Privacy & Policy

WOZAFIX PRIVACY POLICY

Effective Date: 11 August 2025 <-> Last Updated: 11 August 2025

1. Introduction

Wozafix ("we," "us," or "our") complies with the Protection of Personal
Information Act 4 of 2013 (POPIA). This policy outlines how we collect, use, store, and protect the personal information of our clients ("you") during device repairs, data recovery, and related services.
2. Types of Information Collected

We may process:
- Personal Information:
  - Contact details (name, email, phone, address).
  - Device identifiers (IMEI, serial numbers).
  - Payment/billing information.
- Special/Sensitive Information (where necessary):
  - Data recovered from devices (e.g., documents, emails, photos).
  - Biometric data (if devices require fingerprint/facial recognition access).
- Technical Information:
  - Device diagnostics, IP addresses, and hardware/software specifications
  - 3. How We Collect Information
    - Directly from you: Via service forms, quotes, or in-person consultations.
    - From your devices: During diagnostics, repairs, or data recovery.
    - Automatically: Through cookies on our website (where applicable) for service tracking
    - 4. Purposes of Processing
      
      We use your information to:
      - Perform repairs, data recovery, and hardware/software solutions.
      - Communicate service updates, invoices, or safety advisories.
      - Comply with legal obligations (e.g., tax records, fraud prevention).
      - Improve our services via anonymized analytics
      - 5. Legal Basis for Processing
        
        Processing is justified under POPIA if:
        
        You consent (e.g., for marketing).
        
        Necessary for contract fulfillment (e.g., repairing your device).
        
        Required by law (e.g., financial record-keeping).
        
        In your vital interests (e.g., recovering critical data)
        
        6. Data Security Measures
        
        We implement POPIA-mandated safeguards:
        
        Technical: Encryption of stored/recovered data, secure servers, and access controls.
        
        Organizational: Confidentiality agreements with staff, limited internal access, and regular security audits.
        
        Physical: Secure storage for devices under repair
        
        7. Data Retention
        
        We retain information only as long as necessary:
        
        Service records: 5 years (for warranty/legal compliance).
        
        Financial records: 5–7 years (per tax laws).
        
        Recovered data: Returned to you or securely deleted after service completion
        
        8. Data Subject Rights
        
        Under POPIA, you may:
        
        Access personal information we hold.
        
        Correct inaccurate details.
        
        Delete information (unless legally required).
        
        Object to processing for marketing.
        
        Lodge complaints with South Africa’s Information Regulator
        
        9. Third-Party Sharing
        
        We may share information with:
        
        Payment processors (e.g., banks).
        
        Cloud storage providers (for data recovery backups), ensuring they meet POPIA standards.
        
        Regulatory authorities if legally compelled
        
        10. International Data Transfers
        
        Data is stored primarily in South Africa. If transferred internationally (e.g., cloud servers), we:
        
        Use POPIA-approved mechanisms (e.g., binding corporate rules).
        
        Verify recipient countries’ data protection laws
        
        11. Data Breach Protocol
        
        In case of a security compromise:
        
        Notify you and the Information Regulator within 72 hours.
        
        Detail the breach’s scope, risks, and remedial actions
        
        12. Contact Information
        
        Information Officer: Wozafix
        Address: 178 Rahima Moosa St, Johannesburg, 2000
        Email:[email protected]
        Phone: +27 74 666 6118