loader image

Data Privacy Declaration


Ceravoid (Pty) Ltd, a limited liability company incorporated in South Africa, takes its data protection responsibility extremely seriously. Ceravoid handles all personal details they have access to confidentially and in accordance with legal regulations.

With respect to personal data received from European Union Member States, Ceravoid enters Contractual Clauses for Cross-Border Transfer of Personal Data with its business partners and commits to cooperate with the General Data Protection Regulation (GDPR).

This data protection declaration informs you about the nature, extent and purpose of the imposition as well as the storing and use of personal data.

The use of our website constitutes your acceptance of the terms of this Data Privacy Declaration.

What are we processing and why?

There are various ways in which we may process your data. This section details our purposes for processing, our legal basis for the processing, and our storage periods.

In certain cases, we will process your data after obtaining your consent. You are free to withdraw your consent at any time. We may process your data with your consent for the following purposes:

Electronic communications, such as subscribing to a mailing list or by contacting us via a form or email address upon the Site.
Cookies, in order to grant you a personalised experience when dealing with us. You may decline the installation of cookies; however, this may affect the functionality of our website or prevent you from using the Site entirely. If you opt out of using cookies, we may store a single cookie in order to remember this preference.

For website analytics, storing details such as Visited website/subpages, time of the access, amount of sent data in bytes, source/reference that transferred you to the page, browser used, Operating System, IP address, device used.
For promotional campaigns, in which case additional information may be volunteered by you in order to participate in the promotion or to receive a delivery.
We will process your data when we have to perform a contract; for as long as the contractual relationship is in place, and for 1 year following the end of the relationship (unless otherwise stipulated in our contract with you). In order to fulfil our obligations to you in terms of the Services you have engaged us for, we will need to process your data

We may also process your data in terms of legitimate interest, as long as the data being processed is strictly necessary, proportional, and does not infringe on your individual rights to privacy. Processing may take place in terms of the following necessary scenarios:

To monitor and analyse how to improve our Service and/or our Site, as well as to keep the same secure and free from abuse. This may include communications such as surveys or direct electronic communications.
To keep active communications with you while you are our contracted client. Certain communications are necessary during delivery of our Services, and we have a legitimate interest in keeping you information about our Services.

How are we processing your data?

We will only process personal data as a result of the provision of our Services, or in operating our Site. These instructions are included in our standard Terms and Conditions and engagement contracts. Should we have reason to believe that your instructions infringe on data protection regulation, we will inform you promptly.

We will ensure that our employees are subject to confidentiality agreements and any statutory privacy obligations.

To provide you with the Services, we may need to use other service providers, as well as hire new providers in the future. Those companies will only process the data to the extent necessary to render the Services, and we will enter into written agreements with them to make sure that said companies comply with the obligations included in this Privacy Policy and implement all necessary security measures to ensure adequate protection of the data.

In the event that we should change upstream service providers that are involved in providing you with Services, or where we may need to hire additional companies to provide the Services, you have the right to reasonably oppose such an appointment. Such opposition shall be addressed on a case-by-case basis in accordance with the appropriate data protection regulation.

We will implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. At your request and expense and taking into account the nature of processing and the information available to us, we shall reasonably assist you in compliance with the security obligations set forth by data protection regulation.

Upon termination of your services, we will delete your personal data, unless otherwise required for a statutory requirement or as per the retention periods set out in this Privacy Policy (or contract).

Your rights:

You have the right to request access to, and rectification or erasure of your personal information. You may also restrict processing, or object to processing in accordance with relevant data protection regulation.

In cases where consent was given, you have the right to withdraw consent at any time.

If you do request that your information is deleted, and should your request be accepted, all information will be permanently erased, except for information that we are required to keep by law or by other exception in line with data privacy regulation. You may exercise your rights at any time by lodging a request with our Information Officer at dataprotection@ceravoid.com.

Who else will have access to your personal information?

We may share your information with our service providers and processors in order to deliver the Services to you. These will often be providers that offer solutions for hosting, marketing and other business critical operations. In the case of third parties processing data, we require that they comply with our internal standards, policies, technical and organisational measures, ensuring that your data is protected and remains confidential. We will only share data in accordance with this Privacy Policy and with approved and contractually appointed third parties.

When you authorise us to do so, we may also share your data with other companies so that they can process the data for other purposes, as explained in more detail when we request your prior consent. In addition, if you provide consent for the installation of cookies, your data may be processed by third parties. These cookies are subject to the third parties’ respective Privacy Policies.

Where necessary and compelled by authorities to do so, we may share your information with law enforcement and competent courts. We may also share your information where we have to take legal action to protect our, or third-party rights.

We will not sell your information. Our contracts dictate that third-party service providers may not use your information for their own benefit or for any services other than those requested by us.


If you have any questions or complaints regarding this Declaration, please contact us:

Unit C2,
Century Square,
Heron Crescent,
Century City,
Cape Town,


Additionally, you can contact the Data Protection Authority in the country in which you reside for further information about your rights and how to make a formal complaint.