable steps to ensure that your data is securely removed from our systems. This process involves identifying and deleting data across all relevant systems, including our main databases, backups, and third-party service providers who process data on our behalf. We will notify you once the deletion process is complete.
In some cases, instead of deleting your data entirely, we may anonymize it. This means that all personal identifiers are removed, making it impossible to link the data back to you as an individual. Anonymized data is no longer considered personal information and may be used for statistical, research, or analytical purposes without further notice to you. Anonymization is often used when the data still has value for business insights or service improvements, but it is no longer needed in its identifiable form.
As a user of KasiConvocation, you have certain rights and control over your data, including:
5.4.1. Right to Request Deletion: You can request the deletion of your personal data at any time, and we will act in accordance with applicable laws and this policy.
5.4.2. Account Deactivation: If you choose to deactivate or close your KasiConvocation account, we will retain your data for a period of time to comply with legal obligations or for legitimate business purposes, as mentioned earlier.
5.4.3. Data Retention Policy Updates: As data protection laws and regulations evolve, we may update our data retention practices to ensure compliance. Users will be notified of any significant changes to our data retention policy.
At KasiConvocation, we are committed to ensuring that your personal data is handled with respect and in compliance with data protection laws. As part of our commitment, we want to ensure that you are aware of your rights regarding your personal information. Here’s a detailed explanation of your rights under our Privacy Policy:
6.1.1. Right to Access: You have the right to request access to the personal data we hold about you. This means you can ask us to provide a copy of your data, including details on how we use it. This right allows you to confirm whether your data is being processed and to understand the nature of that processing.
6.1.2. Right to Correction: If you find that your personal information is incorrect, incomplete, or outdated, you have the right to request corrections. You can contact us to update or amend your information to ensure it remains accurate and up-to-date.
6.2.1. Right to Data Portability: You have the right to request that we provide you with a copy of your personal data in a structured, commonly used, and machine-readable format. This allows you to transfer your data to another organization or service provider, facilitating easier movement of your data if you decide to switch services.
6.3.1. Right to Erasure (Right to be Forgotten): You may request the deletion of your personal information under certain circumstances. This right allows you to ask us to remove your data from our systems if:
6.3.1.1. The data is no longer necessary for the purposes for which it was collected.
6.3.1.2. You withdraw your consent on which the processing is based, and there is no other legal ground for processing.
6.3.1.3. You object to the processing, and there are no overriding legitimate grounds for the processing.
6.3.1.4. The data has been unlawfully processed.
6.3.1.5. The data needs to be erased to comply with a legal obligation.
6.4.1. Right to Restrict Processing: You can request that we limit the processing of your personal data in specific situations, such as:
6.4.1.1. When you contest the accuracy of the data, processing is restricted while we verify its accuracy.
6.4.1.2. When processing is unlawful, but you oppose deletion and request restriction instead.
6.4.1.3. When we no longer need the data for processing, but you need it for the establishment, exercise, or defence of legal claims.
6.4.1.4. When you have objected to processing, and we are verifying whether our legitimate grounds override your rights.
6.5.1. Right to Object: You have the right to object to the processing of your personal data in certain situations. This includes:
6.5.1.1. Processing based on our legitimate interests, or the performance of a task carried out in the public interest or in the exercise of official authority.
6.5.1.2. Processing for direct marketing purposes, including profiling related to such marketing.
6.5.1.3. Processing for scientific or historical research purposes or statistical purposes, unless processing is necessary for the performance of a task carried out for reasons of public interest.
6.6.1. Right Not to be Subject to Automated Decisions: You have the right not to be subject to decisions based solely on automated processing, including profiling, that significantly affect you. This means that if decisions affecting you are made solely by automated processes without human intervention, you can request a review by a person involved in the decision-making process.
6.7.1. Right to Withdraw Consent: If we process your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
6.7.2. How to Exercise Your Rights: To exercise any of these rights, please contact us using the contact details provided in the "Contact Us" section of this Privacy Policy. We may need to verify your identity before processing your request to ensure your personal data is protected.
