open a sales ticket

visit the official COVID-19 government website to stay informed: sacoronavirus.co.za

live chat is online

Privacy Policy

1. Purpose of this Privacy Policy


This policy (“Privacy Policy”) details what Personal Information we process, why and how we collect, use, and process your Personal Information, the manner in which we secure the integrity and confidentiality thereof and your rights in terms of POPIA. We shall at all times strive to ensure that the Personal Information we collect from you is processed in accordance with the requirements of POPIA.

It is important that you read this Privacy Policy together with any other privacy notice we may provide from time to time when collecting or Processing Personal Information about you so that you are fully aware of what, how and why we are using your Personal Information.

2. Definitions and Interpretation


2.1. "Elitehost” (or “we” / “us” / “our”) means Elitehost a division of Optify Systems (Pty) Ltd, a company incorporated in South Africa under registration number 2011/111730/07.

2.2. “Parties” means:

2.2.1. the “Responsible Party” being the person or entity who determines the scope of Personal Information (“what”), the purpose of Processing (“why”) and the means (“how”) of Processing the Personal Information.

2.2.2. “You” or the “Data Subject” means any person, including our clients, prospective clients and/or our service providers, to whom the Personal Information relates;

2.3. “Operator” means those third party persons or entities who Processes Personal Information on behalf of the Responsible Party in terms of an agreement;

2.4. “Personal Information” shall have the meaning ascribed to it in POPIA, currently being information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, as amended from time to time, which includes, but is not limited to the Personal Information specified in clause 5

2.5. “POPIA” means the Protection of Personal Information Act 4 of 2013, as amended from time to time;

2.6. “Processing” shall have the meaning ascribed to it in POPIA, currently being any operation or activity or any set of operations, whether or not by automatic means, concerning Personal Information as amended from time to time, and “Processed”, “Process” and “Processes” shall be ascribed similar meaning;

2.7. “Client Area” refers to our client area at https://my.elitehost.co.za

3. Status and Amendments


3.1. Due to legal and other developments, Elitehost may amend these terms and conditions from time to time. The version of the terms and conditions effective for this Privacy Policy are indicated by the last update date at the bottom of this page. It is your duty to remain apprised of the current version of this Privacy Policy. The date indicated in the last update date at the bottom of this page is the effective date that governs this Privacy Policy from the date specified until the next revision of this Privacy Policy becomes effective

3.2. By continuing to utilise Elitehost for the provision of the Services after a revised Privacy Policy becomes effective, it constitutes your agreement to observe this Privacy Policy as may be revised.

3.3. The latest version of the Privacy Policy will always be made available on the Elitehost website ( https://elitehost.co.za/about/privacy-policy ) and is intended to override all previous versions of the Privacy Policy. Unless otherwise indicated, the latest version of the Privacy Policy shall supplement other general privacy notices delivered by Elitehost from time to time and is not intended to override the Privacy Policy.

4. Who this Privacy Policy Applies to


4.1. This Privacy Policy applies to all clients, prospective clients and/or service providers of Elitehost. It also applies to users of our websites.

5. What Personal Information we Collect and Generate


5.1. Elitehost processes the following Personal Information from you in order to provide you with the Services:

5.1.1. Name and surname for natural persons;
5.1.2. Registered and trading name for juristic persons;
5.1.3. Passport/identity number and/or registration number;
5.1.4. contact number;
5.1.5. email address;
5.1.6. physical address and/or location information, including IP address
5.1.7. banking details;

6. Why we Collect and Process your Personal Information


6.1. Elitehost processes your Personal Information for the following reasons (“Purposes”) and your continued use of the Services constitutes your agreement to us Processing your Personal Information for such Purposes:

6.1.1. to execute a contract with you for the purpose of rendering the Services;

6.1.2. to carry out actions for the conclusion or performance of our contractual obligations with you, which includes collecting and using your Personal Information for the following purposes:

6.1.2.1. let you register an account with us;
6.1.2.2. to manage our relationship with you;
6.1.2.3. reply when you contact us for support;
6.1.2.4. investigate and resolve your query, complaint or request;

6.1.3. to share with other entities in Elitehost, and/or those third-party Operators located in South Africa as well as outside of South Africa who have contracted with us, who require such Personal Information to render the Services to you and/or for the operation of the Services, including website hosting, administration, maintenance, development and supply of products associated with the Services.

