Privacy policy

DEELIVER PRIVACY POLICY

Pleasant Group Proprietary Limited (Registration Number 2015/055101/07) t/a Deeliver “Deeliver”, “we”, “us”, “our”, operates an online liquor and convenience store. We offer a wide range of products from day-to-day essentials to more indulgent luxury items. We are committed to protecting your personal information and fulfilling our legal obligations, including our obligations under the Protection of Personal Information Act 14 of 2013 (“POPIA”) The purpose of this privacy policy (“the Policy”) is to set out how we will process your personal information.

When you make use of our services or otherwise engage with us, we may need to process your personal information. We will not process your personal information for any purpose other than those specified in this Policy. If we need to process your personal information for a purpose other than those specified in this Policy, then we will obtain your written consent prior to processing your personal information.

Please ensure that you have read this Policy before using our services or otherwise engaging with us. By making use of our services, accessing our website, downloading, and using our app or engaging with us in any other manner you are deemed to have read, understood, and accepted the terms of this Policy.

1. OUR RESPONSIBILITIES

1.1. We are required to comply with the provisions of POPIA. When we process personal information, we must do so in a manner that complies with the core principles prescribed by POPIA; these core principles are –

1.1.1. Accountability – we must be able to demonstrate compliance with POPIA;

1.1.2. Lawfulness, fairness and transparency – we must ensure that we process the personal information of a data subject in lawful, fair and transparent manner;

1.1.3. Limited purpose – we must only process personal information for a specified and legitimate purpose;

1.1.4. Minimisation – we must minimize the personal information that we process by only processing personal information that is relevant and necessary to the purpose;

1.1.5. Accuracy – we must ensure that the personal information we process is kept up to date;

1.1.6. Storage limitation – we must ensure that we retain personal information for no longer than is necessary to fulfill the purposes for which it was process or to comply with the law;

1.1.7. Security – we must have appropriate technical and organizational measures to protect against the accidental damage, destruction and/or loss of personal information;

1.1.8. Data Transfer – we must ensure that personal information that is processed is not transferred outside the borders of South Africa, unless the jurisdiction into which the personal information is being transferred has similar data protection laws to South Africa or we have an agreement in place that affords the data subject adequate protection; and

1.1.9. Data Subject Requests – we must in no way hamper or impede a data subjects rights under POPIA or any other law.

2. YOUR RESPONSIBILITIES

2.1. Your responsibilities under this policy are to –

2.1.1. make sure that you have read and understood this policy before making use of our services;

2.1.2. make sure that you have read and understood the content of the other contracts between us as they may contain further terms related to your privacy and the treatment of your personal information; and

2.1.3. make sure that you have the authority to provide us with personal information if it relates a third party. When you provide us with a third party’s personal information you warrant that you have the authority to do so.

3. WHO WE COLLECT PERSONAL INFORMATION FROM

3.1. We may collect personal information –

3.1.1. from you;

3.1.2. from a third party acting on your behalf;

3.1.3. to verify your identity;

3.1.4. when we render services or provide goods in the course of our business relationship;

3.1.5. when you interact with our website, social media platforms, newsletter, and other marketing materials (including third party content);

3.1.6. when you visit us in person; and

3.1.7. when the law obliges us to do so.

4. PERSONAL INFORMATION WE COLLECT

4.1. We may process the following personal information –

4.1.1. Personal details – name, identity number, age, nationality, title, language preferences, physical address, postal address, telephone numbers, email address and employment details.

4.1.2. Financial information – banking details, billing address, credit/debit card details and payment records.

4.1.3. Website – access events (the date and times you access our site), browser information, device type, internet protocol address, language settings, location, and further technical data.

4.1.4. Marketing and social media – your interactions with our marketing campaigns and materials, and your interaction with our social media accounts.

4.1.5. Consent – where you have expressly consented for us to process your personal information.

4.2. We don’t collect special personal information (as defined by POPIA), however, where it is necessary for us to collect any special personal information, we will do in a manner that strictly complies with the provisions of POPIA.

4.3. We restrict the processing of personal information to the data and information required for us to provide our services, matters related our services or where there is a legitimate purpose for us to do so. We do not process personal information that is irrelevant or falls outside the scope of the legitimate purpose.

5. HOW WE USE YOUR PERSONAL INFORMATION

5.1. We use your personal information as follows –

5.1.1. to verify your identity;

5.1.2. to provide our services (including engaging our lawyers, counsel, consultants, advisors, affiliates, agents and suppliers);

5.1.3. to communicate with you regarding the services;

5.1.4. to send you marketing material;

5.1.5. to refine our service offering;

5.1.6. internal analytics; and

5.1.7. to comply with the law.

5.2. We may disclose your personal information –

5.2.1. to our staff to provide our services or related matters.

5.2.2. to our advisors, affiliates, agents, directors, suppliers, and partners to provide our services or related matters.

5.2.3. to marketing agencies for purposes of marketing our services.

5.2.4. to third party operators.

5.2.5. where we are legally obliged to make disclosure.

6. CROSS-BORDER TRANSFER

We may transfer personal information to recipients outside the Republic of South Africa. We will only do so if the jurisdiction into which the personal information is transferred has legal protection substantially similar to the legal protection afforded by POPIA. Where we engage an Operator (as defined in POPIA) to process personal information we will ensure that we have valid and binding agreement that provides your personal information adequate protection.

7. THIRD PARTY PROCESSING

7.1. We are a tech business and tech businesses often use third parties to provide hosting services, communicate with clients, power their emails, and provide infrastructure. We do business with third parties who we believe are at the top of their respective fields and take data protection as seriously as we do.

7.2. If you have any further questions or queries related to our third-party service providers, please send us an email.

8. SECURITY

8.1. We cannot the absolute security of your personal information, however, we have implemented reasonable measures to protect your personal information against accidental or unlawful access, alteration, destruction, disclosure, and loss. We have physical, electronic, and managerial policies in place to safeguard your personal information. To find out more about please send us an email.

8.2. Due its nature, we cannot guarantee the security of the personal information transmitted via the internet. We cannot be held liable for any loss of privacy that occurs as a result of your personal information being transmitted via the internet.

8.3. In the event of a personal information breach (also commonly known as a data breach) we have a duty to notify the Information Regulator and the affected data subjects.

8.4. We have put in place appropriate procedures to deal with any personal information breach and will notify both the Information Regulator and you as soon as is reasonably possible for us to do so.

9. RENTENTION POLICY

We will only retain your personal information for the time period for which it is required for us to provide the legal services or a related purpose (provided that the purpose is legitimate) or to comply with legislation or an applicable legal requirement, which ever time period is longer. To find out more about our document retention policy please us an email.

10. YOUR RIGHTS

10.1. You have the right to access the personal information we hold and request us to erase, rectify and restrict the use thereof as well as to withdraw your consent for us to use your personal information. Should you wish to do any of these things please send us an email.

10.2. You have the right to unsubscribe from receiving marketing material from us.

10.3. Should you feel that we have failed to comply with data protection legislation, you have the right to lodge a complaint to Information Regulator.

11. CHANGES TO THIS POLICY

11.1. We reserve the right to unilaterally amend, modify, revise, or vary the terms of this Policy, either in whole or in part. We will publish the amended version of this Policy on our website.

11.2. This Policy is effective as of 1 July 2021.