Privacy Policy

Introduction

Ebenware (Pty) Ltd, a company registered in South Africa ("we", "us", or "our"), is committed to protecting your privacy in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our websites and software platforms such as SkillsLi.

Responsible Party: Ebenware (Pty) Ltd
Information Officer: Managing Director
Email: privacy@ebenware.com
Address: Cape Town, South Africa

By using our services, you consent to the processing of your personal information as described in this Privacy Policy. Where required by POPIA, we will obtain your explicit consent for specific processing activities.

1. Information We Collect

In accordance with POPIA, we collect and process the minimum information necessary to provide our services. We collect information:

• Directly from you when you provide it voluntarily
• Automatically when you use our services
• From third parties where you have given consent

Categories of Personal Information

2. Lawful Basis and Purpose for Processing

We process your personal information only when we have a lawful basis as required by POPIA:

• Consent: Where you have given clear consent for us to process your personal information for specific purposes
• Contract: Processing necessary for the performance of a contract to which you are party
• Legal Obligation: Processing necessary for compliance with a legal obligation (e.g., tax requirements, court orders)
• Legitimate Interests: Processing necessary for legitimate interests pursued by us or third parties, provided these are not overridden by your interests, rights, or freedoms
• Protection of You or Another Person: Processing necessary to protect your legitimate interests or those of another person

Specific Purposes

We process your information for the following specific purposes:

• To create and manage your account
• To provide our services, including SkillsLi platform access
• To process payments and prevent fraud
• To send service-related communications (not marketing)
• To provide customer support
• To ensure platform security and prevent abuse
• To comply with legal and regulatory requirements
• To improve our services based on usage analytics
• To send marketing communications (only with your consent)

3. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following situations:

• With your consent: We may share your information with your explicit consent
• Service providers: We may share information with vendors and service providers who perform services on our behalf
• Legal requirements: We may disclose information if required by law or in response to valid requests by public authorities
• Business transfers: We may share information in connection with a merger, acquisition, or sale of assets
• Protection of rights: We may disclose information to protect our rights, privacy, safety, or property

4. Data Security

In compliance with Section 19 of POPIA, we implement appropriate, reasonable technical and organizational measures to prevent:

• Loss of, damage to, or unauthorized destruction of personal information
• Unlawful access to or processing of personal information

Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response procedures
• Regular backups and disaster recovery plans
• Secure disposal of personal information

In the event of a security breach, we will notify you and the Information Regulator as required by Section 22 of POPIA.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need to use your information, we will remove it from our systems and records or take steps to anonymize it.

6. Your Rights Under POPIA

Under POPIA, you have the following rights regarding your personal information:

• Right to Access (Section 23): Request details of your personal information we hold, including the identity of third parties who have had access to it
• Right to Correction (Section 24): Request correction or deletion of inaccurate, irrelevant, excessive, outdated, or unlawfully obtained personal information
• Right to Object (Section 11(3)): Object to processing of your personal information at any time, on reasonable grounds
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis
• Right to Lodge a Complaint: Lodge a complaint with the Information Regulator regarding alleged interference with protection of your personal information
• Right to Restrict Processing: Request restriction of processing in certain circumstances

To exercise any of these rights, please submit a request to privacy@ebenware.com. We will respond within 30 days as required by POPIA. We may request proof of identity before processing your request.

Information Regulator Contact Details:
Email: inforeg@justice.gov.za
Website: https://inforegulator.org.za

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our services and store certain information. Cookies are files with a small amount of data that are sent to your browser from a website and stored on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

8. Third-Party Links

Our services may contain links to third-party websites or services that are not owned or controlled by Ebenware. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

9. Children's Information and Educational Services

Given the educational nature of our services, we may process information about minors (persons under 18 years) in the following contexts:

• When parents/guardians register their children for coaching or tutoring services
• When educational institutions provide student information for administrative purposes
• When coaches or tutors manage student records on our platform

For minors' information, we ensure:

• Processing is done only with consent from a parent or guardian
• We collect only necessary information for service provision
• Enhanced security measures are applied to protect minors' data
• Information is shared only with authorized parties (parents, designated coaches)
• We comply with all applicable laws regarding children's privacy

If you believe we have inadvertently collected personal information from a minor without proper consent, please contact us immediately at privacy@ebenware.com.

10. Cross-Border Data Transfers

In accordance with Section 72 of POPIA, we may transfer your personal information outside South Africa only if:

• You provide consent to the transfer
• The transfer is necessary for the performance of a contract
• The transfer is for your benefit and it is not reasonably practicable to obtain consent
• The recipient is subject to laws or agreements providing adequate protection

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Data processing agreements with adequate protection clauses
• Verification that the receiving country has adequate data protection laws
• Implementation of technical and organizational security measures

Primary data hosting locations include South Africa and European Union countries that provide adequate protection as recognized by the Information Regulator.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: