Privacy Policy
Your privacy matters to us. This Privacy Policy explains how Upscale Insightslock Consulting collects, uses, stores, and protects your personal information in compliance with the Protection of Personal Information Act 4 of 2013 (POPIA) and other applicable data protection laws.
1. Introduction
This Privacy Policy applies to all personal information collected through our website at upscaleinsightslockconsulting.com, through direct client engagements, enquiry forms, and any other interactions with Upscale Insightslock Consulting.
By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our website and services.
2. Who We Are
Upscale Insightslock Consulting is the responsible party (data controller) for personal information collected through our business activities. We are a professional consulting firm operating in the Republic of South Africa, providing strategic, operational, and specialised consulting services to local and international clients.
3. Data We Collect
We may collect the following categories of personal information:
| Category | Examples |
|---|---|
| Identity Data | Full name, job title, company name |
| Contact Data | Email address, phone number, physical address |
| Technical Data | IP address, browser type, device information, pages visited |
| Usage Data | How you interact with our website and content |
| Communication Data | Messages, enquiries, and correspondence sent to us |
| Financial Data | Billing information necessary to process invoices (not card details) |
We do not collect sensitive personal information (such as race, religion, health data, or biometric data) unless explicitly required for a specific engagement and with your explicit consent.
4. How We Collect
We collect personal information through the following means:
- Direct interactions — when you complete enquiry forms, email us, or book a consultation
- Website analytics — through cookies and tracking technologies (see our Cookie Policy)
- Third-party platforms — such as Calendly, LinkedIn, or social media if you interact with us there
- Client engagements — information provided during the course of a consulting project
5. Why We Use It
We process your personal information for the following purposes:
- To respond to enquiries and schedule consultations
- To deliver consulting services as agreed in a service contract
- To manage billing, invoicing, and payment administration
- To send relevant communications, updates, or marketing materials (where consent is given)
- To improve our website and service offerings based on usage patterns
- To comply with legal and regulatory obligations
- To protect the legitimate interests of the Company
6. Legal Basis
Under POPIA, we process your personal information on the following lawful grounds:
- Consent — where you have given clear, specific consent for a particular purpose
- Contractual necessity — where processing is required to fulfil a service agreement
- Legal obligation — where we are required by law to process your information
- Legitimate interest — where processing is necessary for our legitimate business interests and does not override your rights
7. Sharing Your Data
We do not sell, rent, or trade personal information. We may share your data with:
- Service providers — such as email platforms, scheduling tools, or website hosting, who process data on our behalf under strict data processing agreements
- Professional advisors — such as lawyers or accountants, under confidentiality obligations
- Regulatory authorities — where required by law or court order
- Business transfers — in the event of a merger or acquisition, subject to equivalent privacy protections
Where personal information is transferred outside South Africa, we ensure that appropriate safeguards are in place as required by POPIA.
8. Data Retention
We retain personal information only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. Our general retention periods are:
- Client engagement records: 7 years from project completion (for legal and tax compliance)
- Website enquiry data: 2 years from date of last contact
- Marketing preferences: Until withdrawal of consent
- Technical/usage data: 12 months on a rolling basis
After these periods, data is securely deleted or anonymised.
9. Your Rights
Under POPIA and applicable data protection law, you have the right to:
- Access — request a copy of the personal information we hold about you
- Correction — request correction of inaccurate or incomplete information
- Deletion — request deletion of your personal information (subject to legal obligations)
- Objection — object to processing based on legitimate interests or for direct marketing
- Withdraw consent — where processing is based on consent, at any time
- Lodge a complaint — with the Information Regulator of South Africa
To exercise any of these rights, please contact us using the details below. We will respond within 30 days of receiving your request.
You may also contact the Information Regulator of South Africa at inforeg.org.za if you believe your rights have been violated.
10. Security
We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. These include:
- SSL/TLS encryption for data in transit
- Access controls limiting data access to authorised personnel only
- Regular review of data handling practices
- Use of reputable, GDPR/POPIA-compliant service providers
While we take all reasonable steps to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
11. Third-Party Links
Our website may contain links to third-party websites or platforms (such as LinkedIn, Facebook, or Calendly). We are not responsible for the privacy practices of these sites and encourage you to read their respective privacy policies before submitting any personal information.
12. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be posted on this page with an updated effective date. We encourage you to review this page regularly.
13. Contact Us
For any privacy-related enquiries, requests to exercise your rights, or to report a concern, please contact our Information Officer:
Republic of South Africa
Phone / WhatsApp: +27 71 379 0965
Website: upscaleinsightslockconsulting.com