6.1.4. to meet our contractual obligations with third parties;

6.1.5. to enable any entity within Elitehost and/or any third party Operator to advise you of, or offer to you, any enhanced benefits or new products that becomes available from time to time which you may become entitled to qualify for, provided your consent to receive such communication in accordance with Chapter 8 of POPIA.;

6.1.6. where it is in our or your legitimate interest to do so, for example monitor our premises with CCTV cameras to ensure your and our safety.

6.1.7. where we are legally required to collect and process certain Personal Information to comply with relevant laws.

6.1.8. to meet our duties in terms of POPIA to ensure your Personal Information is complete, accurate, not misleading and updated on a regular basis. To enable this, we will always try to obtain this Personal Information from you directly, however, where it is more practicable to do so, we will make use of verifiable independent third-party data sources.

6.1.9. to conduct credit enquiries as to your creditworthiness and perform risk analysis, tracing and any related purposes, which includes Personal Information about your credit history, financial history, judgements and default history;

6.1.10. to combine all your Personal Information for any one or more of the following purposes: perform market, statistical and academic research or to customise our benefits and Services to meet your needs;

6.1.11. where Elitehost is involved in a proposed or actual merger, acquisition or any form of sale of any assets, we may share your Personal Information with the third parties in connection with such transaction. Where any business within Elitehost is sold to another entity as a going concern, you consent to this Privacy Policy being ceded to and applying under the new entity unless specifically stipulated otherwise.

6.2. If we want to process your Personal Information for reasons other than the Purposes specified above, we will always ensure that the further Processing is in accordance or compatible with the Purposes, with due regard to the factors set out in section 15(2) of POPIA. Where we determine that the reasons for further Processing of your Personal Information is not in accordance or compatible with the Purposes, we will ensure that you consent thereto. Please be advised that in certain circumstances, we will obtain your consent through updating the latest Privacy Policy and notifying you that the latest revision of the Privacy Policy is available on our website. Your continued use of the Services will be indicative of your consent to the further Processing of your Personal Information.

7. Where we Collect your Personal Information from


7.1. We collect your Personal Information from you directly, except where we have used third party Operator’s for the purpose of verifying, substantiating and/or updating the Personal Information provided.

8. Websites and Cookies


8.1. In order to provide you with the best possible and most relevant service, our Websites may use standard technology to collect information about the use by you of our Websites. This technology is not able to identify individuals but simply allows our Websites to collect statistics.

8.2. Our Websites utilises cookies, which is a small file that is placed on the user of our Websites hard drive in order to keep a record of a user’s interaction with our Websites. The cookies are used to allow us to tailor the advertising and our Services to your displayed preferences. The Websites may use third-party cookies from an ad server for this purpose. Cookies themselves cannot be used to identify a person or users of our Websites but may be used to compile anonymised statistics relating to the use of services offered or to provide us with feedback on the performance of our Websites.

8.3. If you do not wish cookies to be used to customise your interaction with our Websites, it is possible to alter the manner in which your browser handles cookies in your browser settings. Please note that if this is done, certain services on the Websites may not be available to you.

9. Who we Share your Personal Information with


9.1. We only transfer your Personal Information to Operators we trust and who have agreed to keep your Personal Information secure and confidential and to only use it for the purposes for which we shared it with them.

