Privacy Policy

Privacy Policy

Effective Date: 20 December 2024

1. Introduction
Colyn & Co is committed to protecting your personal and financial information in compliance with the Protection of Personal Information Act (POPIA). This Privacy Policy outlines how we collect, use, store, and protect personal and financial information in our capacity as a professional accounting and financial services provider.

2. Information We Collect
We may collect the following types of information:

• Personal Identifiable Information: Full name, ID/passport number, email address, phone number, and residential or business address.

• Financial Information: Tax numbers, banking details, financial statements, and transactional data.

• Corporate Information: Business registration documents, shareholder and director information, and VAT details.

• Compliance Documentation: Certified copies of IDs, proof of residence, and other FICA-mandated documentation.

• Website Data: IP addresses, cookies, and browsing behavior.

3. How We Collect Information
We collect personal and financial information directly from clients through onboarding forms, interactions, and documentation. Additionally, we may collect information indirectly from public databases or third-party sources (with your consent or as allowed by law).

4. Purpose of Processing Personal Information
We process your personal information for the following purposes:

• Service Delivery: To deliver accounting, tax, and business consulting services.

• Regulatory Compliance: To fulfill our obligations under laws such as FICA and SARS regulations.

• Fraud and Risk Prevention: To prevent unlawful activities such as money laundering or tax evasion.

• Improvement: To enhance our services, website functionality, and customer experience.

• Automated Decision-Making: For compliance monitoring and risk profiling where automated tools may flag transactions or data requiring further review.

5. Automated Decision-Making

• Automated systems may be used to identify patterns or risks in your data (e.g., compliance with FICA requirements).

• These systems are regularly monitored by qualified personnel to ensure fairness and accuracy.

• You may request manual intervention if you believe an automated decision has been made unfairly.

6. Sharing of Information
We only share personal information as necessary:

• With regulatory bodies (e.g., SARS or the FIC) to comply with legal obligations.

• With third-party service providers (e.g., auditors, IT support) under strict confidentiality agreements.

• When required by law, court order, or to protect our legal rights.

7. Security Measures
We implement strict measures to protect personal and financial data:

• Physical Security: Secure document storage in restricted access locations.

• Digital Security: Data encryption, multi-factor authentication, firewalls, and intrusion detection systems.

• Staff Training: Regular training on POPIA compliance and data protection practices.

• Incident Response Plan: In the event of a data breach, we will notify affected parties and regulatory authorities in accordance with POPIA.

8. Disclaimer on Liability for Data Breaches
While we take all reasonable measures to protect your data, we cannot guarantee absolute security.

• We are not liable for unauthorised access to personal information caused by circumstances beyond our control, such as cyberattacks or natural disasters.

• In the event of a data breach, we will act swiftly to mitigate risks and notify affected parties as required by law.

9. Your Rights
Under POPIA, you have the right to:

• Access and obtain a copy of the personal information we hold about you.

• Request corrections or updates to your personal information.

• Object to the processing of your data for specific purposes.

• Lodge a complaint with the Information Regulator if you believe your rights have been violated.

10. Retention of Information
We retain personal and financial information for as long as necessary to provide our services and comply with legal and regulatory requirements. When no longer needed, your data will be securely destroyed.

11. Cookies and Website Tracking
Our website uses cookies and similar technologies to enhance functionality and gather analytics. You may disable cookies in your browser settings, but doing so may affect website performance.

12. Third-Party Websites
Our website may link to third-party websites. We are not responsible for the privacy practices of these external sites and encourage users to review their privacy policies.

13. Updates to this Privacy Policy
We reserve the right to update this Privacy Policy to reflect changes in laws or business practices. Please review this policy regularly for updates.

14. Contact Us
For queries about this Privacy Policy or to exercise your rights under POPIA, contact us at:

• Email: info@colynandco.com

• Phone: 0749651814

• Physical Address: Potchefstroom, South Africa