PRIVACY AND PROTECTION OF PERSONAL INFORMATION POLICY

1. Introduction to Our Commitment

Audio Africa Broadcasting Services (Pty) Ltd, referred to as “the Company”, “we”, “us”, or “our”, is committed to protecting the privacy of our clients, suppliers, and website visitors. We recognise that the personal information we process is a critical asset. Our objective is to ensure that every interaction with our brand is governed by the highest standards of data integrity and security.

This policy describes how we collect, use, disclose, and protect your personal information. By engaging with our services, using our website, or contacting our team, you agree to the practices outlined in this statement.

2. Definitions and Interpretations

To ensure absolute clarity, the following terms are used in accordance with the definitions provided in the Protection of Personal Information Act (POPIA):

• Data Subject: The person to whom the personal information relates. This includes our clients, employees, and service providers.

• Information Officer: The person within the Company responsible for ensuring compliance with the Act.

• Personal Information: Information relating to an identifiable, living, natural person, or an identifiable, existing juristic person (companies).

• Processing: Any operation or activity, whether or not by automatic means, concerning personal information.

• Responsible Party: A public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information. In this instance, the Company is the Responsible Party.

3. Contact Details of the Information Officer

In compliance with Section 51 of PAIA and the requirements of POPIA, the Company has appointed an Information Officer to oversee all data-related inquiries and compliance matters.

Information Officer Details:

• Name: Katy Van Zyl

• Position: Director

• Physical Address: Audio Africa Broadcasting Services (Pty) Ltd

• Office Number: +27 87 702 1183

• General Email: audioafrica03@gmail.com

• Support Email: supportaudioafrica06@gmail.com

4. The Eight Conditions for Lawful Processing

We adhere to the eight conditions for the lawful processing of personal information as set out in POPIA. These conditions ensure that your data is handled with care and legal justification.

4.1 Condition 1: Accountability

The Company ensures that all processing of personal information is done in a manner that is lawful and reasonable. We take full responsibility for the data in our possession and maintain strict internal controls to prevent unauthorised access.

4.2 Condition 2: Processing Limitation

Information is processed only if it is adequate, relevant, and not excessive for the purpose for which it is collected. We process information only with the consent of the Data Subject, or where it is necessary for the performance of a contract or a legal obligation.

4.3 Condition 3: Purpose Specification

We collect personal information for specific, explicitly defined, and lawful purposes related to our business activities. These purposes include:

• Providing broadcast equipment and integration services.

• Managing Service Level Agreements and technical support.

• Processing financial transactions, invoices, and orders.

• Complying with statutory requirements and tax obligations.

4.4 Condition 4: Further Processing Limitation

Any further processing of personal information must be compatible with the original purpose of collection. If we intend to use your data for a new purpose, we will seek your explicit consent unless such processing is required by law.

4.5 Condition 5: Information Quality

We take reasonably practicable steps to ensure that the personal information we process is complete, accurate, not misleading, and updated where necessary. We rely on our clients and partners to notify us of any changes to their details.

4.6 Condition 6: Openness

We maintain transparency regarding the types of information we collect and how it is used. This policy serves as a notification to all Data Subjects regarding our data practices.

4.7 Condition 7: Security Safeguards

The Company implements appropriate, reasonable technical and organisational measures to secure the integrity and confidentiality of personal information. This includes protection against accidental loss, damage, or unauthorised destruction.

4.8 Condition 8: Data Subject Participation

Data Subjects have the right to request access to their personal information held by the Company. They may also request the correction or deletion of information that is inaccurate, irrelevant, or outdated.

5. Categories of Personal Information Collected

Depending on the nature of your interaction with us, we may collect the following categories of personal information:

5.1 Individual and Corporate Identifiers

• Full names and surnames of contact persons.

• Company registration numbers and VAT numbers.

• Identity numbers or passport numbers where required for security or vetting.

• Physical and postal addresses.

5.2 Contact Information

• Email addresses (including specific departmental emails).

• Office telephone numbers and mobile numbers.

• WhatsApp contact details for real-time technical support.

• Fax numbers for administrative documentation.

5.3 Financial and Transactional Information

• Bank account details for payment processing.

• Billing history and transaction records.

• Credit references and financial standing information for high-value projects.

5.4 Technical and Website Information

• IP addresses and browser types.

• Log data regarding website interactions.

• Information submitted through our online inquiry and support forms.

6. Methods of Data Collection

We collect information through various direct and indirect channels to provide a seamless service experience:

• Direct Interaction: When you fill out forms on our website, contact Adrian Roberts for sales, or Katy Van Zyl for accounts.

