How ThengaKart collects, uses, stores, and protects user's personal information.
This Data Protection and Privacy Policy outlines how we process your personal information when you engage with us, access the ThengaKart platform, and utilize our services. It details our commitment to handling personal information in a way that upholds the constitutional right to privacy while ensuring accountability and managing data subject participation.
By interacting with us, either electronically or physically, you consent to the processing and transfer of your personal information as described in this policy.
If you have any questions or concerns about how we process your personal information, please reach out to us using the contact details provided in Clause 16 of this policy.
1.1 “Affiliate(s)” refers to entities, individuals, firms, or corporations directly or indirectly connected to us that facilitate the delivery of our services, as listed in Annexure A below.
1.2 “Anonymisation” involves converting personal information into an anonymous format so that individuals are not identifiable.
1.3 “Annexure(s)” refers to any supplementary documents attached to this policy, subject to updates.
1.4 “Applicable Law(s)” encompasses all relevant laws, regulations, and codes of practice in force at any given time.
1.5 “Biometric Information” includes data obtained through techniques like fingerprinting, DNA analysis, retinal scanning, and voice recognition.
1.6 “Users” refers to users who use the ThengaKart platform to search for goods and services from vendors.
1.7 “Child” means a person under the age of 18.
1.8 “Consent” denotes a voluntary, informed, and specific agreement to the processing of personal information as per applicable laws.
1.9 “Cookies” are small data files generated by a website and stored by your browser to remember information about you. If you choose not to accept cookies, you may still view some content on the ThengaKart platform, but not all.
1.10 “Data” includes personal information, usage data, cookies, and/or location data.
1.11 “Data Protection Authority” refers to regulatory bodies in various jurisdictions responsible for data protection, as established by applicable laws.
1.12 “Data Subject” refers to users or any individual whose personal information we or our affiliates process.
1.13 “Electronic Communication” has the meaning assigned to it under POPIA.
1.14 “ECTA”stands for the Electronic Communications and Transactions Act, No. 25 of 2002.
1.15 “Financial Information” includes details such as account information, identifiers of account holders, and transaction specifics.
1.16 “Goods and Services” refers to products and services promoted on the ThengaKart platform that Users and vendors transact.
1.17 “ThengaKart” refers to ThengaKart South Africa Proprietary Limited, located at 11th Floor Roggebaai Place, 4 Jetty Street, Foreshore, Cape Town, Republic of South Africa.
1.18 “ThengaKart Account” is the standard account required for using our services, subject to verification under certain conditions.
1.19 “ThengaKart Platform” / “Platform” means the website where services are provided, enabling users to interact, initiate transactions, and access goods and services.
1.20 “Location Data” includes information about the physical location of a data subject’s device.
1.21 “PAIA” refers to the Promotion of Access to Information Act 2 of 2000.
1.22 “Person” includes individuals, firms, companies, corporations, and any other entities with or without a separate legal personality.
1.23 “Personal Information” encompasses data related to an identifiable, living person, including but not limited to demographic details, education, financial history, biometric data, and correspondence.
1.24 “Policy” refers to this Data Protection and Privacy Policy.
1.25 “POPIA” stands for the Protection of Personal Information Act, No. 4 of 2013, and its amendments.
1.26 “Processing” refers to any operation involving personal information, including collection, storage, use, and deletion.
1.27 “Pseudonymisation” involves processing personal information in such a way that it cannot be attributed to a specific person without additional information.
1.28 “Public Information” refers to information shared with the public, including content published on our website, accessible through online search engines and media.
1.29 “Responsible Party” is the entity that determines the purpose and means of processing personal information. For this policy, we are the responsible party as defined in POPIA.
1.30 “Seller(s)” are users who utilize the ThengaKart platform to market and sell goods and services.
1.31 “Services” include the functionalities provided by the ThengaKart platform, such as user verification, communication, transaction processing, and the procurement of transport, insurance, and payment services.
