Privacy Policy

1. Introduction

Champs Group (Pty) Ltd ("we," "our," or "us") is committed to protecting your privacy and securing your personal information. This comprehensive Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website champsafrica.co.za, use our services, or interact with us.

Our Commitment: We adhere to South Africa's Protection of Personal Information Act (POPIA) and align with global standards including the EU's General Data Protection Regulation (GDPR). We view data protection as a fundamental aspect of our relationship with clients, employees, and partners.

POPIA Compliant

South Africa's data protection law

GDPR Aligned

European data protection standard

ISO 27001 Certified

Information security standard

2. Information We Collect

We collect various types of information to provide and improve our services:

Data Category	Examples	Collection Method
Personal Identification	Name, email, phone number, ID number	Account registration, contact forms
Business Information	Company name, job title, department	Service agreements, business inquiries
Financial Data	Payment details, billing address, transaction history	Payment processing, invoicing
Technical Data	IP address, device type, browser, cookies	Website analytics, security systems
Usage Data	Pages visited, service usage patterns, feature interactions	Analytics tools, service monitoring
Marketing Data	Communication preferences, newsletter subscriptions	Marketing campaigns, preference centers

We collect this information through direct interactions (when you provide it to us), automated technologies (cookies and analytics tools), and third-party sources (business partners and public databases).

3. How We Use Your Information

We use your information for legitimate business purposes:

Service Delivery: To provide, operate, and maintain our services
Account Management: To create and manage your account
Customer Support: To respond to inquiries and provide technical assistance
Billing & Payments: To process transactions and send invoices
Service Improvement: To analyze usage patterns and enhance our services
Marketing & Communication: To send service updates, newsletters, and promotional offers (with consent)
Security & Fraud Prevention: To protect our services and users
Legal Compliance: To meet regulatory obligations and respond to legal requests
Business Operations: For internal research, analytics, and business development

Data Minimization: We collect only the information necessary for the purposes outlined in this policy. We do not sell your personal information to third parties.

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

Contractual Necessity: Processing required to fulfill our service agreement with you
Legal Obligation: Processing necessary to comply with South African laws
Legitimate Interests: Processing for our legitimate business interests that don't override your rights
Consent: Processing based on your explicit consent, which you can withdraw at any time

For sensitive personal information, we obtain explicit consent or rely on specific legal exceptions under POPIA.

5. Data Sharing & Disclosure

We may share your information in the following circumstances:

Service Providers: With trusted partners who assist in delivering our services (payment processors, cloud hosting providers, IT support)
Business Transfers: In connection with mergers, acquisitions, or asset sales
Legal Requirements: When required by law, court order, or government request
Protection of Rights: To protect the rights, property, or safety of Champs Group, our users, or others
With Your Consent: For specific purposes with your explicit permission

Third-Party Processors: All third-party processors sign strict data processing agreements that require them to protect your information in accordance with POPIA and our privacy standards. We regularly audit their compliance.

6. Data Security Measures

We implement robust technical and organizational security measures:

Encryption: End-to-end encryption for sensitive data in transit and at rest
Access Controls: Role-based access with multi-factor authentication
Network Security: Firewalls, intrusion detection, and DDoS protection
Physical Security: Secure data centers with biometric access controls
Security Audits: Regular vulnerability scanning and penetration testing
Employee Training: Comprehensive data protection training for all staff
Incident Response: Formal data breach response plan

While we implement these advanced security measures, no system is completely impenetrable. We continually update our security practices to address emerging threats.

7. Data Retention Policy

We retain personal information only as long as necessary:

Active Customers: For the duration of our business relationship
Inactive Customers: Up to 3 years after last contact for business development purposes
Financial Records: 5 years as required by tax laws
Marketing Data: Until consent is withdrawn or 2 years after last interaction
Technical Logs: 12 months for security monitoring

After retention periods expire, we securely delete or anonymize your information. Archived data may be retained for legal claims or regulatory requirements.

8. Your Data Protection Rights

Under POPIA and other data protection laws, you have important rights:

Right to Access: Request a copy of your personal information
Right to Correction: Request correction of inaccurate information
Right to Deletion: Request deletion of your information (subject to legal limitations)
Right to Object: Object to certain processing activities
Right to Restrict Processing: Request restriction of processing in specific circumstances
Right to Data Portability: Receive your information in a structured, machine-readable format
Right to Withdraw Consent: Withdraw previously given consent
Right to Complain: Lodge a complaint with the Information Regulator

Exercise Your Rights

To exercise any of your privacy rights, please contact our Data Protection Officer using the details below. We respond to all valid requests within 21 days as required by POPIA.

Contact Our Privacy Team

9. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Cookie Type	Purpose	Duration
Essential Cookies	Required for site functionality and security	Session
Performance Cookies	Analyze site usage to improve services	1-2 years
Functional Cookies	Remember preferences and settings	1 year
Marketing Cookies	Deliver relevant advertising (opt-in required)	1 year

You can manage cookie preferences through our cookie consent banner or browser settings. Disabling cookies may affect website functionality.

10. International Data Transfers

We may transfer your information outside South Africa in specific circumstances:

To countries with adequate data protection laws
Using POPIA-compliant transfer mechanisms (standard contractual clauses)
With your explicit consent
When necessary for service delivery (e.g., cloud services hosted internationally)

All international transfers undergo rigorous risk assessments and include appropriate safeguards as required by POPIA.

11. Children's Privacy

Our services are not directed to individuals under 18:

We do not knowingly collect personal information from children
If we become aware of such collection, we will delete it immediately
Parents or guardians who believe we may have collected a child's information should contact us

12. Policy Updates & Notifications

We may update this Privacy Policy periodically:

Significant changes will be notified via email or service notifications
The "Last Updated" date at the top indicates the latest revision
Continued use of our services after changes constitutes acceptance

We encourage you to review this policy regularly to stay informed about our data practices.

13. Contact Us

For privacy-related inquiries or to exercise your rights:

Data Protection Officer

Name: Sarah Johnson

Email: dpo@champsafrica.com

Phone: 021 879 3035

Hours: 8:30 AM - 4:30 PM (Monday-Friday)

Postal Address: Data Protection Office, Champs Group, Van Riebeeck Rd, Kuilsriver, Cape Town, 8000, South Africa

Email Our Privacy Team

14. Privacy FAQs

How do I update my personal information? +

You can update your account information through our customer portal or by contacting our support team. For other personal information, please contact our Data Protection Officer.

Can I opt-out of marketing communications? +

Yes, you can unsubscribe from marketing emails using the link in each email or by updating your preferences in your account settings. Service-related communications will continue to be sent as necessary.

How do you protect my financial information? +

We use PCI-DSS compliant payment processors and never store full credit card numbers. All payment transactions are encrypted using industry-standard SSL/TLS encryption.

What should I do if I suspect a data breach? +

If you suspect unauthorized access to your account or personal information, please contact our security team immediately at security@champsafrica.com or call 021 879 3035.

Do you sell my personal information? +

No, we do not sell, trade, or rent your personal information to third parties. We only share information as described in this Privacy Policy.

Table of Contents