PRIVACY POLICY
Effective date: 23 August 2024
1.
About us
1.1.
Apollo Brands (Pty) Ltd (the 'Company', 'we', 'us', or 'our') is a private company registered and operating in accordance with the laws of the Republic of South Africa, situated at 2nd floor, Block 3, Northgate Park, Section Street, Paarden Eiland, Cape Town, Western Cape, 7441. We value your privacy and remain committed to the protection of your personal information.
2.
About this privacy policy
2.1.
The purpose of this policy ("privacy policy") is to communicate how we process personal information relating to identifiable natural persons or existing juristic persons (collectively "personal information"), and to share certain information required in terms of the Protection of Personal Information Act 4 of 2013 ("POPIA").
2.2.
This privacy policy applies where we process personal information where we are the responsible party which includes, for instance, website visitors' information, customer information, or business-to-business contact information.
2.3.
We may update this privacy policy from time to time by publishing a revised version on this website, which shall take effect on the date of publication. Please be sure to keep yourself up to date with our latest privacy policy.
2.4.
This privacy policy should be read with any other agreements, terms, policies and the like published by us in relation to our services. To the extent that any other binding document may conflict with our privacy policy, the former shall prevail.
2.5.
Should you have any questions about this privacy policy or how we process your personal information, please contact us at contact@aresholdings.co.za.
3.
The types of personal information we process and how we obtain it
3.1.
Our website:
| Type | Source | Voluntary or mandatory with legal basis for processing | Consequences of failure to provide the information |
|---|---|---|---|
| Personal details to fulfil orders: Name Contact details Payment information Shipping and billing address | Direct | Mandatory – Performance of a contract | We will not be able to fulfil orders. |
| Account login credentials: Username Password | Direct | Mandatory – Performance of a contract | You will not be able to log in to our online services. |
3.2.
Information relating to our commercial partners:
| Type | Source | Voluntary or mandatory with legal basis for processing | Consequences of failure to provide the information |
|---|---|---|---|
| Identifying information: Supplier, wholesale customer or debtor name Registration number | Directly and/or indirectly from publicly available information | Mandatory – performance of a contract | We will not be able to procure goods or services from a supplier without this information, or provide goods or services to a wholesale customer. |
| Supplier, wholesale customer or debtor contact details: Email address Telephone numbers | Directly and/or indirectly | Mandatory – performance of a contract | We will not be able to contact a supplier, wholesale customer, or debtor without at least one of these items being provided. |
| Contact details of employees of suppliers, wholesale customers or debtors: Work email address Telephone numbers | Directly and/or indirectly | Voluntary – performance of a contract | We will not be able to contact individuals within a supplier, wholesale customer, or debtor without this information. |
| Supplier, wholesale customer or debtor VAT number | Direct | Mandatory if supplier, wholesale customer, or debtor charges VAT – obligation imposed by law | Supplier, wholesale customer, or debtor will not be able to charge VAT without providing a VAT number. |
| Supplier banking details | Direct | Voluntary – performance of a contract | We will not be able to pay our suppliers without this information. |
| Email correspondence with suppliers, wholesale customers or debtors and their employees | Direct | Voluntary – performance of a contract; legitimate interest of the data subject and responsible party | We will not be able to respond to communication from suppliers, wholesale customers, or debtors without processing this information. |
4.
Your right to update, correct, or delete your information
4.1.
You can update, correct, or delete personal information relating to your account with us by logging into your account on our website at any time.
4.2.
If you wish to update, correct, or delete other personal information that you cannot update, correct, or delete on your account on our website, you may contact us at: contact@aresholdings.co.za .
5.
Your right to object to the processing of your personal information
5.1.
You have the right to object to the processing of your personal information where we are relying on your legitimate interests, our legitimate interests, or those of a third party to process the personal information.
5.2.
You may also object generally to the processing of your personal information on reasonable grounds relating to your particular situation, for instance, where such processing negatively impacts your fundamental rights and freedoms.
5.3.
If you wish to object to the processing of your personal information as described under this heading, kindly contact us at contact@aresholdings.co.za .
6.
Storage and security of your personal information
6.1.
We implement technical and organisational measures to ensure that the personal information in our possession remains confidential and secure against unauthorised or unlawful processing, and against accidental loss, destruction, or damage. Our efforts in this regard will comply with the requirements of applicable law.
6.2.
You acknowledge and agree however that there are inherent risks to the security of data in the use of providing web-based transactional services. We accordingly do not guarantee that your data cannot ever be compromised, and you accept this risk by using our website.
6.3.
When you have chosen or been given a password which enables you to access certain functions of our website, you are responsible for keeping that password confidential. Please do not share your password with anyone.
6.4.
We will keep your personal information for only a reasonable amount of time, to enable us to use it for the purposes described in this privacy policy and in accordance with applicable law.
7.
How we share your personal information
7.1.
Subject to compliance with POPIA, we may disclose your personal information to any of our subsidiaries or third-party service providers as required to render services to you, which include without limitation the following categories of service providers:
7.1.1.
payment gateway service providers;
7.1.2.
vendors which facilitate returns and exchanges;
7.1.3.
marketing automation and communications vendors;
7.1.4.
vendors which automate and customise order document generation;
7.1.5.
service providers which facilitate product review automation and enhancement;
7.1.6.
customer relations management vendors; and
7.1.7.
shipping and order management vendors.
7.2.
Some of our third-party service providers are also located outside of South Africa, and accordingly your personal information may be transferred outside of South Africa. We will only do so, in accordance with POPIA, (1) once we have obtained your consent, (2) in order to render services to you in terms of a contract to which you are a party or which was concluded with a third party in your interest, or (3) where the recipient of the personal information is subject to a law, binding corporate rules, or binding agreement which adequately safeguards your personal information in a manner substantially similar to POPIA.
7.3.
From time to time, we may engage service providers which process personal information in countries including but not limited to Israel, Ireland, the United States, Switzerland, the United Kingdom, Canada, Denmark, and various countries within the European Economic Area ("EEA").
7.4.
Information processed within the EEA is subject to the level of protection provided by the General Data Protection Regulation ("GDPR").
7.5.
The level of protection afforded to information processed by service providers in countries outside of the EEA depends on the laws of that particular country as well as any applicable binding corporate rules or binding agreements to which the service provider may be subject. All non-EEA countries listed at 7.3, namely, Israel, the US, Canada, Switzerland, and the UK, have been declared by the European Commission to offer protection equivalent to that offered by GDPR.
8.
Disclosures
8.1.
On rare occasions, we may be required to disclose your personal information because of legal or regulatory requirements. In such instances, we reserve the right to disclose your personal information as required in order to comply with our legal obligations, including complying with court orders, warrants, subpoenas, service-of-process requirements, and/or discovery requests.
8.2.
We may also disclose information about our users to law enforcement officers or others, in the good faith belief that such disclosure is reasonably necessary to enforce our terms of use or this privacy policy, or respond to legal claims that any content violates the rights of third parties, or to protect our intellectual property rights or our personal safety or the personal safety of our users or the general public.
9.
How to contact the Information Regulator
9.1.
Section 74(1) of POPIA provides that any person may submit a complaint to the Regulator in the prescribed manner and form alleging interference with the protection of the personal information of a Data Subject.
9.2.
Contact information of the Information Regulator:
Postal address
JD House 27 Stiemens Street Braamfontein Johannesburg 2001
Telephone number
+27 (0) 10 023 5200
Fax number
086 500 3351
Email address
enquiries@inforegulator.org.za
Website
www.inforegulator.org.za