1.32 “Service Provider(s)” are third parties contracted by ThengaKart to offer additional services to users.
1.33 “Third-Party Services” refers to products and services provided by service providers through the ThengaKart platform.
1.34 “Unique Identifier” is a specific identifier assigned to a data subject that uniquely identifies them in relation to the responsible party.
1.35 “Usage Data” refers to data collected automatically, such as website visit duration, as detailed in Clause 5.
1.36 “User(s)” includes anyone using the ThengaKart platform and services and vendors refer to businesses that list and advertise themselves on the Thengakart platform.
1.37 “Website(s)” refers to our main website at https://www.ThengaKart.com/ and any subsidiary or affiliated company websites.
2.1 When you interact with us—whether physically, electronically, or through our Services or Platform—you may need to provide us with personal information. Additionally, when you use our Platform or Website, we may automatically collect data from you. We will handle and process this data according to this Policy.
2.2 We may also gather personal information from other sources, such as our Service Providers, social media platforms, blogs (where information may become public), and business associates. We will update you about such collections through amendments to this Policy.
2.3 If you provide us with personal information about others, we will process that information in line with this Policy and any applicable terms and conditions.
2.4 The types of personal information we may process include, but are not limited to:
– Full names
– Identity numbers
– Registration numbers
– Financial information
– Statutory information
– Physical and postal addresses
– Telephone numbers
– Email addresses
2.5 We will adhere to the notification requirements set forth in applicable laws, including Section 18 of POPIA, when collecting personal information from you.
2.6 When you provide personal information, we may need to verify that you are competent and authorized to give consent for processing such information.
2.7 While you are not always required to provide all requested personal information, choosing not to may limit your ability to fully utilize some of our Services and Platform features.
2.8 We process personal information primarily to enhance our Services, manage business operations, maintain a legally compliant environment, and protect your information.
2.9 We may use your personal information for other legitimate business purposes, including:
– Account Registration: Personal information such as your name, address, phone numbers, email address, or user ID may be collected when you register for a ThengaKart account.
– Account Verification: To verify your ThengaKart account, we might process your personal information ourselves or share it with Service Providers for authentication and verification.
– Transactions and Services: During transactions, such as posting or responding to ads, or when making payments, we may process your financial information.
– Community Engagement: Information collected when you participate in community activities, submit forms, or engage in discussions.
– Account Interaction: Information updated or added to your ThengaKart account, including preferences, alerts, and saved searches.
– Contacting Us: Information shared through web forms, chats, or other communication methods used for service support.
2.10 We automatically collect the following types of information:
– Device Information: Including device ID, type, advertising ID, and unique device tokens.
– Location Information: Such as geo-location data.
– Connection Information: Including page views, traffic statistics, referral URLs, advertisement data, IP address, browsing history, and web log information.
2.11 We use cookies, web beacons, and similar technologies to collect information about your interactions with our Services, including the pages you view and links you click. For details on how we use these technologies and how to control them, refer to our Cookie Policy.
2.12 We may collect information from other sources, such as:
– Service Providers: Publicly available demographic, contact information, and credit check data, as allowed by applicable laws.
– Social Media Platforms: When you use social media to connect with your ThengaKart account, we may gain access to personal information from these platforms (e.g., content viewed, likes, ad interactions). If you connect a ThengaKart account with video content, we may share or collect video viewing information for up to two years or until you withdraw consent. You can manage the personal information we access through your social media privacy settings and permissions. By granting us access, you consent to our collection, use, and retention of this information according to this Privacy Policy.
3.1 We utilize your personal information to enhance, tailor, and provide our Services. Specifically:
3.1.1 Your personal information helps us:
– Access and Use: Provide access to and manage your use of our Services, including your history, internal messages, and other features.
– Account Verification: Verify your ThengaKart Account and share your information with select Service Providers for authentication purposes.
– Content Recommendations: Offer content related to Goods and Services that might interest you.