At KasiConvocation, protecting your personal information is a top priority. We implement a range of security measures designed to safeguard your data from unauthorized access, loss, or disclosure. These measures include:
7.1.1. Encryption: We use advanced encryption protocols to protect sensitive data transmitted over the internet. This includes using Secure Socket Layer (SSL) or Transport Layer Security (TLS) for encrypting data exchanged between your device and our servers. Additionally, data stored in our systems is encrypted to prevent unauthorized access.
7.1.2. Firewalls: We employ state-of-the-art firewalls to block unauthorized access to our servers and network infrastructure. Firewalls help prevent malicious attacks and unauthorized users from gaining access to our systems.
7.1.3. Secure Data Storage: Your personal information is stored in secure servers with restricted access. We use secure cloud storage solutions with robust security measures to ensure the safety and integrity of your data.
7.1.4. Access Controls: Access to personal information is restricted to authorized personnel only. We implement role-based access controls to ensure that only employees who need access to your data for their job functions can view or handle it.
7.1.5. Regular Security Audits: We conduct regular security audits and vulnerability assessments to identify and address potential weaknesses in our systems. This helps us stay ahead of emerging threats and ensure the ongoing security of your information.
7.1.6. Intrusion Detection Systems: We utilize intrusion detection systems to monitor and respond to suspicious activities or breaches. These systems alert us to potential security threats in real-time, allowing us to take swift action to mitigate risks.
While we strive to protect your personal information, users also have a role in maintaining the security of their accounts. Please follow these guidelines to help protect your data:
7.2.1. Account Credentials: Keep your account credentials, such as usernames and passwords, confidential. Avoid sharing your login information with others. If you suspect that your account credentials have been compromised, change your password immediately and notify us.
7.2.2. Device Security: Ensure that the devices you use to access our platform are secure. Install and maintain up-to-date antivirus software and use secure, encrypted connections when accessing your account from public or shared networks.
7.2.3. Logging Out: Always log out of your account when using shared or public devices to prevent unauthorized access to your information.
7.2.4. Reporting Suspicious Activity: If you notice any suspicious activity on your account or believe your personal information has been compromised, contact us immediately. Prompt reporting helps us address potential issues and protect your information more effectively.
In the event of a security breach or incident affecting your personal information, we will promptly investigate the situation, take necessary remedial actions, and notify affected users in accordance with applicable laws and regulations. We will also provide guidance on steps you can take to protect yourself.
Our data breach response procedures include:
7.4.1. Identification and Containment: Quickly identifying the breach, containing its impact, and preventing further unauthorized access.
7.4.2. Assessment: Evaluating the nature and extent of the breach, including the type of information compromised and the number of affected users.
7.4.3. Notification: Informing affected users about the breach, providing details on what information was compromised, and offering advice on steps to mitigate potential risks.
7.4.4. Remediation: Taking corrective measures to address the vulnerabilities that led to the breach and enhancing our security practices to prevent future incidents.
We ensure that our staff are trained on data protection and security best practices. Regular training sessions are conducted to keep our team informed about the latest security threats and compliance requirements. This training helps us maintain a high standard of security and ensure that our employees understand their responsibilities in protecting your information.
Cookies are small text files that are placed on your device by websites you visit. They are widely used to make websites work more efficiently and to provide a better user experience. At KasiConvocation, we use cookies and similar tracking technologies to:
8.1.1. Enhance User Experience: Cookies allow us to remember your preferences, such as language settings or login information, which makes your interactions with our platform smoother and more personalized.
8.1.2. Analyse Website Usage: Cookies help us understand how users interact with our website, such as which pages are visited most frequently, how long users stay on specific pages, and which links are clicked. This information helps us improve our website's performance and user experience.
8.1.3. Enable Functionality: Certain cookies are necessary for the core functionality of our platform, such as maintaining your session while you are logged in or saving items in your shopping cart.
8.2.1. Essential Cookies: These cookies are crucial for the proper functioning of our website and cannot be disabled. They enable basic features such as secure login and session management.
8.2.2. Performance Cookies: These cookies collect data on how users interact with our website, such as page views and error messages. The information gathered is used to improve the performance and usability of our platform.
8.2.3. Functional Cookies: Functional cookies allow our website to remember your preferences and choices, such as language or region, to provide a more personalized experience.
8.2.4. Targeting/Advertising Cookies: These cookies track your browsing habits and interests to deliver advertisements that are more relevant to you. They may also be used to limit the number of times you see an ad and measure the effectiveness of advertising campaigns.
We may also allow third-party service providers, such as analytics and advertising partners, to set cookies on our website. These third parties may use cookies to collect information about your online activities across different sites and services to provide targeted advertisements or analyse website usage.
You have control over cookies through your browser settings. Most web browsers allow you to:
8.4.1. View Cookies: Check the cookies that are stored on your device.
8.4.2. Delete Cookies: Remove cookies that have been stored.
8.4.3. Block Cookies: Prevent new cookies from being placed on your device.
In addition to cookies, we may use other tracking technologies, such as:
8.5.1. Web Beacons: Small, transparent images embedded in web pages or emails that help us track user behaviour and measure the effectiveness of our communications.
8.5.2. Local Storage: Technologies like HTML5 local storage and session storage allow us to store data on your device to enhance your experience and provide consistent performance across sessions.
By using our website, you consent to the use of cookies and tracking technologies as described in this policy. We may update our cookie practices and tracking technologies from time to time, and any changes will be reflected in this policy.
At KasiConvocation, our platform may include links to external websites, applications, or services that are operated by third parties. These third-party links are provided for your convenience or as part of our collaboration with external service providers, and they may lead you to services or content outside of the direct control of KasiConvocation.
When you click on a third-party link and are redirected to a website or service not operated by KasiConvocation, it's important to understand that we do not have control over those external sites or services. This means we do not oversee the content, privacy policies, or data handling practices of those third parties. While we may offer access to third-party websites for added value (such as additional information, resources, or tools), KasiConvocation does not endorse, guarantee, or assume any responsibility for the privacy practices of these external entities. Any information you provide on these third-party platforms will be governed by their respective privacy policies, not by this Privacy Policy.
The data that third-party websites or services collect may include, but is not limited to, your IP address, browsing history, or any personal information you voluntarily provide on those platforms. These third-party services might use cookies, web beacons, or other tracking technologies to gather information about your activities. We encourage you to carefully read and review the privacy policies of any third-party site you interact with to understand how your information will be collected, stored, and used.
KasiConvocation cannot be held responsible for any loss, damage, or harm that may occur as a result of your interaction with third-party websites, applications, or services accessed via links on our platform. Your use of these third-party websites is entirely at your own risk, and we advise exercising caution when sharing personal information on any external site.
Some third-party links may be to our partners, vendors, or affiliates with whom we have a working relationship to provide additional services or features to our users. Even in these cases, while we collaborate with such third parties, we still recommend that you carefully review their privacy policies before sharing any personal information. We strive to work with reputable partners that align with our privacy and security values, but ultimately, their data handling practices are distinct from those of KasiConvocation.
We take careful consideration when selecting third-party partners or platforms to link from our website or app. The inclusion of any external link is intended to enhance user experience and provide valuable additional resources for your stokvel or financial needs. However, the inclusion of a link on our platform does not signify that we endorse the third party or their services, and users should apply due diligence before engaging with them.
At KasiConvocation, we strive to maintain the highest levels of data protection and privacy for our users. However, due to the global nature of the internet and the technologies we use, there may be instances where your personal data is transferred to and processed in countries outside of South Africa.We want to ensure transparency and compliance with global privacy standards. As part of this commitment, the following details outline how international data transfers are handled:
In the course of our operations, there may be a need to transfer your personal information across borders for the following reasons:
10.1.1. Data Storage: Our servers or those of our cloud service providers may be located in countries outside of South Africa.
10.1.2. Service Providers: We may work with third-party vendors or partners (such as cloud providers, payment processors, or customer support platforms) located in different countries to provide efficient services to you.
10.1.3. Technology Partners: We collaborate with technology and software providers whose servers or support teams may be based in other regions.
