Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.
π Effective Date: 28 February 2025Our Commitment to Your Privacy
At Upscale Insightslock Consulting, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your data when you visit our website or engage with our services.
1. Information We Collect
1.1 Personal Information
We may collect the following types of personal information:
- Contact Information: Name, email address, phone number, company name, and job title
- Business Information: Company details, industry sector, and business requirements
- Communication Data: Records of correspondence and interactions with our team
- Service Usage Data: Information about how you use our consulting services
1.2 Automatically Collected Information
When you visit our website, we automatically collect:
- Technical Data: IP address, browser type, operating system, and device information
- Usage Data: Pages visited, time spent on pages, links clicked, and navigation paths
- Location Data: Approximate geographic location based on IP address
- Cookies and Tracking Technologies: As described in our Cookie Policy
π― Direct Collection
Information you provide through forms, consultations, and direct communications
π Automated Collection
Technical data collected through cookies and analytics tools
π€ Third-Party Sources
Professional networks, business directories, and publicly available sources
2. How We Use Your Information
We use your personal information for the following purposes:
2.1 Service Delivery
- Providing consulting services and strategic advisory
- Conducting business analysis and developing recommendations
- Managing client relationships and project delivery
- Communicating about services, projects, and deliverables
2.2 Business Operations
- Processing payments and managing billing
- Maintaining and improving our website and services
- Conducting internal research and analytics
- Ensuring security and preventing fraud
2.3 Marketing and Communications
- Sending newsletters, insights, and thought leadership content
- Informing you about new services and offerings
- Inviting you to events, webinars, and workshops
- Conducting customer surveys and feedback collection
3. Legal Basis for Processing (POPIA Compliance)
Under the Protection of Personal Information Act (POPIA), we process your personal information based on:
- Consent: You have given explicit consent for specific processing activities
- Contract Performance: Processing is necessary to fulfill our consulting services agreement
- Legal Obligation: We must process your data to comply with legal requirements
- Legitimate Interests: Processing is necessary for our legitimate business interests, provided these do not override your rights
4. Information Sharing and Disclosure
4.1 Service Providers
We may share your information with trusted third-party service providers who assist us in:
- Website hosting and maintenance
- Email marketing platforms
- Payment processing
- Analytics and business intelligence tools
- Customer relationship management (CRM) systems
4.2 Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity, subject to the same privacy protections.
4.3 Legal Requirements
We may disclose your information when required by law, court order, or to:
- Comply with legal processes
- Protect our rights, property, or safety
- Investigate potential violations
- Prevent fraud or security threats
5. Data Security
We implement appropriate technical and organizational security measures to protect your personal information:
π Encryption
SSL/TLS encryption for data transmission and secure storage protocols
π₯ Access Controls
Restricted access to personal data on a need-to-know basis
π Monitoring
Regular security audits and vulnerability assessments
π Policies
Comprehensive data protection policies and staff training
While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to enhance our security measures.
6. Data Retention
We retain your personal information for as long as necessary to:
- Fulfill the purposes outlined in this Privacy Policy
- Comply with legal, accounting, or regulatory requirements
- Resolve disputes and enforce our agreements
- Maintain business records for operational purposes
Typical retention periods include:
- Client Data: Duration of engagement plus 7 years for legal and tax purposes
- Marketing Data: Until you opt out or request deletion
- Website Analytics: 26 months maximum
- Financial Records: Minimum 5 years as required by law
7. Your Rights Under POPIA
As a data subject under the Protection of Personal Information Act, you have the following rights:
βΉοΈ Right to Access
Request access to your personal information we hold
βοΈ Right to Correction
Request correction of inaccurate or incomplete data
ποΈ Right to Erasure
Request deletion of your personal information
π« Right to Object
Object to processing based on legitimate interests
βΈοΈ Right to Restriction
Request restricted processing of your data
π¦ Right to Portability
Receive your data in a structured, machine-readable format
To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month and may require verification of your identity.
8. International Data Transfers
While we primarily operate within South Africa, some of our service providers may be located internationally. When we transfer personal information outside of South Africa, we ensure:
- Adequate data protection measures are in place
- Transfers comply with POPIA requirements
- Appropriate safeguards protect your information
- Contractual obligations require equivalent protection standards
9. Children’s Privacy
Our services are directed at businesses and professionals. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected information from a child, we will take steps to delete such information promptly.
10. Third-Party Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by:
- Posting the updated policy on our website
- Updating the “Effective Date” at the top of this policy
- Sending an email notification for material changes (where appropriate)
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
12. Complaints and Regulatory Authority
If you have concerns about how we handle your personal information, you have the right to lodge a complaint with:
JD House, 27 Stiemens Street
Braamfontein, Johannesburg, 2001
π§ Email: inforeg@justice.gov.za
π Phone: 010 023 5200
Contact Us About Privacy
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
π§ Legal@upscaleinsightslockconsulting.com
We aim to respond to all inquiries within 5 business days.
Upscale Insightslock Consulting
Strategic Insights. Scalable Results.
Last Updated: 28 February 2025