1. Introduction

Welcome to DIGI-M’s POPI Disclaimer Document. This document is designed to provide you with information on how we collect, use, protect, and share personal information in
accordance with the principles and requirements outlined in the Protection of Personal Information Act (POPIA) of South Africa.

As a digital marketing agency committed to maintaining the privacy and security of your personal information, we have developed this document to ensure transparency and clarity
in our data processing practices.

By accessing and utilizing our website and services, you acknowledge your awareness of and consent to the practices described in this document. It is important to understand your
rights and responsibilities concerning your personal information, and we encourage you to read this document carefully.

This POPI Disclaimer Document serves as a foundation for your trust in us and demonstrates our dedication to safeguarding your privacy. Still, should you have any questions or
concerns about the contents of this document or our data processing practices, please do not hesitate to contact us using the information provided at the end of this document.
Thank you for choosing DIGI-M. Your privacy and trust matter to us.

2. Business Information

  • The Idea Portal Development
  • Address: 02 Dan Pienaar Mall, 28 Graaf Reinet Street, Dan Pienaar, Bloemfontein, 9301
  • Contact Details: +27 51 436 5726 | +27 72 115 9928 | bradley@digi-m.co.za | philip@digi-m.co.za
  • Website: https://digi-m.co.za
  • Registration Number: 2020/899126/07

3. Personal Information

Personal information encompasses any data that can uniquely identify an individual or juristic person, including, but not limited to:


Contact Information: Such as full name, email address, physical address, phone number, and fax number.

Identification Information: Including identity or passport numbers, driver’s license details, or other government-issued identification.

Financial Information: Such as bank account numbers, credit card details, and financial transaction history.

Personal Characteristics: This covers physical attributes, photographs, and any biometric information used for identification.

Online Identifiers: Including IP addresses, device IDs, cookies, and other digital markers used for tracking.

Health and Medical Information: Any medical records, health status, and health-related data.

Employment Details: Such as job titles, employment history, and company affiliation.

Demographic Information: This includes age, gender, nationality, and similar demographic data.

If you require any further details or have specific questions about the personal information we collect and handle, please feel free to contact us.

It’s important to note that any information that can be used to distinguish one person from another is considered personal information. At DIGI-M, we treat personal information with
the utmost care and adhere to the principles and requirements outlined in the Protection of Personal Information Act (POPIA).

4. Legal Basis of Processing

At DIGI-M, we process personal information in strict accordance with the legal grounds outlined by the Protection of Personal Information Act (POPIA). Our processing activities are
based on the following lawful grounds:

Consent: When you provide us with your explicit consent to process your personal information for specific purposes, we ensure that your consent is obtained freely, and you have the
right to withdraw it at any time.

Legitimate Interests: In cases where the processing is necessary for our legitimate interests or those of a third party, we ensure that your fundamental rights and interests are not
overridden.

Legal Obligations: We may process personal information to comply with legal obligations imposed on DIGI-M under applicable laws and regulations.
It’s our commitment to ensure that the processing of personal information aligns with the provisions of POPIA, and we always strive to maintain transparency in our processing
activities.

Should you have any questions regarding the legal basis for processing personal information or need further clarification, please don’t hesitate to reach out to us.

5. Purpose of Procesisng

At DIGI-M, the collection and processing of personal information are carried out with a clear and specific purpose in mind. We ensure that the processing of personal information is
relevant and aligned with the services we offer and the interactions we have with our clients, partners, and users.

For Example, we collect and process personal information for the following purposes:

Providing Services: We use your personal information to deliver the services you’ve requested from us. This includes implementing marketing strategies, digital campaigns, and
other digital marketing services to enhance your online presence.

Communication: We use personal information to communicate with you effectively. This includes responding to your inquiries, providing updates about our services, and addressing
any concerns you may have.

Marketing: With your consent, we may use your personal information to send you promotional materials, updates, and information about our latest offerings. You have the right to
opt-out of these communications at any time.

Legal and Regulatory Compliance: We may process personal information to fulfill our legal and regulatory obligations, ensuring that our operations adhere to the applicable laws.

Improving Services: We analyze aggregated data to enhance our services and provide you with a better user experience. This includes evaluating the effectiveness of marketing
campaigns and understanding user preferences.

Security: Personal information may be processed to maintain the security and integrity of our website, services, and client relationships.

It’s our commitment to process personal information in a transparent and responsible manner, ensuring that the purpose aligns with the context in which the information was
collected.

If you have any questions about the purposes for which we process personal information or require further clarification, please feel free to contact us.

6. Consent

At DIGI-M, we prioritize your privacy and rights regarding the collection and processing of your personal information. Before we collect and process any personal information, we ensure that you provide your explicit and informed consent.

Obtaining ConsentWe believe in transparency and accountability. When you share your personal information with us, we clearly explain the purpose for which we will use it. By voluntarily providing your personal information, you give us your explicit consent to process it for those specified purposes.

Withdrawal of Consent: You have the right to withdraw your consent at any time. If you choose to withdraw your consent, it will not affect the lawfulness of any processing we conducted prior to your withdrawal. To withdraw your consent, simply contact our Data Protection Officer at bradley@digi-m.co.za. We will promptly update our records and stop any processing activities based on your consent.

However, please note that in some cases, withdrawing consent may impact our ability to provide certain services. If that happens, we will inform you accordingly.

Your privacy and control over your personal information matter to us. We are committed to respecting your choices and ensuring you have the necessary tools to manage your consent preferences.
If you have any questions about how we obtain and manage consent, please feel free to contact us.

7. Collection of Personal Information

At DIGI-M, we are committed to ensuring that the collection of your personal information is carried out in a transparent and responsible manner. We collect personal information
through various methods, each designed to provide you with the best experience while safeguarding your privacy.

Methods of Collection:

Online Forms: When you engage with our website, you may come across online forms that request certain personal information, such as your name, email address, and contact
details. These forms are designed to facilitate communication, provide you with information about our services, and tailor our offerings to your needs.

Cookies and Similar Technologies: Like many websites, we use cookies and similar technologies to enhance your browsing experience and gather relevant information. Cookies are
small files that are stored on your device and help us recognize you on your next visit. They allow us to improve our website’s functionality, provide personalized content, and analyze
user behavior to enhance our services.

Direct Communication: Whenever you reach out to us via email, phone, or other communication channels, we may collect personal information that you voluntarily provide during these interactions. This information helps us address your inquiries, provide relevant information, and offer tailored services.

Informed Consent: Before collecting any personal information, we ensure that you are fully informed about the data we collect and the purpose for which it will be used. We believe
in empowering you to make informed decisions about sharing your personal information with us.

Transparency Matters: We are committed to maintaining transparency in our data collection practices. Our aim is to ensure that you understand what information is being collected
and why. This helps us build trust and ensures that your rights and privacy are respected at all times.

Should you have any questions about the collection methods we use or the type of information we gather, please feel free to contact us. Your privacy and comfort are our priority.

At DIGI-M, we value the trust you place in us when you share your personal information. We are committed to using and processing this information responsibly and for legitimate
purposes, ensuring that it enhances your experience and provides you with the best possible service.

Purpose of Use: We use the personal information we collect for specific purposes that are relevant to our services and your interactions with DIGI-M. These purposes include, but are
not limited to:

Providing Services: Your personal information allows us to deliver the digital marketing services you request, tailored to your needs and preferences.

Communication: We use your contact information to communicate with you regarding our services, updates, and relevant information.

Improving User Experience: By analyzing your interactions with our website and services, we aim to enhance your overall experience by offering relevant content and
recommendations.

Marketing and Promotions: With your consent, we may use your information to provide you with marketing materials, promotions, and news about our services that we believe may
be of interest to you.

Legal Compliance: In some cases, we may be required to process your personal information to fulfill legal and regulatory obligations.

Sharing of Personal Information: We may share your personal information with carefully selected third-party service providers and partners who assist us in various aspects of our
operations. These third parties are chosen with the utmost care, and we ensure they comply with data protection standards. Some instances where we may share your information
include:

Service Providers: We may engage third-party service providers to assist us in delivering our services effectively. These may include website hosting, analytics, and customer
relationship management.

Legal Requirements: If required by law, we may share your personal information to comply with legal obligations, protect our rights, or respond to lawful requests from public
authorities.

We ensure that any third parties with whom we share your information are bound by confidentiality and data protection agreements to safeguard your privacy.

Your Rights: At any point, you have the right to object to the processing of your personal information for direct marketing purposes. You also have the right to access, update, correct,
or delete the information we hold about you. To exercise these rights, please contact us using the details provided in this document.

By using our services, you acknowledge and consent to the use and processing of your personal information as described in this section.

9. Retension Guidelines:

At DIGI-M, we are committed to retaining your personal information only for as long as it is necessary to fulfill the purposes for which it was collected and to comply with legal and
regulatory requirements. Nevertheless, our retention periods are carefully determined, taking into account the nature of the information, the purposes for processing, and any legal obligations we may have.

Retention Guidelines:

Service Fulfillment: We retain your personal information for the duration necessary to provide you with the requested services and to fulfill our contractual obligations.

Communication: If you have subscribed to receive communications from us, we retain your contact information to ensure we can continue delivering relevant updates and
information.

Legal Compliance: We may retain certain personal information for periods required by applicable laws, regulations, or legitimate business needs, even after the initial purpose has
been fulfilled.

Secure Deletion or Anonymization:

Once your personal information is no longer required for the purposes for which it was collected and processed, we take appropriate measures to ensure its secure deletion or
anonymization. This is done to prevent any further processing or use of the data for purposes not aligned with the original intention of collection.

Your Right to Erasure:

If you wish to have your personal information deleted before the end of its retention period, you have the right to request the erasure of your data. Please refer to the “Data Subject
Rights” section of this document for information on how to exercise this right.

By using our services, you acknowledge and consent to the retention of your personal information as described in this section.

10. Data Subject Rights

At DIGI-M, we respect and uphold your rights as data subjects under the Protection of Personal Information Act (POPIA). We are committed to ensuring that you can exercise these
rights easily and effectively. Below are the rights you have in relation to your personal information:

Access to Personal Information: You have the right to request access to the personal information we hold about you. This includes information about the purposes of the processing,
the categories of data processed, and the recipients or categories of recipients to whom the data is disclosed.

Rectification: If you believe that any of your personal information is inaccurate or incomplete, you have the right to request its correction or completion.

Erasure (Right to be Forgotten): You have the right to request the deletion of your personal information when it is no longer necessary for the purposes for which it was collected if
you withdraw your consent, if the processing is unlawful, or if erasure is required by law.

Restriction of Processing: You can request the restriction of processing your personal information when there are disputes about its accuracy if the processing is unlawful, or if we
no longer need the data for its original purpose but you require it for legal claims.

Objection to Processing: You have the right to object to the processing of your personal information, including direct marketing, at any time.

Data Portability: You can request to receive your personal information in a structured, commonly used, and machine-readable format, and you can also request the transmission of
this data to another responsible party, where technically feasible.

Withdrawal of Consent: If we are processing your personal information based on your consent, you have the right to withdraw that consent at any time.

Lodging Complaints: If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the relevant data protection authority.

How to Exercise Your Rights:

To exercise any of the above rights, please contact our Data Protection Officer at bradley@digi-m.co.za. We will respond to your request within the timeframes required by law and
provide you with information on the action taken in response to your request

Exceptions:

Please note that there may be circumstances in which we are legally entitled to refuse your request or to keep certain information. We will explain this to you in our response to your
request.

By using our services, you acknowledge and consent to the rights you have in relation to your personal information as described in this section.

At DIGI-M, we take the security of your personal information seriously and have implemented a range of security measures to safeguard it from unauthorized access, loss, alteration,
or disclosure. Our commitment to your data security includes the following:

Technical Safeguards: We employ advanced security technologies and protocols to protect your personal information during transmission and storage. This includes encryption,
firewalls, and intrusion detection systems.

Access Control: Access to personal information is restricted to authorized personnel who require the data to perform their duties. Access is granted based on role-based
permissions, minimizing the risk of unauthorized access.

Regular Security Audits: We regularly conduct security audits and assessments to identify vulnerabilities and potential threats to the security of personal information. This enables
us to address any weaknesses promptly.

Employee Training: Our employees undergo comprehensive training on data protection and security practices to ensure they understand the importance of safeguarding personal
information and following best practices.

Data Minimization: We only collect and process personal information that is necessary for the stated purposes. Unnecessary data is not collected or retained.

Retention Limits: We retain personal information only for as long as necessary to fulfill the purposes for which it was collected. Once the purpose is fulfilled, we securely delete or
anonymize the data.

While we implement these security measures, it’s important to note that no method of data transmission over the Internet can be guaranteed as entirely secure. Therefore,
individuals should exercise caution and use secure connections when sharing personal information online.

Your Role in Data Security:

We encourage you to play an active role in maintaining the security of your personal information. This includes using strong, unique passwords for your accounts and refraining from
sharing sensitive information through unsecured communication channels.

Reporting Security Concerns:

If you believe that your personal information has been compromised or that there has been unauthorized access to it, please contact us immediately at bradley@digi-m.co.za. We
take all reports of security incidents seriously and will investigate promptly.

By using our services, you acknowledge and understand the security measures we have in place and your role in maintaining data security.

12. Cross-Border Transfers

At DIGI-M, we may transfer personal information to various countries for processing, including countries outside of South Africa. These transfers are essential to ensure the effective
operation of our services and fulfill the purposes outlined in this document. When personal information is transferred to countries that may have different data protection laws from
South Africa, we take measures to ensure that adequate safeguards are in place to protect the transferred information.

Safeguards for Cross-Border Transfers:

Standard Contractual Clauses: In instances where the European General Data Protection Regulation (GDPR) applies, we use standard contractual clauses approved by the European
Commission to ensure that cross-border transfers are conducted in accordance with GDPR requirements.

Binding Corporate Rules (BCRs): For international transfers within our organization, we may adopt BCRs, which are a set of binding rules and commitments that ensure the
protection of personal information transferred between different parts of our global organization.

Consent: In some cases, we may obtain your explicit consent before transferring your personal information across borders. Your consent will be obtained in accordance with the
relevant data protection laws.

Legitimate Interests: In cases where the transfer is necessary for the performance of a contract between you and DIGI-M, or for the establishment, exercise, or defense of legal
claims, we may transfer personal information based on legitimate interests.

Your Rights:

When your personal information is transferred to countries with different data protection laws, you still have the rights outlined in this POPI Disclaimer Document. You can exercise
your rights by following the process specified in the “Data Subject Rights” section.

Contact Us:

If you have any questions or concerns regarding cross-border transfers of personal information, please contact us at bradley@digi-m.co.za. Your privacy is important to us, and we
are committed to ensuring that your personal information is adequately protected, regardless of where it is transferred.

13. Complaints Process

At DIGI-M, we are committed to ensuring the privacy and protection of your personal information. If you have any concerns or complaints about how we handle your personal
information, we encourage you to follow our complaints process outlined below:

Step 1: Contact Us

If you have a complaint related to the handling of your personal information, please reach out to our Data Protection Officer. You can contact our Data Protection Officer at
bradley@digi-m.co.za. Please provide as much detail as possible about your concern or complaint so that we can effectively address the issue.

Step 2: Investigation

Upon receiving your complaint, our Data Protection Officer will initiate an investigation into the matter. We will assess the nature of the complaint, review the relevant information
and work to understand the circumstances surrounding the issue.

Step 3: Resolution

We aim to resolve your complaint promptly and fairly. Our team will communicate with you to address your concerns, provide explanations, and, if necessary, take corrective
measures to rectify any issues related to the handling of your personal information.

Step 4: Escalation

If you feel that your complaint has not been adequately resolved, or if you are dissatisfied with our response, you have the right to escalate the matter. You can do so by contacting
the relevant data protection authority in South Africa.

Your Rights:

Lodging a complaint will not affect your rights or legal status. You still have the right to exercise your rights as outlined in this POPI Disclaimer Document while your complaint being investigated.

Contact Us:
If you have any questions or concerns about our complaints process or the handling of your personal information, please don’t hesitate to contact our Data Protection Officer
bradley@digi-m.co.za. We value your privacy and are committed to addressing any concerns you may have.

14. Contact Information

If you have any questions, concerns, or inquiries related to this POPI Disclaimer Document or our practices regarding the collection, use, protection, and sharing of personal
information, please do not hesitate to contact our dedicated Data Protection Officer:

Data Protection Officer:

Name: Bradley Long.

Email: bradley@digi-m.co.za

Phone: +27 72 115 9928

Address: 02 Dan Pienaar Mall, 28 Graaf Reinet Street, Dan Pienaar, Bloemfontein, 9301

Our Data Protection Officer is here to assist you and address any queries you may have about your personal information, rights, and how we handle your data in compliance with the
Protection of Personal Information Act (POPIA).

We value your privacy and are committed to providing transparent and accurate information about our data protection practices. Your trust is important to us, and we are here to
ensure that your inquiries are addressed promptly and professionally.

15. Updates to the Disclaimer

We will update this POPI Disclaimer Document periodically to reflect changes in our data protection practices, legal requirements, or other relevant factors. Any updates will take effect immediately upon posting on our website. We encourage you to review this document regularly to stay informed about how we protect your personal information and comply with the Protection of Personal Information Act (POPIA).

By continuing to access and use our website and services after we make any changes to this document, you accept the revised POPI Disclaimer Document. If you disagree with the terms outlined in the updated document, please refrain from using our website and services.

We are committed to keeping you informed about our data protection practices and will make every effort to notify you of any significant changes to this document.

16. Effective Date

This POPI Disclaimer Document is effective from 18/08/2023.