Whenever we transfer your personal information outside of South Africa, we ensure that your data remains protected by implementing robust safeguards and compliance measures. These include:
10.2.1. Adequacy Decisions: If your personal data is transferred to a country that is part of the European Economic Area (EEA) or any other jurisdiction with adequate data protection regulations as determined by local or international authorities (such as the South African Protection of Personal Information Act, "POPIA"), the transfer will comply with such standards.
10.2.2. Standard Contractual Clauses (SCCs): If the receiving country does not have an adequacy decision, we will use legally binding agreements, such as standard contractual clauses (approved by the relevant data protection authorities) that outline the data protection obligations of both the sender and the recipient.
10.2.3. Binding Corporate Rules (BCRs): For our intra-group transfers, we ensure that our corporate policies comply with international data protection rules through binding corporate rules, which guarantee adequate data protection within our organization.
10.2.4. Encryption & Security Measures: Data transferred across borders will always be protected by encryption protocols and other security measures to prevent unauthorized access during transmission.
We primarily work with service providers and partners in the following regions:
10.3.1. Europe, the United States of America and Africa cloud data centres
1.1.1. Our data processing partners in these locations have implemented equivalent or higher standards of privacy protection compared to South African law.
You retain full control over your personal information even when it is transferred to another country. You have the right to:
10.4.1. Request Information: You may request details about where your data is being stored and processed, including the third parties involved.
10.4.2. Withdraw Consent: Where data transfers rely on your consent, you have the right to withdraw consent at any time. However, this may affect the services we are able to offer.
10.4.3. Challenge Transfers: You may contact us to challenge or request further details regarding any specific international data transfer.
While we strive to protect your data in every region we operate in, it’s important to note that countries outside of South Africa may not have the same level of data protection regulations. In such cases, we make every effort to ensure that your information is treated securely and in accordance with this Privacy Policy. However, users should be aware that differences in legal frameworks may pose risks, and KasiConvocation will not be responsible for legal challenges that may arise from such transfers if safeguards have been appropriately implemented.
10.6.1. We regularly audit our service providers to ensure compliance with applicable data protection laws.
1.1.1. We ensure that data is anonymized or pseudonymized where possible before being transferred to countries with lower privacy standards.
10.6.3. We continuously monitor legal developments around international data transfer regulations to ensure our practices are in line with best standards globally.
By using KasiConvocation’s services and providing your personal information, you acknowledge and consent to the potential transfer of your data to other countries as outlined in this policy. We will notify you of any significant changes in the countries where your data may be transferred.
At KasiConvocation, we are committed to continually improving and adapting our services, products, and internal processes to reflect evolving legal requirements, industry standards, and user expectations. As a result, this Privacy Policy may need to be updated from time to time. We reserve the right to modify or update this Privacy Policy at our sole discretion. Below are the specific details of how and when we will make changes, and how we will notify you:
We may need to update this Privacy Policy for a variety of reasons, including but not limited to:
11.1.1. Legal Compliance: New laws or regulatory requirements, such as changes in data protection legislation (e.g., POPIA in South Africa or GDPR in the EU) may require us to adjust how we collect, store, or process personal information.
11.1.2. Business Changes: As our business grows or evolves, new products, services, partnerships, or acquisitions may require additional information to be collected or changes to how your data is used.
11.1.3. Technology Enhancements: We may implement new technologies to improve the security, efficiency, or usability of our platform, which may necessitate updates to our data processing practices.
11.1.4. User Feedback: Feedback from users regarding our privacy practices may prompt changes that make our policy clearer, more transparent, or more user-friendly.
Whenever we make material changes to this Privacy Policy, we will ensure that you are informed in a clear and timely manner. Specifically, we may notify you in one or more of the following ways:
11.2.1. Email Notification: If you are a registered user, we will send an email to the address associated with your account to notify you of significant changes to our Privacy Policy.
11.2.2. In-App or Website Notification: We may place a prominent notice on our website or within our mobile application highlighting the updates to this Privacy Policy. The notice may be visible upon login or on the homepage.
