G-I-G-Tech It Cc t/a gigtech · Reg: 2007/107921/23 · Johannesburg, South Africa
This policy applies to all personal information processed by gigtech through this website, through our services, and through direct communications. Please read it carefully.
1. Who We Are and How to Contact Us
G-I-G-Tech It CC, trading as gigtech, is a software consulting and product development firm registered in South Africa (Reg: 2007/107921/23). We are the responsible party for personal information you share with us.
Information Officer: The director of gigtech serves as our designated Information Officer under POPIA.
Contact for all privacy-related matters:
WhatsApp:
Address: Johannesburg, Gauteng, South Africa
2. Legal Basis and Applicable Law
We process personal information in compliance with the Protection of Personal Information Act 4 of 2013 (POPIA) and, where applicable, the General Data Protection Regulation (GDPR) for processing involving residents of the European Economic Area, and comparable legislation for other jurisdictions.
Our legal bases for processing include: your consent; performance of a contract with you; our legitimate business interests (balanced against your rights); and compliance with legal obligations.
3. Information We Collect
3.1 Information You Provide Directly
Name, email address, and phone number submitted through our contact forms
Company name and details provided when enquiring about services
Details about your technical situation, systems, or business that you choose to share
Communications sent via email, WhatsApp, or other channels
3.2 Information We Collect Automatically
Technical information: IP address (stored in hashed form only), browser type, operating system, pages visited, and time of visit
Cookie preferences and consent record (see Section 9)
Form submission timestamps and origin page
3.3 Information We Do Not Collect
We do not collect sensitive personal information (as defined under POPIA, including race, health data, or financial account details) unless specifically required for a service and with your explicit consent. We do not collect biometric data. We do not build advertising profiles.
4. How We Use Your Information
We use your personal information for the following purposes:
Service delivery: To respond to your enquiry, provide consulting services you have engaged, and fulfil our contractual obligations
Communication: To send you relevant updates, proposals, and engagement correspondence relating to services you have requested
Marketing (with consent): To send insights, newsletters, or service updates — only if you have opted in and only for our own services
Security and fraud prevention: To protect our website and services from abuse, spam, and malicious activity
Legal compliance: To meet our obligations under South African law and applicable international regulations
Service improvement: To understand how our website is used and improve the user experience
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We do not use your information for automated decision-making that significantly affects you.
5. How We Share Your Information
We may share your personal information with:
Service providers: Third parties who assist us with operating our business — including email delivery services, website hosting, and analytics tools — under confidentiality agreements
Partner referrals (with your knowledge): If you request an introduction to a partner firm, we share only the information necessary to facilitate that introduction, and we inform you before doing so
Legal obligations: Where required by South African law, a court order, or a lawful request from a regulatory authority
Business transfers: In the event of a merger, acquisition, or transfer of business, subject to appropriate confidentiality protections
We will always inform you before sharing your information in circumstances not covered above, unless legally prevented from doing so.
6. AI Tools and Automated Processing
gigtech uses artificial intelligence tools to support and enhance the quality and speed of our advisory services. This means that information you share with us as part of service delivery may be processed through AI-assisted tools.
Our commitments regarding AI processing:
All AI-assisted outputs are reviewed and validated by a senior consultant before delivery
We select AI providers that maintain appropriate data protection standards and do not train their models on client-specific data without explicit agreement
No personally identifiable client information is shared with AI providers in a way that identifies the client without your prior written consent
AI tools are used to assist our consultants — not to replace human judgment or make autonomous decisions affecting you
7. Data Retention
We retain personal information only as long as necessary for the purpose it was collected, or as required by law:
Contact form submissions: Retained for 24 months from submission, then deleted or anonymised
Client engagement records: Retained for 7 years from end of engagement (required for tax and legal compliance under South African law)
Marketing consent records: Retained until you withdraw consent, plus 12 months for audit purposes
Website analytics data: Anonymised after 12 months and aggregated after 24 months
Rate limiting / security logs: Automatically deleted after 48 hours
You may request deletion of your personal information at any time (see Section 8). Deletion may be subject to legal retention requirements.
8. Your Rights Under POPIA
You have the following rights regarding your personal information:
Right of access: Request a copy of the personal information we hold about you
Right to rectification: Request correction of inaccurate or incomplete information
Right to erasure: Request deletion of your personal information, subject to legal retention obligations
Right to object: Object to processing based on our legitimate interests, including marketing
Right to withdraw consent: Withdraw any consent you have given at any time, without affecting the lawfulness of processing before withdrawal
Right to lodge a complaint: Lodge a complaint with the Information Regulator of South Africa (inforeg.org.za)
To exercise any of these rights, contact us at: . We will respond within 30 days.
If you are an EEA resident, you have additional rights under GDPR including data portability. Contact us to exercise these rights.
9. Cookies and Tracking
Our website uses minimal cookies:
Essential cookies: A session cookie is used solely for CSRF protection on our contact form. This is a security measure and does not track you. It expires when you close your browser.
Preference cookies: Your cookie consent choice is stored in your browser's local storage. This is not transmitted to our servers.
Analytics (optional): If analytics are enabled, anonymised usage data (page visits, browser type, general geographic region — never precise location) may be collected. We do not use third-party advertising cookies. No data is sold to advertisers.
You can manage cookie preferences in your browser settings. Blocking essential cookies may affect the security of our contact form. See our Cookie Policy for full details.
10. Data Security
We implement appropriate technical and organisational security measures to protect your personal information:
HTTPS encryption on all data transmission
IP addresses stored in hashed (non-reversible) form only
Data files protected from public web access
Admin access protected by strong password hashing (bcrypt)
CSRF tokens on all form submissions
Rate limiting on form submissions to prevent abuse
Despite these measures, no internet transmission is 100% secure. We will notify you promptly in the event of a data breach that affects your personal information, as required by law.
11. International Data Transfers
Our primary data storage is in South Africa. Where service providers are located outside South Africa, we ensure appropriate safeguards are in place, including standard contractual clauses or adequacy decisions where applicable. If you are an EEA resident and have concerns about international transfers, please contact us.
12. Children's Privacy
Our services are directed at businesses and are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately for deletion.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered clients of material changes by email. The current version is always published at gigtech.co.za/privacy-policy. The version date at the top of this document indicates when it was last updated.
14. Contact and Complaints
For any privacy-related queries, to exercise your rights, or to raise a concern:
Email:
WhatsApp:
G-I-G-Tech It CC t/a gigtech · Johannesburg, South Africa
If you are not satisfied with our response, you may lodge a complaint with the Information Regulator of South Africa at inforeg.org.za or by email at complaints.IR@justice.gov.za.
We use cookies to improve your experience. Cookie Policy.