– Service Optimization: Customize, measure, and improve our Services.
– Requested Services: Deliver other Services you have requested, as described when we collect the information.
– Location-Based Services: Provide location-specific features, such as personalized advertising and search results.
3.1.2 We may contact you regarding your ThengaKart Account through various channels (e.g., ThengaKart Chat Platform, My Messages, email, phone, or SMS) for:
– Customer Support: Assisting with troubleshooting, collecting fees, or seeking feedback through surveys.
– Policy Enforcement: Addressing issues related to our Terms and Conditions, policies, or other agreements.
4.1 We will only use your personal information for direct marketing if permitted by applicable laws, and we will comply with all relevant legal requirements.
4.2 Where permitted, we will provide you with an option to opt-out of direct marketing at the point of collection and in each marketing communication. Opting out may take approximately 6 weeks to process within ThengaKart.
4.3 To stop receiving promotional emails, follow the instructions included in those emails. Even if you opt out, you may still receive non-promotional emails related to the Services you use.
5.1 Our Platform uses cookies to track your visits and activities.
5.2 For details on our use of cookies and how to manage them, please refer to our Cookie Policy on our Website.
6.1 We may process Usage Data sent by your browser when you visit or interact with our Platform or Services via any device.
6.2 This Usage Data may include:
– Device IP address
– Browser type and version
– Websites visited, pages viewed, and URL data
– Time and date of visits, duration on pages
– Device type, unique ID, and operating system
7.1 With your permission, we may process Location Data to enhance or personalize our Services.
7.2 You can enable or disable location services via your device settings at any time.
8.1 We take appropriate measures to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.
8.2 Our security measures include physical access controls, confidentiality protocols, encryption, firewalls, intrusion detection, and network monitoring, depending on the nature of the information and the scope of processing.
8.3 While we strive for robust security, no method of transmission or storage is completely secure. We cannot guarantee absolute security.
9.1 We retain your data only as long as necessary.
9.2 Retention periods depend on:
– The purpose for which the information was collected or processed
– Legal obligations under applicable laws
– Contractual agreements
– Your consent
9.3 You have the right to object to the processing of your data at any time, but we may need to retain data to address such objections or inquiries.
9.4 We use pseudonymization to retain Usage Data for internal analysis, typically for shorter periods unless used for security or functional improvements or required by law.
10.1 Your data may be transferred and processed outside your local jurisdiction, where data protection laws may differ.
10.2 If you provide data from outside South Africa, it may be transferred to and processed in South Africa.
10.3 By consenting to this Policy and submitting your data, you agree to such transfers.
10.4 We will take reasonable steps to ensure your data is treated securely according to this Policy and will only transfer it to organizations or countries with adequate data protection laws.
10.5 We will delete or purge your personal information as required by applicable laws and regulatory standards.
11.1 We may share your personal information with Service Providers as necessary to fulfill the purposes for which it was collected.
11.2 We will enter into written agreements with Service Providers, where appropriate, to ensure their compliance with applicable data protection laws.
11.1 Affiliate Transfers: Our Affiliates may transfer your personal information among themselves to fulfill operational needs and assist us in meeting our obligations to you.
11.2 Compliance and Standardization: All Affiliates adhere to the principles set forth in this Policy to ensure that transfers of personal information between them comply with applicable laws and maintain the original purpose for which the information was collected.
11.3 Conditions for Transfer: Affiliates may transfer personal information under the following conditions:
– Instruction: When directed by you or our Affiliates.
– Consent: When you have provided consent where required.
– Service Improvement: To provide features, add value, or enhance our Services and Platform.
– Quality Enhancement: To improve the quality of our Services and Platform.
– De-identified Data: When the data has been de-identified, aggregated, or anonymized.
– Support Services: For marketing, billing, credit card processing, data analysis, fraud prevention, security, technical support, and customer service.
– Service Fulfillment: To fulfill our Services or assist prospective customers.
