Last Updated: 25th March 2025
Company Name: Webworx Web Services (Pty) Ltd
Website: https://webworxdesign.co.za/
1. Introduction
Webworx Web Services (Pty) Ltd (“Webworx”, “we”, “us”, or “our”) respects your privacy and is committed to safeguarding your personal information.
This Privacy Policy outlines how we collect, use, store, and protect your personal data in accordance with the following laws:
- The EU General Data Protection Regulation (GDPR),
- The UK GDPR, and
- South Africa’s Protection of Personal Information Act (POPIA).
By engaging with our services, visiting our website, or communicating with us, you agree to the terms of this Privacy Policy.
2. Information We Collect
We collect and process the following types of personal information:
a. Personal Information
- Full name, company name, job title or role
- Email address, telephone number, and other contact details
- Billing and payment information where applicable
b. Technical Information
- IP address, browser type, operating system, and device identifiers
- Website usage data (via cookies and analytics tools)
c. Communications and Project Information
- Messages and meeting records via Microsoft Teams, Slack, and Gmail
- Project documents, briefs, and files shared via Google Drive
We do not intentionally collect or process special categories of personal data (e.g., health, race, religion) unless explicitly required and consented to.
3. Purpose for Processing
We process personal information for the following lawful and legitimate purposes:
- To provide and manage our digital, web, and design services
- To communicate with clients and partners via approved tools (Teams, Slack, Gmail)
- To manage contracts, invoicing, and client relationships
- To improve service quality and website performance
- To comply with legal and regulatory obligations
4. Legal Basis for Processing (GDPR)
Processing of personal data is based on the following lawful grounds:
- Contractual necessity – to perform our obligations under a contract with you
- Legitimate interests – to operate and improve our services
- Consent – for marketing communications or optional data uses
- Legal obligation – to comply with tax, accounting, and compliance requirements
You may withdraw consent at any time by contacting [email protected].
5. Lawful Processing Conditions (POPIA)
Under POPIA, Webworx ensures that all processing of personal information is:
- Lawful and reasonable,
- Collected for a specific, explicitly defined purpose,
- Not excessive relative to its purpose, and
- Handled with appropriate security safeguards.
We process information only where necessary for legitimate business activities, contractual performance, or where you have given voluntary, informed consent.
6. Data Sharing and Operators
We do not sell, rent, or trade your personal data.
However, we may share it with trusted service providers (“operators” under POPIA) who assist us in delivering services, such as:
| Tool | Purpose | Provider | Jurisdiction |
| Microsoft Teams (M365) | Communication and collaboration | Microsoft | EU / US (SCCs applied) |
| Google Drive & Gmail (Google Workspace) | Secure file storage and email | EU / US (SCCs applied) | |
| Slack | Internal project collaboration | Slack Technologies | US (SCCs applied) |
All third-party processors are bound by strict Data Processing Agreements (DPAs) and comply with GDPR and POPIA standards.
7. International Data Transfers
We may transfer and store personal data outside South Africa or the European Economic Area (EEA).
When this occurs, we ensure that appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs), or
- Equivalent data protection frameworks ensuring lawful cross-border data transfers.
8. Data Retention
Webworx retains personal information only for as long as necessary to:
- Fulfil the purposes it was collected for,
- Comply with legal and tax obligations, and
- Resolve disputes or enforce agreements.
When no longer required, personal data is securely deleted, anonymised, or archived in compliance with GDPR and POPIA.
9. Data Security Measures
We apply technical and organisational measures to safeguard personal information, including:
- Encrypted cloud storage (Google Drive)
- Secure communications via Teams, Slack, and Gmail
- Multi-factor authentication (MFA) for all systems
- Role-based access control and regular password rotation
- Employee training on POPIA and GDPR compliance
- Regular audits and data access reviews
10. Your Rights Under GDPR and POPIA
You have the following rights regarding your personal information:
| GDPR Rights | POPIA Equivalent |
| Access your data | Request access to personal information held |
| Rectification | Request correction or update of data |
| Erasure (“Right to be Forgotten”) | Request deletion of personal information |
| Restriction of processing | Object to or restrict processing |
| Data portability | Receive your data in a portable format |
| Objection | Withdraw consent at any time |
To exercise these rights, contact [email protected]
We will respond within the timeframes required by law.
11. Cookies and Website Tracking
Our website uses cookies and analytics tools to improve functionality and performance.
You can manage cookie preferences via your browser settings.
For more details, please refer to our Cookie Policy (if applicable).
12. Personal Information Breach Notification
In the event of a data breach, Webworx will:
- Assess and contain the breach immediately
- Notify the Information Regulator (South Africa) and, where applicable, the ICO or EU supervisory authority within the required timeframe
- Inform affected individuals if there is a material risk to their rights or privacy
- Implement corrective actions to prevent recurrence
13. Contact Details
If you have any questions, complaints, or requests relating to this Privacy Policy, please contact us:
Webworx Web Services (Pty) Ltd
Email: [email protected]
Address: House Vincent, Wynberg Mews, 10 Brodie Road, Wynberg 7800, Cape Town
If you are not satisfied with our response, you may lodge a complaint with:
- The Information Regulator (South Africa) – https://inforegulator.org.za
- Or your local Data Protection Authority within the EU or UK.
14. Updates to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.
All updates will be posted on our website with a revised “Last Updated” date.