• Support Portals: When you log a ticket via the Atlassian Jira Service Management portal.

• Contractual Engagement: During the negotiation and drafting of bespoke Service Level Agreements.

• Third Parties: We may receive information from credit bureaus or government agencies where legally permitted.

• Cookies: Our website uses cookies to enhance user experience and gather analytical data regarding site performance.

7. Purpose of Processing Personal Information

The Company processes personal information to maintain the high standards required in the broadcasting industry. Specific purposes include:

7.1 Service Delivery and Integration

We use your information to supply broadcast hardware, engineer podcast workflows, and execute corporate audiovisual installations. This includes identifying the correct technical specifications for your specific facility.

7.2 Technical Support and SLA Management

Data is processed to manage our tiered support structure. This ensures that SLA clients receive priority attention and that our after-sales support team can track the frequency of fault-finding sessions.

7.3 Financial Administration

Our accounts department uses personal information to generate invoices, process orders, and manage debt collection. This is handled by Katy Van Zyl and Swanique Van Vlet to ensure financial accuracy.

7.4 Internal Auditing

We share necessary information with our external auditors, Ilse Bosch and the team at Infinity Transact, to comply with South African financial laws and tax regulations.

8. Disclosure of Personal Information

We do not sell, rent, or trade your personal information. We only disclose your data to third parties under the following circumstances:

• Service Providers: To third-party technicians or logistics partners who assist in the delivery and installation of hardware.

• Regulatory Authorities: When required to do so by law or in response to a request from a law enforcement agency.

• Professional Advisers: To our auditors, legal counsel, and insurers to protect our business interests.

• Consent: When you have provided explicit permission to share your details for a specific purpose.

9. International Transfers of Information

Because we source and import enterprise-grade professional telecommunications hardware from international manufacturers, some of your information may be transferred across borders. We ensure that any recipient of your data outside of South Africa is subject to laws or binding agreements that provide a level of protection similar to POPIA.

10. Security and Storage Protocols

The Company maintains a robust security posture to protect your information from cyber threats and physical theft.

10.1 Digital Security

• Encrypted Storage: All digital records are stored on secure servers with restricted access.

• Firewalls and Antivirus: We maintain up-to-date security software to prevent malware and unauthorised intrusions.

• Jira Security: Support tickets are managed through the Atlassian framework, which follows international security standards.

10.2 Physical Security

• Physical documents containing personal information are stored in locked cabinets within our secure office facilities.

• Access to our premises is controlled and monitored.

10.3 Retention of Records

We retain personal information only for as long as is necessary to achieve the purpose for which it was collected. Once the information is no longer required, it is destroyed, deleted, or de-identified in a manner that prevents its reconstruction.

11. Rights of the Data Subject

As a Data Subject in South Africa, you have specific rights under POPIA:

• Right of Access: You may request a record of the personal information we hold about you.

• Right to Rectification: You may request the correction of inaccurate or incomplete data.

• Right to Objection: You may object to the processing of your data for marketing purposes.

• Right to Complain: You have the right to lodge a complaint with the Information Regulator if you believe your privacy has been compromised.

12. Direct Marketing and Communications

We value your time and attention. Any direct marketing communications sent by the Company will be done in accordance with the following rules:

• We will only send marketing materials to clients who have opted in or with whom we have an existing business relationship.

• Every marketing email will contain a clear “Unsubscribe” option.

• We will never share your contact details with third-party marketers.

13. Use of Cookies and Tracking Technologies

Our website uses cookies to distinguish you from other users. This helps us provide a better browsing experience and allows us to improve our site functionality. You can manage your cookie preferences through your browser settings, although disabling cookies may affect the performance of certain features on our website.

14. Data Breach Protocol

In the unlikely event of a security compromise where personal information has been accessed by an unauthorised person, we will:

• Notify the Information Regulator as soon as reasonably possible.

• Notify the affected Data Subjects in writing, unless the identity of the Data Subject cannot be established.

• Provide a description of the breach and the measures we are taking to mitigate its impact.

15. The Information Regulator of South Africa

If you feel that the Company has not handled your personal information in accordance with the law, you may contact the Information Regulator.

• Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

• Email: complaints.IR@justice.gov.za

• Website: https://inforegulator.org.za/

16. Changes to This Privacy Policy

The Company reserves the right to amend this policy at any time to reflect changes in our business practices or legal requirements. The latest version will always be available on our website. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

17. Acceptance of Terms

By engaging with Audio Africa Broadcasting Services (Pty) Ltd, you acknowledge that you have read and understood this Privacy Policy and agree to be bound by its terms. We are committed to fostering a professional relationship built on trust, reliability, and the exact protection of your personal data.