9.2. We use Operators to process Personal Information on behalf of Elitehost for the provision of the following:

9.2.1. communicate with you;
9.2.2. verify your Personal Information to assist in fraud detection;
9.2.3. monitor the effectiveness of our Services;
9.2.4. store your Personal Information;
9.2.5. manage the day to day operations of our business;
9.2.6. professional services providers and advisors;
9.2.7. provide IT services and infrastructure;

9.3. We ensure, in terms of a written contract between us and all Operators, that all Operators process your Personal Information in accordance with substantially similar security measures and standards that we implement when Processing your Personal Information.

10. Transborder Flow of Personal Information


10.1. We transfer your Personal Information to third parties who are in a foreign country primarily for rendering services and support systems. Certain services, including website builders and support ticket systems may make use of servers hosted by third party services providers, such as Amazon Web Services, Microsoft Azure, OVH, MaxMind who store data in various locations around the world.

10.2. We ensure that all third parties, with whom we transfer your Personal Information to, who are in a foreign country are subject to a law, binding corporate rules or binding agreements which provide an adequate level of protection that effectively upholds principles for reasonable Processing of your Personal Information that are substantially similar to the conditions for the lawful Processing of Personal Information as set out in this Privacy Policy and POPIA.

10.3. Through your continued use of the Services, you consent to the transfer of your Personal Information to third parties who are in a foreign country for purposes of concluding and performing in terms of the contract in respect of the Services.

11. Reasonable Measures to Secure your Personal Information


11.1. When we process your Personal Information, we ensure that the integrity and confidentiality of your Personal Information is secure by taking appropriate, reasonable technical and organisation measures to prevent loss of, damage to, unauthorised destruction of and unlawful access to your Personal Information, having at all times due regard to generally accepted information security practices and procedures which may apply to Elitehost or be required in terms of our specific industry or professional rules and regulations.

11.2. In order to give effect to the above, we have taken and shall continue to take reasonable measures to identify all reasonably foreseeable internal and external risks to Personal Information in our possession or under our control, establish and maintain appropriate safeguards against any risks identified, regularly verify that the safeguards are effectively implemented and updated in response to new risks or deficiencies in previously implemented safeguards.

11.3. In consideration of the above, we have established and implemented the following, amongst others, security practices and procedures to secure your Personal Information:

11.3.1. password and/or biometric protection for electronic files, device access and app software;
11.3.2. securing paper files and physical access restrictions;
11.3.3. physical and electronic access control to our buildings and servers;
11.3.4. limitation on those employees who have access to your Personal Information to those employees who require access to fulfil their designated responsibilities;
11.3.5. storage and transfer of Personal Information in electronic databases containing safeguards such as firewalls, data encryption;
11.3.6. continuous internal training, self-audits, data privacy impact assessments and ongoing awareness campaigns to ensure employees of Elitehost adhere to the compliance framework aimed to ensure appropriate safeguards;
11.3.7. ensuring that any Operator that we share your Personal Information with agrees in writing to treat your Personal Information with the same level of protection as we are obliged to in terms of POPIA.

12. Storage of your Personal Information


12.1. We will not keep your Personal Information longer than we need to fulfil the Purposes, unless we are legally required to do so, we are authorised to do so by law, or we require the record for lawful purposes related to our functions or activities.

12.2. We take legal requirements, contractual obligations, the functions and activities of the Services, and the expectations and requirements of our clients into account when we determine how long we should retain your Personal Information.

12.3. As soon as reasonably practicable after we no longer need your Personal Information, we will delete, destroy and/or de-identify your Personal Information in accordance with POPIA

13. Failure to provide us with your Personal Information


13.1. You acknowledge that any Personal Information you provide us is Personal Information that you voluntarily provide, however you acknowledge that the Personal Information requested by us is mandatory for the provision of the Services. Where we need to collect Personal Information by law, or under the terms of a contract for the provision of a Service, and you fail to provide the required Personal Information, we may not be able to comply with our obligations in terms of the law and/or contract. In such an instance, we may have to deny providing the Service to you or cancel the Service.

