WEBSITE PRIVACY POLICY
This Privacy Policy describes Our policies and procedures on the collection, use, processing, and disclosure of Your information when You use the Service and tells You about Your privacy rights under applicable data protection legislation, specifically the Protection of Personal Information Act (PoPIA) in South Africa and the General Data Protection Regulation (GDPR) in the European Union.
We use Your Personal Data to provide and improve the Service, manage client interactions, and ensure statutory compliance. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
- Interpretation and Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
- Account means a unique account created for You to access our Service or parts of our Service.
- Company (referred to as either ‘the Company’, ‘We’, ‘Us’ or ‘Our’) refers to Brenn-O-Kem (Pty) Ltd., Off the R46 between Wolseley and Ceres, Wolseley, 6830. For the purposes of PoPIA, the Company acts as the Responsible Party; under the GDPR, the Company acts as the Data Controller.
- Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
- Country refers to the Republic of South Africa.
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- Personal Data / Personal Information means any information relating to an identifiable, living natural person, and where applicable, an identifiable, existing juristic person (in accordance with South African PoPIA) or an identified or identifiable natural person (in accordance with GDPR). It includes identifiers such as names, contact details, identity numbers, and location parameters.
- Service / Website refers to the Brenn-O-Kem Website, accessible from https://www.brenn-o-kem.co.za/
- Service Provider means any natural or legal person who processes data on behalf of the Company. It refers to third-party companies or individuals (Operators under PoPIA / Data Processors under GDPR) employed by the Company to facilitate, deliver, or analyze the Service.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- You / Your means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable (referred to as Data Subject under PoPIA and GDPR).
- Collecting and Using Your Personal Data
Types of Data Collected
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to: Email address, First name and last name, Phone number, and Physical/Postal Address.
Usage Data & Technical Tracking
Usage Data is collected automatically when using the Service. This may include Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the specific pages of our Service that You visit, the time and date of Your visit, unique device identifiers, and other technical diagnostic data.
In compliance with standard security frameworks, technical access indicators and telemetry trails are securely tracked to protect host infrastructure integrity.
Tracking Technologies and Cookies
We use Cookies and similar tracking technologies (such as web beacons, tags, and scripts) to track the activity on Our Service and securely cache session data. Flash Cookies have been explicitly removed from our technical stack to comply with standard security and modern browser privacy architectures.
- Legal Basis and Purpose of Processing
The Company processes Personal Data under the following lawful grounds specified by PoPIA (Section 11) and GDPR (Article 6):
- Consent: Consent given freely by the Data Subject.
- Contractual Performance: Processing is required for the execution or entry of a commercial service contract.
- Legal Obligation: To fulfill statutory requirements, tax regulations (SARS), and local corporate mandates.
- Legitimate Interests: To safeguard network perimeter security, prevent fraud, and maintain operational resilience.
- Cross-Border Data Transfers
Your information, including Personal Data, may be transferred to—and maintained on—computers located outside of South Africa or the EU/EEA where server infrastructures or cloud repositories reside. The Company guarantees that no cross-border data transfer will occur unless the recipient country offers an adequate level of data protection equivalent to PoPIA and GDPR, or binding standard contractual clauses (SCCs) are established with the recipient.
- Data Subjects’ Statutory Rights
Under PoPIA and GDPR, you possess clear statutory rights regarding Your Personal Data, including:
- Right of Access: The right to confirm whether we hold your information and request a copy of the specific data record.
- Right to Rectification / Correction: The right to request the correction or update of inaccurate, incomplete, or out-of-date records.
- Right to Erasure (‘Right to be Forgotten’): The right to request that we delete or erase Your records, subject to statutory retention limitations.
- Right to Object & Restrict: The right to object to processing based on legitimate interests or direct marketing channels.
- Security and Retention Policy
The Company will retain Your Personal Data only for as long as is necessary for the fulfillment of the purposes outlined in this policy or to satisfy legislative and tax retention obligations. We implement rigorous technical and organizational measures (including perimeter firewalls, access controls, and encryption) to safeguard data against unauthorized access, loss, or manipulation. However, while we employ industry-standard defenses, absolute transmission security over the internet cannot be fully guaranteed.
- Contact Details and Regulatory Redress
If you have any questions about this Privacy Policy or wish to exercise your statutory data rights, you may contact our Information Officer via the following channels:
Email: reception@brennokem.co.za
Website Contact: https://www.brenn-o-kem.co.za/contact-us/
Phone: +27 23 231 1060
Postal Address: P.O. Box 71, Wolseley, 6830, South Africa
Physical Address: Off the R46 between Wolseley and Ceres, Wolseley, 6830
You also possess the right to lodge a complaint directly with the relevant supervisory body:
- South African Information Regulator: https://inforegulator.org.za/