1. Our role
Cyntech is the Responsible Party for personal information collected through our website, client portal, project work and recruitment. Our Information Officer (registered with the Information Regulator) oversees POPIA compliance.
2. The eight conditions for lawful processing
POPIA sets out eight conditions. We apply each as follows:
We take responsibility for personal information under our control and for our Operators' compliance.
We process information lawfully, in a reasonable manner that does not infringe your privacy, and only what is necessary.
We collect for a specific, explicitly defined and lawful purpose and retain records only as long as needed.
Any further use is compatible with the original purpose or carried out with consent or legal authority.
We take reasonable steps to ensure personal information is complete, accurate and updated where necessary.
We maintain documentation of processing operations and give notice when collecting your information.
We secure integrity and confidentiality through appropriate technical and organisational measures.
You may request confirmation, access, correction or deletion of your personal information.
3. Special personal information & children
We do not process special personal information (e.g. health, biometric, religious or trade-union data) or the information of children under 18, except where specifically authorised by section 27 or 35 of POPIA and clearly disclosed to you.
4. Direct marketing
We send electronic marketing only to existing clients in respect of similar services, or to others who have given consent. Every marketing message includes an easy way to opt out. You can also exercise your section 11(3) objection right at any time by emailing info@cyntech.co.za.
5. Operators
Where we use third-party providers ("Operators") to process personal information on our behalf — hosting, email, analytics, identity, accounting — we contract with them in writing as required by section 21, restricting processing to documented purposes and requiring appropriate security.
6. Cross-border transfers
Personal information may be transferred outside the Republic only where section 72 is satisfied — typically because the recipient is bound by laws, binding corporate rules or contractual terms that provide an adequate level of protection.
7. Security compromises
If a security compromise occurs that creates a reasonable belief that your personal information has been accessed or acquired by an unauthorised person, we will notify you and the Information Regulator as soon as reasonably possible, in accordance with section 22.
8. Your rights and how to exercise them
You have the right to:
- Confirmation of whether we hold your personal information.
- Access to your personal information (subject to a prescribed fee under PAIA).
- Correction or deletion of inaccurate, irrelevant, excessive, out-of-date, misleading or unlawfully obtained information.
- Object to processing on reasonable grounds, including direct marketing.
- Submit a complaint to the Information Regulator.
To exercise these rights, complete the prescribed Form 2 (Request for Access to Personal Information) and email it to our Information Officer.
9. PAIA manual
Cyntech maintains a manual under the Promotion of Access to Information Act, 2 of 2000 (PAIA), which sets out the categories of records we hold and how to request access. The manual is available on request from our Information Officer.
10. Contacts
Information Officer, Cyntech (Pty) Ltd
Email: info@cyntech.co.za
Information Regulator (South Africa)
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
Website: inforegulator.org.za
Email: complaints.IR@justice.gov.za · POPIAComplaints@inforegulator.org.za
See also our Privacy Policy, Cookie Policy and Terms of Use.