11.2.3. Direct Communication: In certain cases, where the change significantly impacts how your data is collected or used, we may communicate directly with you (e.g., via phone or messaging).
All changes to the Privacy Policy will become effective as of the date indicated at the top of the updated policy. The "Effective Date" will clearly show when the new policy is in effect.
11.3.1. Immediate Updates for Legal Requirements: If the changes are related to compliance with legal requirements, they may take effect immediately or as required by law.
11.3.2. 30-Day Grace Period: For non-urgent changes that do not affect your rights significantly, we may provide you with a grace period (typically 30 days) before the changes take full effect. During this period, you will have the opportunity to review the updates and, if necessary, adjust your preferences or terminate your account.
It is your responsibility to review the Privacy Policy periodically to ensure that you remain informed of how your information is being used and what your rights are. We encourage you to carefully read any updates to ensure that you fully understand the changes.
By continuing to use our services after updates to this Privacy Policy have been published and the effective date has passed, you are acknowledging that you have read, understood, and agreed to the changes. If you do not agree with the changes, you should discontinue your use of KasiConvocation’s platform and services and contact us regarding your concerns.
We will maintain an archive of previous versions of this Privacy Policy for reference. If you ever need to review past versions of our Privacy Policy, you can request access to them by contacting us at terms@kasiconvocation.com.
If you have any questions, concerns, or inquiries regarding this Privacy Policy, or if you wish to exercise any of your rights related to your personal information, we encourage you to reach out to us. We are committed to addressing any concerns you may have about the privacy and security of your data, and we value open communication with our users.
You can contact us through the following channels:
• Email: The quickest and most convenient way to reach us is via email. Please send your queries or concerns to terms@kasiconvocation.com. We aim to respond to all email inquiries within 5 business days.
• Phone: For more urgent concerns, or if you prefer speaking directly to a representative, you can contact us by phone at 011 695 4800. Our customer service team is available during business hours, which are 9AM – 17PM, Monday through Friday. We strive to resolve any urgent issues promptly over the phone.
• Physical Mail: If you prefer to write to us by traditional mail or if you need to send any legal documentation or other forms of official communication, you can reach us at the following address: 136 2nd Street, Randjespark, Midrand, Gauteng, South Africa 1685
Here are some examples of situations in which you may wish to contact us:
12.2.1. Privacy-Related Inquiries: You can contact us if you have questions or concerns about how we are collecting, using, storing, or sharing your personal data. Whether you need more information about our data practices or you have a specific concern about your information, we are here to help.
12.2.2. Exercise Your Data Protection Rights: Under certain laws, you have specific rights in relation to your personal information. You can contact us if you would like to:
• Access the personal information we hold about you.
• Correct any inaccuracies in your data.
• Request the deletion of your data (also known as the "right to be forgotten"), subject to any legal or contractual obligations.
• Restrict or object to the processing of your data.
• Receive a copy of your personal data in a commonly used format (data portability).
• Withdraw consent if you previously consented to a particular use of your data (e.g., marketing).
We aim to respond to all inquiries in a timely manner. Our typical response times are as follows:
12.3.1. Email Inquiries: 5 business days
12.3.2. Phone Inquiries: Immediate response during business hours
12.3.3. Physical Mail Inquiries: 14 business days from receipt of the letter
For more complex requests, such as those involving access to personal data or other legal rights, we may require additional time. In such cases, we will inform you of the expected timeline for a complete resolution.
If you are unsatisfied with our response to your inquiries or feel that we have not adequately addressed your concerns, you have the right to file a complaint with the relevant data protection authority in your jurisdiction. We are committed to cooperating with regulatory bodies to resolve any privacy disputes in a fair and transparent manner. In South Africa, for example, you may contact the Information Regulator (South Africa) if you believe your data privacy rights have been violated. You can find their contact information here:
• Website: https://www.icasa.org.za/pages/consumer-complaints-procedure
• Email: consumer@icasa.org.za
• Phone: +27 31 334 9512
We are always looking for ways to improve our data privacy practices, and your feedback is an essential part of that process. Please feel free to contact us if you have suggestions or ideas about how we can better protect your privacy.