14. Your Rights in terms of POPIA


14.1. You have the right to:

14.1.1. be notified that your Personal Information is being collected;
14.1.2. be notified of security compromises where reasonable grounds exist for us to believe that your Personal Information has been accessed or acquired by an unauthorised person;
14.1.3. ask us what Personal Information we have processed and request access to such Personal Information;
14.1.4. ask what Personal Information was sent to our service providers or any other third party; 14.1.5. ask us to update, correct or delete any Personal Information we have in our possession about you where it is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully;
14.1.6. unsubscribe from any direct marketing communications we may send you and object to the Processing of your Personal Information;
14.1.7. request us to delete or remove your Personal Information where there is no legal and/or legitimate reason for us continuing to process same;
14.1.8. request restrictions on Processing of your Personal Information;
14.1.9. withdraw your consent at any time where we are relying on consent to process your Personal Information;
14.1.10. to submit a complaint to the Information Regulator regarding an alleged infringement with POPIA, however, we do encourage you to first allow our internal compliance process to resolve the complaint. Please contact our Information Officer as set out in clause 16, whereafter if you feel that your complaint has not adequately been resolved, you can contact the Information Regulator (South Africa) at:

SALU Building
33 Hoofd Street
Forum III
3rd Floor Braampark
P.O. Box 31533 Braamfontein
Tel No. +27 (0) 10 023 5207
Cell No. +27 (0) 82 746 4173
inforeg@justice.gov.za

14.1.11. Please see the contact details in clause 16 in order to exercise your rights described above.

15. Access to and Correction of your Personal Information


15.1. You can, having provided the adequate proof of identity, request us to confirm, free of charge, whether or not we hold Personal Information about you.

15.2. You can, having provided the adequate proof of identity, request us, at a prescribed fee, to provide record or a description of the Personal Information held by us about you, including the identity of all Operators who we have given access to your Personal Information.

15.3. We may or must, as the case may be, refuse to disclose the Personal Information requested in terms of this clause to which the grounds for refusal of access to records set out in the applicable sections of Chapter 4 of Part 2 and Chapter 4 of Part 3 of the Promotion of Access to Information Act 2 of 2000 (“PAIA”) applies.

15.4. You have the right to request us to correct or delete the Personal Information we have in our possession where it is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully. You may further request us to destroy or delete a record Personal Information about you that we are no longer authorised to retain.

15.5. Should you wish to exercise your rights as set out in this clause, please contact us as per the contact details provided in clause 16. We are entitled to respond to you within a reasonable time which can take us up to 21 business days due to procedures that we are required to follow.

15.6. In certain circumstances, if we are unable to reach agreement on your request as contained in this clause, you are entitled to request that we take such steps as are reasonable in the circumstances, to attach to the Personal Information in such a manner that it will always be read with the information, an indication that a correction of the Personal Information has been requested but has not been made.

16. Contact our Information Officer


Name: Jason How-Kow
Email: management@elitehost.co.za

17. Direct Marketing


17.1. Elitehost will only process your Personal Information for the purpose of direct marketing by means of electronic communication where you have given your consent.

17.2. Where Elitehost has processed your Personal Information in the context of the Services and you have not objected to Elitehost using your electronic details at the time the Personal Information was collected or on each occasion of each communication is sent to you for the purpose of marketing, Elitehost will continue to send you electronic communication for the purpose of direct marketing until such time that you request that such communication cease or your communication preference is amended by either following the unsubscribe process as indicated on the communication itself or by sending your request through our Client Area.

17.3. Where you wish to amend the contact details we have in our possession for purposes of sending you direct marketing, you may request such amendment by contacting us as per our contact details provided in our Client Area.

18. Data breaches


We will notify our clients of any confirmed data breaches that have occurred. It is our customers’ responsibility to notify relevant supervisory authority and any affected data subjects of the data breach.


Last Updated: 2 July 2021