Privacy Policy
Last updated — 2 July 2025
- Who we are
Pace Online (Pty) Ltd (“Pace Online”, “we”, “our”, “us”) is a South-African software OEM with offices at:
- 61 Katherine Street, Sandhurst, Sandton 2148, Johannesburg, South Africa
- 28 Siphosethu Road, Kingfisher Office Park, Block 1 Office 2, Mount Edgecombe 4302, Durban, South Africa
Email:
Tel: +27 81 091 0366 (JHB) | +27 83 219 9228 (DBN) | +27 64 917 0322 (general)
Data-protection lead:
- Scope
This policy explains how we collect, use, disclose and secure personal information when you:
- browse or interact with paceonline.co.za (the “Website”);
- request demos or quotes for our products (e.g. Uniflo, DigiCargo, Stevedoring App);
- subscribe to our newsletters or marketing updates;
- apply for employment with Pace Online;
- are otherwise in contact with us as a customer, supplier or partner.
- The information we collect
Category | Examples | Source
Contact details | name, email, phone, job title, company | web forms, email, sales calls
Usage data | IP address, browser type, pages viewed, referring URL, clicks, session duration | cookies, analytics scripts
Device data | device identifiers, operating system, screen resolution | cookies, log files
Marketing preferences | newsletter opt-ins, ad-tracking consent choices | consent management tool
Product data (clients) | account IDs, licence keys, billing details, support tickets | SaaS portals, CRM
Recruitment data | CVs, references, interview notes | candidates, recruiters
We do not intentionally collect special-category (sensitive) personal information except where local labour law requires—for example, B-BBEE statistics during hiring—with your explicit consent.
- How and why we use your data
Purpose | Legal basis (GDPR Art. 6) | POPIA justification
Responding to enquiries, providing quotes | Legitimate interest (pre-contractual steps) | Section 11(1)(b) – preparation for contract
Creating and managing customer accounts, delivering our SaaS products | Contract performance | Section 11(1)(b)
Sending service notices (downtime, security updates, T&C changes) | Legal obligation / Contract | Sections 11(1)(c), 19
Marketing our services, newsletters | Consent (opt-in; Art 21 opt-out) | Section 11(1)(a) (consent)
Improving the Website and services (analytics, UX testing) | Legitimate interest (business improvement) | Section 11(1)(f)
Complying with tax, accounting, regulatory requirements | Legal obligation | Section 11(1)(c)
- Cookies & similar technologies
We use first- and third-party cookies or SDKs (Google Analytics 4, Microsoft Clarity, Meta Pixel etc.) to:
- remember your settings;
- understand how visitors use our site;
- measure ad campaign performance.
You can manage or withdraw consent at any time via our cookie banner or your browser settings. See our separate Cookie Notice for details.
- Sharing your data
We never sell your data. We may share it only with:
- Cloud & hosting providers (e.g. Google Cloud Platform, AWS, Hetzner)
- Analytics & marketing partners (list each vendor)
- Payment processors (if you purchase licences online)
- Professional advisers & auditors (under NDA)
- Regulators, courts, law-enforcement when legally required.
All suppliers are bound by written contracts that meet GDPR Art 28 and POPIA S21 processor obligations.
- International transfers
Our primary servers are in South Africa and the EU. Where data moves outside South Africa or the European Economic Area, we rely on:
- adequacy regulations (GDPR Art 45);
- Standard Contractual Clauses (SCCs) / approved POPIA transfer mechanisms;
- or your explicit informed consent.
- Data retention
We keep personal data only as long as needed for the purpose collected or as required by law:
- Enquiry records: 24 months after last contact if no contract follows.
- Customer account data: duration of contract + 5 years (tax rules).
- Analytics logs: 26 months (Google Analytics default) unless you opt out.
- Recruitment files: 12 months after position is filled, unless consent to keep on file longer.
- Security
We implement administrative, technical and physical safeguards, including:
- TLS 1.3 encryption in transit;
- AES-256 encryption at rest for production databases;
- role-based access control, MFA for staff;
- annual penetration testing;
- ISO 27001-aligned policies.
- Your rights
Under POPIA (Sections 23–25) & GDPR (Articles 12–22) you may…
- access the personal information we hold about you;
- request correction or deletion (‘right to erasure’ / ‘forget’);
- object to or restrict processing (incl. direct marketing);
- withdraw consent at any time;
- receive your data in machine-readable format (data portability);
- lodge a complaint with the Information Regulator (South Africa) or a supervisory authority in the EEA.
How to exercise your rights
Email
We may need to verify your identity (e.g. copy of ID, proof of address) before acting. We aim to respond within 30 days (POPIA) / 1 month (GDPR).
- Children
Our Website and services are aimed at professionals and are not intended for children under 16. We do not knowingly collect data from minors. If you believe we have done so inadvertently, please contact us for immediate deletion.
- Links to third-party sites
Our site may link to sites or apps we do not control. This policy does not apply to those third-party properties. Review their privacy statements before interacting.
- Changes to this policy
We may update this notice periodically. Material changes will be highlighted on this page or via email where appropriate. The revision date at the top tells you when it was last updated.
- Contact us
For any questions about this policy or our privacy practices, reach out to:
Pace Online (Pty) Ltd
Attn: Data Protection Lead
Tel: +27 81 091 0366 | +27 83 219 9228
If we cannot resolve your concern, you have the right to contact:
- Information Regulator (South Africa) —
This email address is being protected from spambots. You need JavaScript enabled to view it. - Your local EU/EEA data-protection authority.
Next steps for publication
- Fill in the placeholders (registration number, exact sub-processors, retention periods you may wish to adjust, etc.).
- Publish at paceonline.co.za/privacy-policy and link in your footer and cookie banner.
- Ensure your Joomla/WordPress cookie-consent tool reflects the same lawful bases and links back here.
- Keep an internal change log for audits.