This Policy includes the Company’s data protection and information security policy, and applies to the Company’s End Users and Website Users. The Company, as a responsible party, will only process Personal Information in a lawful and reasonable manner in order not to infringe the privacy of the User and/or End User.

Should any of the provisions of this Policy conflict with any terms and conditions contained in the Company‘s Terms and Conditions, then the terms and conditions, to the extent of any conflict, contained in this Policy shall prevail.

1. Binding Acceptance of Policy

By accessing, using and/or interacting with this Website and submitting contact forms, each User signifies his/her acceptance of this Policy and agrees to be bound by the terms and conditions as recorded herein.

For as long as the End User makes use of the Products and Services, he/she/it signifies his/her acceptance of this Policy and agrees to be bound by the terms and conditions as recorded herein.

2. Introduction

The Company is committed to protecting the personal information and privacy of our Users and End Users. A User can visit most pages on the Website without providing us with any Personal Information. Notwithstanding the aforesaid, the Company is required to process certain Personal Information in order for the User to enjoy full use of the Website, as well as to enable the Company to properly and sufficiently provide the Products and Services to our End Users.

The Company, as Responsible Party, is responsible for the processing of Personal Information, which processing must be done under and in terms of POPIA. The Company only processes Personal Information in accordance with the contents of this Policy, the POPIA and the Regulations.

This Policy indicates which Personal Information the Company processes when a User is accessing/making use of the Website, for what purpose it is being processed, and according to which principle the processing is permitted.

It also explains which Personal Information the Company processes when an End User is making use of the Products and/or Services, for what purpose, and under which principle such processing is permitted.

3. Definitions

“Company” – ITR Technology (Pty) Ltd (Registration Number: 2005/034144/07);

“Domain Name” – the domain name/s and/or internet address/es via which the Website is accessible, and more specifically https://itrtech.africa/;

“End User” – the Company’s customers/clients who purchased a software license from the Company in order to utilise and make use of the Products and Services under an end user license agreement;

“Information Officer” – the Company’s information officer, as defined in chapter 1 of the POPIA;

“IP” – internet protocol;

“PAIA” – the Promotion of Access to Information Act, Act 2 of 2000;

“Personal Information” – personal information as defined in terms of section 1 of the POPIA;

“Policy” – this privacy policy;

“POPIA” – the Protection of Personal Information Act, Act 4 of 2013;

“Processing” – processing as defined under and in terms of section 1 of the POPIA;

“Products” – the products and solutions being sold/licensed by the Company to its End Users, and more specifically the Products listed on the Website;

“Regulator” – as defined in Chapter 1 of the POPIA;

“Regulations” – the POPIA regulations published from time to time;

“Resellers” – entities granted the right to promote, market and sell the Products in a specific territory under a reseller agreement;

“Services” – the Product support services rendered by the Company to its End Users;

“Users” – individuals who access, use and/or interact with the Website;

“Terms and Conditions” – the agreement between the Company and its End Users located at https://itrtech.africa/terms-and-conditions/;

“Website” – the website accessible via the Domain Name, each microsite, and sub-page owned, operated and maintained by the Company.

4. Personal Information to be Processed When You Access the Website

The Company automatically collects and stores certain information in its server log files that your browser transmits. This includes:

• Browser type/version
• Operating system used
• Referrer URL (the previous page visited)
• Host name of the accessing computer (IP address, anonymised)
• Time of the server request

This information is processed for:

• Ensuring smooth connection and use of the Website
• Evaluating system security and stability
• Administrative and statistical purposes

Processing is done under section 11(1)(f) of POPIA for legitimate interests unless overridden by your rights.

Users can object at any time by submitting Form 1 under POPIA regulations. If an objection is received, the Company will stop processing immediately.

Log files are deleted or anonymised within 1–14 months unless longer retention is required for security investigations.

4. End User Personal Information

4.1 The following Personal Information of End Users is processed by the Company:

• Name and Surname
• Email Address
• Physical Work Location (i.e. geographical work location)
• Online Usernames (e.g. Skype, Twitter, LinkedIn)
• Mobile and/or Telephone Number
• Company Name and Details
• Software Licenses and Codes linked to the End User’s email address

4.2 This information is processed to sell/license and implement the Products, provide Services, respond to enquiries, administer logins, and safeguard user accounts.

4.3 The End User consents to the processing of this Personal Information. Consent can be revoked by contacting the Information Officer.

