Privacy Policy

This privacy policy is issued on behalf of Evergreen Essentials (Pty) Ltd (“the company”).

When we mention “we”, “us” or “our”, “the company” in this privacy policy, we are referring to the company defined in clause 1.1 who is responsible for processing your data.

In this policy, reference to “Data Protection Laws” means any statutes, laws, legislation, or regulations or binding policy, code of any government authority that relates to the security and protection of personally identifiable information, data privacy, trans-border data flow or data protection in force from time to time in the Republic of South Africa, including but not limited to POPIA, Electronic Communications and Transactions Act 25 of 2002, Promotion of Access to Information Act 2 of 2002, and/or any equivalent legislation of other jurisdiction(s) where Personal Information is being processed or where a party is obliged to comply with, including, where applicable, EU Data Protection Laws [General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of national persons with regard to the Processing of Personal Data and on the free movement of such data, as amended, replaced or superseded from time to time.

In this policy, the use of any word or expression, or terms or process of definition in this policy which has its meaning derived from the Protection of Personal Information Act 4 of 2003 (“POPIA”), including but not limited to “Personal Information”, “Responsible Party”, “Data Subject”, “Personal Information Breach”, “Information Regulator”, will be construed to mean the corresponding word or expression or term or process or definition which has its meaning derived from GDPR or any applicable Data Protection Laws, such as “personal data”, “controller”, “data processor”, “process” / “processing”, “data subject”, sub-processor”, personal data breach”, supervisory authority”, ‘commission”, “member state”.

We collect information, content and communications that you, a Data Subject shares with us when you visit our site and register for the purchase of our products and/or in your correspondence with us. Some of this information can be personal data/information (“Personal Information”).

We are a data controller of your Personal Information. This means that we are responsible for deciding how we hold and use Personal Information about you. We aim at all times to be transparent about how we use your data and Personal Information, and to comply with applicable Data Protection Laws in making you aware of the information contained in this policy.

This policy will inform you about what data we collect from our customers, how we use such data, circumstances where we may disclose this data to others, and how we keep it secure.

Any questions relating to this policy and our privacy practices should be sent to us using the contact details set out below.

THE INFORMATION WE COLLECT

We may collect, use, store and transfer different kinds of information which you provide to us when you use our website and register for trialing and/or purchasing products and in your correspondence with us which may include: your name, email, phone, and address, and credit card payment information and any other information that you publicly or directly provide to us.

We do not knowingly collect or share:

• any Special Categories of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data);
• iany information about criminal convictions and offences; or
• any information relating to children under the age of 13.

We are committed to respecting the privacy of children online. If we learn that our systems have inadvertently collected information relating to children under the age of 13, we will promptly delete the information, notify the necessary customer representatives to facilitate a consultation on how this data was collected and put measures in place for it not to happen again.

HOW WE COLLECT, PROCESS, AND STORE YOUR DATA

We collect and process your Personal Information that you provide to us when you register on our website, or purchase products or correspond with us.

WHY WE NEED THIS INFORMATION ABOUT YOU

We use your Personal Information we collect about you to:

• Provide our services to you. This includes: registering you, creating an account for you, processing your orders, delivery of products to you, corresponding with you when you have questions, or complaints or wish to cancel an order, and to market new products to you in the future.
• Our legitimate interests for processing data are in order to provide our services and products to our customers.
• We also use the data in related or ancillary ways, to the services and products that we offer. For example, we may use the data to comply with our legal obligations or enforce our rights, including the legal obligations or enforcement of rights of third parties. We may also use the data to improve our service and product offering.

SHARING OF YOUR DATA

We may share your data with selected third parties, including our business partners, suppliers and sub-contractors (for example- delivery of products to you), for the performance of our services. We may also disclose your data to other third parties. For example, if we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets. Alternatively, if we or substantially all of our assets are acquired by a third party, your data may be part of the transferred assets.

If any third party processes any of your data, we ensure there are sufficient contractual and operational safeguards protecting your data.

In respect of your data, we will not:

• sell or licence your data; or
• directly or indirectly transfer any of your data to any ad network, data broker or other advertising or monetization-related service;

We are not accountable for the faulty practices deployed by third party websites or social media platforms.

DATA SECURITY

We have put in place appropriate security measures to prevent your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your data on our instructions and they are subject to a duty of confidentiality.

DISCLOSURE OF PERSONAL INFORMATION

We will:

• use your data in accordance with this privacy policy.
• treat your Personal Information as confidential. However, we may disclose your data to other third parties for the purposes set out below or for any additional purposes approved by you:
  • Service Providers: service providers who provide IT, hosting and systems administration services.
  • Professional Advisors: professional advisors, including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accountancy services,
  • Authorities: regulators and other authorities,
  • Joint Venture Parties: if our organisation enters into a joint venture with or is sold to or merged with another organisation, your information may be disclosed to our new business partners or owners.

We require all third parties, including specifically our customers to respect the security of your data and to treat it in accordance with Data Protection Laws.

TRANSFERS OUTSIDE OF SOUTH AFRICA

In the event of us transferring your data out of South Africa, we would ensure a similar degree of protection is afforded to such data by ensuring at least one of the following safeguards is implemented:

• We will only transfer your data to countries that have been deemed to provide an adequate level of protection for personal information as that of South Africa;

HOW LONG WE WILL KEEP YOUR INFORMATION

We review our data retention periods regularly and will only hold your data for as long as is necessary for the relevant activity, or as required by law (we may be legally required to hold some types of information). However, if you request that we delete your data, we will delete your data from our system, provided it is not in contravention of any laws or current legislation.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.

YOUR RIGHTS

Under Data Protection Laws, you have the following rights in connection with your Personal Information, which can be exercised in certain circumstances:

• Request access to your Personal Information (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Information we hold about you and to check we are lawfully processing it;
• Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
• Request erasure of your Personal Information. This enables you to ask us to delete or remove Personal Information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Information where you have exercised your right to object to processing (see below);
• Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party). You also have the right to object where we are processing your Personal Information for direct marketing purposes;
• Request the restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of Personal Information about you, for example if you want us to establish its accuracy or the reason for processing it;
• Request the transfer of your Personal Information to another party. We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format; and
• Withdraw your consent where we are relying on consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.

If you would like to exercise any of your rights above, please contact us at [email protected] and provide us with your full details (including name, telephone number, address and email and the precise nature of your request and/or grievance.

You also have the right to make a complaint at any time to the supervisory authority for data protection issues in the country where you live, where you work or where the issue took place, relating to our use of your information.

CHANGES TO OUR PRIVACY POLICY

Any changes we make to our privacy policy in the future will be posted on our website and, where appropriate, displayed on our premises notified to you by e-mail.

CONTACT US