Privacy Policy

1. Introduction

StormDotCom Pty Ltd ("StormDotCom", "we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share your personal data in accordance with the Protection of Personal Information Act, 2013 (POPIA) and other applicable South African legislation.

By using our website, services, or engaging with us, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

We may collect the following types of personal information:

• Contact details: Name, email address, phone number, and business address when you contact us or submit a form on our website.
• Business information: Company name, job title, and IT infrastructure details relevant to providing our managed IT services.
• Technical data: IP address, browser type, device information, and website usage data collected through cookies and analytics.
• Service data: Information related to support tickets, system monitoring, and service delivery.
• Communication records: Emails, messages, and call records related to service delivery and support.

3. How We Use Your Information

We use your personal information for the following purposes:

• To provide, maintain, and improve our managed IT services.
• To respond to enquiries and provide customer support.
• To monitor and manage your IT systems as part of our service agreements.
• To send service-related communications, updates, and notifications.
• To comply with legal obligations and regulatory requirements.
• To protect the security and integrity of our systems and your data.
• To improve our website and user experience.

4. Legal Basis for Processing

Under POPIA, we process your personal information based on one or more of the following lawful grounds:

• Consent: Where you have given us explicit consent to process your information.
• Contractual obligation: Where processing is necessary to fulfil our service agreements with you.
• Legal obligation: Where we are required by law to process your data.
• Legitimate interest: Where processing is necessary for our legitimate business interests, provided your rights are not overridden.

5. Sharing Your Information

We do not sell your personal information. We may share your data with:

• Service partners: Trusted technology partners (such as Dell, Microsoft, and 3CX) where necessary to deliver our services.
• Professional advisors: Accountants, legal advisors, and auditors as required.
• Regulatory authorities: Where required by law or to protect our legal rights.

All third parties with whom we share data are required to maintain appropriate security measures and process your information only for the specified purposes.

6. Data Security

We take the security of your personal information seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These measures include encrypted communications, secure data storage, access controls, 24/7 system monitoring, and regular security assessments.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Backup data is retained for up to 7 years with full audit trails, in line with South African regulatory requirements. When your data is no longer needed, it will be securely deleted or anonymised.

8. Your Rights Under POPIA

As a data subject, you have the following rights:

• The right to access your personal information held by us.
• The right to request correction of inaccurate or incomplete data.
• The right to request deletion of your personal information, subject to legal obligations.
• The right to object to the processing of your personal information.
• The right to withdraw consent at any time.
• The right to lodge a complaint with the Information Regulator if you believe your rights have been infringed.

9. Cookies and Tracking

Our website may use cookies and similar technologies to enhance your browsing experience and gather usage analytics. You can manage your cookie preferences through your browser settings. Disabling cookies may affect the functionality of certain parts of our website.

10. Children's Privacy

Our services are not directed at children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to report a data-related concern, please contact us:

13. Information Regulator (South Africa)

If you are not satisfied with how we handle your personal information, you have the right to lodge a complaint with the Information Regulator: