CYNTECH
Holistic Engineering
Legal

Privacy Policy

Effective 5 June 2026. This policy explains how Cyntech (Pty) Ltd, as the Responsible Party, processes personal information under the Protection of Personal Information Act, 4 of 2013 (POPIA).

1. Who we are

Cyntech (Pty) Ltd is a South African consulting engineering firm. We act as the Responsible Party for personal information collected through our website, portal, email, project work and recruitment processes.

2. Information we collect

  • Contact data you submit through forms — name, company, role, email, phone, message.
  • Client & project data shared in the course of an engineering appointment — site details, technical drawings, correspondence, billing records.
  • Account data for the client portal — username, hashed password, role, session metadata.
  • Recruitment data — CVs, qualifications and references when you apply for a role.
  • Technical data — IP address, device, browser, pages viewed and referring URL, collected via cookies and analytics (see our Cookie Policy).

3. How we use it (purpose & lawful basis)

  • To respond to enquiries and provide requested information — contractual / legitimate interest.
  • To deliver and administer engineering services under a signed appointment — contract.
  • To operate, secure and improve the website and portal — legitimate interest.
  • To meet legal, regulatory and professional-body obligations (e.g. ECSA, SARS) — legal obligation.
  • To send service updates and, where you have opted in, marketing communications — consent.
  • To evaluate applications for employment — legitimate interest / consent.

4. Sharing your information

We share personal information only where necessary, with:

  • Project partners, contractors and client teams involved in your appointment.
  • Vetted service providers (hosting, email, analytics, identity, accounting) acting as Operators under written instruction.
  • Regulators, professional bodies and authorities where required by law.
  • Acquirers or advisors in the context of a corporate transaction, under confidentiality.

We do not sell personal information.

5. Cross-border transfers

Some of our service providers (for example email, hosting and analytics) operate outside South Africa. Where this happens we ensure the recipient is subject to laws, binding agreements or standards that uphold protection substantially similar to POPIA, as required by section 72.

6. Retention

We keep personal information only for as long as needed for the purpose it was collected, or as required by law (for example, financial records for at least 5 years under the Tax Administration Act). Project records are typically retained for the lifecycle of the asset plus a reasonable archival period for professional indemnity purposes.

7. Security

We apply reasonable technical and organisational safeguards — including TLS in transit, encryption at rest where applicable, access controls, MFA on the portal, regular backups and staff confidentiality undertakings. No system is perfectly secure; we will notify you and the Information Regulator of a security compromise as required by section 22 of POPIA.

8. Your rights

Under POPIA you have the right to:

  • Be notified that we hold your information and how it is processed.
  • Request access to your personal information (Form 2 / PAIA request).
  • Request correction or deletion of inaccurate, irrelevant or excessive information.
  • Object to processing, including direct marketing.
  • Withdraw consent at any time, where consent is the lawful basis.
  • Lodge a complaint with the Information Regulator (details below).

9. Children

The Site and portal are intended for business users. We do not knowingly collect personal information of children under 18. If you believe we have, contact us so we can delete it.

10. Changes

We may update this policy. The "Effective" date above will reflect the latest revision.

11. Contact & Information Officer

Information Officer, Cyntech (Pty) Ltd
Email: info@cyntech.co.za

Information Regulator (South Africa)
Website: inforegulator.org.za
Email: complaints.IR@justice.gov.za