5. Contact Forms

5.1 Get in Touch
Personal Information collected:

• Name
• Surname
• Email Address
• Mobile and/or Telephone Number
• Company Name and Details (if applicable)

Used solely to contact the User. Consent is confirmed by ticking the consent box and submitting.

5.2 Get a Quote
Same fields as above. Used to provide quotes. Consent is confirmed by ticking the consent box and submitting.

5.3 License Renewal
Same fields as above. Used solely for license renewal. Consent is confirmed by ticking the consent box and submitting.

5.4 Request for Training
Same fields as above. Used to schedule training. Consent is confirmed by ticking the consent box and submitting.

5.5 Resources Subscription
Fields collected:

• Name
• Surname
• Email Address

Used for content subscription. Consent and opt-in confirmed by ticking the consent box and submitting.

6. Google Analytics

This Website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses cookies to analyse how Users interact with the Website. Data gathered is generally transferred to and stored on Google servers in the United States.

Google uses this data on behalf of the Website operator to evaluate usage, compile reports, and provide services related to website and internet usage. The IP address sent by your browser is not merged with other Google data.

Users can prevent cookies from being stored via their browser settings, but this may limit functionality.

7. Google Remarketing

This Website uses Google remarketing, which allows the Company to show targeted ads to Users based on past Website interactions. These ads appear within Google’s advertising network (AdWords or Display Network).

Users can opt out via Google Ad Settings or by disabling cookies in their browser.

8. Facebook Remarketing

This Website uses Facebook’s “Custom Audiences” to display interest-based ads. A remarketing tag connects directly to Facebook servers when the Website is visited, linking the visit to the User’s Facebook profile.

Users can learn more or disable this at Facebook Ad Settings.

9. Google reCAPTCHA

Used to detect human versus bot activity in online forms. Google collects:

• IP address
• URL of the visited page
• Time and duration of visit
• Browser and OS details
• Mouse movements and interactions

This processing is based on legitimate interest under section 11(1)(f) of POPIA to ensure Website security.

10. Marketing and Direct Marketing

Marketing is conducted in line with this Policy and POPIA. This includes:

• Content and lead generation email campaigns
• Webinars, training, and events
• Google and social media marketing

Personal Information is processed only with consent or where an existing client relationship exists. Users can unsubscribe anytime, after which Personal Information is deleted from marketing lists.

11. Third-Party Websites

The Website may link to external sites (e.g. social media). This Policy does not apply to those sites. Please review their individual privacy policies.

12. Minors

This Website is not intended for individuals under 18 years old. The Company does not knowingly collect data from minors.

13. Collection of Information

Most Personal Information is collected directly from data subjects. In some cases, information may be collected from third parties with the data subject’s consent.

14. Retention and Destruction

Personal Information is retained only as long as necessary to fulfil its purpose, or as required by law. When no longer required, it is securely destroyed as per POPIA sections 14(4) and 15(5).

15. Further Processing

The Company will not further process Personal Information without consent, unless it is compatible with the original purpose. Trusted third-party operators may receive data under binding contracts aligned with POPIA.

16. Information Quality

Users and End Users must ensure the accuracy and completeness of their Personal Information. The Company may periodically request verification of information for compliance with POPIA.

17. PAIA Manual

The Company’s PAIA Manual is available at this link.

18. Access and Correction

Data subjects can request access to, or correction of, their Personal Information under sections 23–25 of POPIA, upon proof of identity.

19. Transborder Information Flows

Personal Information may be transferred to ManageEngine’s office in India to facilitate Website operation and service delivery. The User/End User consents to such transfer.

20. Complaints

Complaints about non-compliance with this Policy or POPIA can be submitted to the Regulator under Chapter 10 of POPIA.

21. Disclosure and Policy Changes

21.1 Third-Party Disclosure
As a general rule, Personal Information is not shared with third parties except where required by law or described in this Policy.

21.2 Resellers
The Company may transfer Personal Information to authorised Resellers. Consent is deemed granted for this purpose.

21.3 Changes to This Policy
This Policy may be updated from time to time. The latest version will always be available on the Website.

22. Contact Information

To exercise any rights or ask questions about this Policy, please contact:

• Information Officer: Philip Slimowitz
• Tel: 012 665 5551
• Email: philip@itrtech.africa
• Address: Building 1, Princeton Office Park, Olievenhoutbosch Rd, Highveld, Centurion

Last Updated: March 2022