– Legal Compliance: To comply with laws or respond to legal requests.
– Vital Interests: To protect a Data Subject’s vital interests if necessary.
– Business Transactions: In connection with business transfers, mergers, acquisitions, or other transactions involving the sale, transfer, or disclosure of our business or assets.
11.4 Third-Party Control: We do not control third parties or Affiliates not contracted to process personal information on our behalf. These entities manage their use of personal information independently. We recommend reviewing their privacy policies for details on their data handling practices.
12. Children’s Privacy
12.1 Not for Children: Our Services are not intended for use by children.
12.2 No Collection: We do not knowingly collect personally identifiable information from children.
12.3 Action on Discovery: If we discover that a child has provided personal information, please contact us as described in Clause 16.
12.4 Removal: Upon discovering that we have collected personal information from children without parental consent, we will promptly remove or delete such information.
13. Access
13.1 View and Update: You can view, review, and update your personal information by signing in to your ThengaKart Account. Please update your information immediately if it changes or is inaccurate.
13.2 Public Postings: Once you make a public posting, it may not be possible to change or remove it.
13.3 Account Deletion: To delete your ThengaKart Account, request so, and we will close your account and remove your information as soon as possible, based on account activity and legal requirements.
13.4 Access Requests: You can request access to, modification, or deletion of your personal information. We may have legal reasons to withhold or refuse requests but will provide reasons if applicable. For contact details and potential fees, refer to Clause 16 or consult our PAIA Manual.
14. PAIA Manual
14.1 PAIA Overview: The Promotion of Access to Information Act (PAIA) in South Africa governs access to information held by public and private bodies.
14.2 Request Information: For information on how to review, amend, or obtain a copy of your personal information, refer to our PAIA manual available on our website.
15. Your Rights
15.1 Rights Overview: You have several rights regarding your personal information, subject to certain considerations.
15.2 Specific Rights:
– Right of Access: Request a copy of the personal information we hold.
– Right to Know: Inquire about personal information shared with Affiliates or Service Providers.
– Right to Change: Request updates or deletion of inaccurate or irrelevant personal information.
– Right to Object: Object to our processing of your personal information.
– Right to Report: File a complaint with relevant authorities if you are dissatisfied with how your information has been processed. Contact details for the Data Protection Authority are in Clause 16.
16. Contact Us
For updates or concerns regarding your personal information, contact us:
Email Address: support@thengakart.com OR vendors@thengakart.com
17. Communications With You
17.1 Electronic Communication: By using our Website or contacting us, you consent to receiving communications via email, SMS, WhatsApp, and other electronic channels. Information sent through these channels may be stored by us and the providers (e.g., WhatsApp).
17.2 Receipt of Communication: Electronic communications are deemed received when sent unless proven otherwise. You are responsible for ensuring you have access to the necessary technology and data for these communications.
17.3 Changing Preferences: To change your communication preferences or opt-out of specific channels, contact us as described in Clause 16.
17.4 Risk and Responsibility: We strive to protect your personal information but cannot guarantee the security of information transmitted online or via third-party platforms like WhatsApp. Use of such platforms is at your own risk, and all communications provided electronically meet legal writing requirements.
18. Disclosures in Terms of Section 43 of ECTA
18.1 Electronic Transactions: Transactions on the Platform are considered “Electronic Transactions” as per ECTA.
18.2 Contact Information:
– Website: [www.ThengaKart.com](http://www.ThengaKart.com)
– Dispute Resolution: Disputes arising from the use of the Website or agreements will be resolved per ThengaKart’s Terms and Conditions
19. Changes to This Policy
19.1 Policy Updates: We may update or modify this Policy at our discretion without prior notice.
19.2 Purpose: Updates may address legislative changes, regulatory requirements, or business needs.
19.3 Supersession: The current Policy version supersedes previous versions.
19.4 Last Updated: This Policy was last updated on 1/08/20