We safeguard your privacy

Mtwiza Cyber is committed to protecting your personal data and respects your privacy.

Read Policy

Data Privacy & Protection Policy

This Policy explains how we obtain, use, and disclose your personal information, in accordance with the requirements of the South African Personal Information Act ("POPIA") and where applicable the General Data Protection Regulation ("GDPR") for European data subjects.

This end user agreement ("Agreement") is an agreement between you ("you" or "User") and Mtwiza Cyber Pty Ltd ("Mtwiza Cyber", "we," or "us").

By registering with Mtwiza Cyber, you hereby grant to Mtwiza Cyber a right to process your Data to the extent reasonably required for the performance of Mtwiza Cyber’s obligations and the exercise of Mtwiza Cyber’s rights under this policy.

This privacy policy covers the following:

  • Why we use your data
  • What data we process
  • How we use your data
  • Legal basis for processing your data
  • Your rights as a Data Subject
  • Data Retention
  • Sharing data with third parties
  • Privacy policy changes
  • Data Protection Officer

Why we use your data

The Mtwiza Cyber services are provided to customers through agreements between us and the customer and various specific Terms and Conditions that you agree with when you sign up.

We process your personal data for the following purposes:

  • To provide you with the Mtwiza Cyber service(s) you signed up for
  • To verify your identity when required
  • For the ongoing administration of the service
  • To allow us to improve the products and services we offer to our customers
  • To ask for your opinion about our products and service
  • To enable us to comply with our legal and regulatory obligations

What data we process

We will collect from you directly and process the following information:

  • First and last names
  • Physical addresses
  • Mobile number(s)
  • Business Telephone Number(s)
  • Email address(s)
  • Banking account details for the processing of Debit orders as and when required

How we process your data

Your personal information is being processed in various systems that offer Mtwiza Cyber the best-of-breed solutions. We only use systems that meets or exceeds all the relevant global regulatory requirements for data privacy.

Data is stored encrypted format across all devices and in physically secure data-centres with multiple levels of redundancy and security features.

Legal basis for processing your data

We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into a or perform a contract with you, with your consent, and or for compliance with our legal obligations.

We use information we collect and receive:

  • To facilitate account creation in the applicable systems
  • To send you marketing and promotional communications
  • To send administrative information to you
  • To enforce our terms, conditions, and policies
  • To respond to legal requests and prevent harm
  • For other Business Purposes. We may use our information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaign and to evaluate and improve our Website, products, services, marketing and your experience

Your rights under data protection law

Right to Access

You have the right of access to your data. A formal request via our call logging system is required to start the process.

Right to Rectification

You have the right to request that your personal information be corrected when required. Any requests for corrections to incorrect or inaccurate data will actioned within 24 business hours.

Right to be Forgotten (Right to Erasure)

You have the right to withdraw your consent to Mtwiza Cyber processing your data; depending on the circumstances, we may or may not be obliged to action this request. Where actioned, deletion of your personal information occurs within 24 business hours. Any financial transactional information relevant to you however must be retained for up to seven years for regulatory compliance.

Right to Object

You have the right to object to the processing of your information at any time; depending on the circumstances, we may or may not be obliged to action this request.

Right to Restriction of Processing

You have the right to request that we restrict the extent of our processing activities; depending on the circumstances, we may or may not be obliged to action this request.

Right to Data Portability

You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine readable format suitable for transferring to another data controller.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with the relevant supervisory authority if you believe we have infringed on your data protection or privacy. You can lodge your complaint in your country of residence, country of work or country where you believe we infringed your right(s).

Data Retention

We will only retain information for as long as is required for the fulfilment of services safely and securely. We may need to retain records for regulatory compliance fulfilment. Accordingly certain records must be retained for an extended duration, which may be up to seven years.

Sharing personal information with third parties

We use a range of trusted service providers to help deliver our services. All of our suppliers are subject to appropriate safeguards, and in compliance with POPIA and GDPR.

We may also have access to your personal information as part of delivering the service. If we need to change or add additional third parties, we will always update our privacy policy accordingly.

We will only disclose your information to other parties in the following limited circumstances:

  • Where we are legally obliged to do so, e.g. to law enforcement and regulatory authorities
  • Where there is a duty to disclose in the public interest
  • Where disclosure is necessary to protect our interest e.g. to prevent or detect crime and fraud
  • Where you give us permission to do so e.g. by providing explicit consent

Privacy policy changes

This policy is reviewed regularly. Any changes will be posted on our website. We reserve the right to change, modify, add, or remove portions of these terms at any time. We will post a clear, easily accessible notification on the website if there are any changes made to these Terms.

Jurisdiction

This privacy policy is governed by the Laws of the Republic of South Africa. You agree that any cause of action that may arise under this privacy policy shall be commenced and be heard in the appropriate court in South Africa. You agree to submit to the personal and exclusive jurisdiction of the courts located within South Africa.