Privacy Policy

Last updated: 7 January 2026

Introduction

TriplicityID Pty Ltd (we, us, our) is a South-African based company providing identity-related fraud risk services. We are committed to protecting personal information and respecting the privacy of individuals who visit our website or interact with us in the course of our business activities.

This Privacy Policy explains how we collect, use, disclose, and protect personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA), and, where applicable, personal data under the EU General Data Protection Regulation (GDPR).

This policy applies to visitors to our website, prospective clients, business contacts, and other individuals whose personal information we process through our website or general business interactions. Additional information about how personal information is processed in connection with our products and services is provided in our service-specific terms and policies.

What Personal Information We Process

We may process the following categories of personal information:

• Contact information, such as name, email address, and telephone number
• Professional or business-related information, such as your role, organisation, or area of interest
• Communications and correspondence
• Technical information, including IP address, browser type, device information, and usage data
• Marketing and relationship management information recorded in our customer relationship management systems

We do not intentionally or generally collect special personal information, sensitive categories of data, or children’s data through our website or general business interactions.

How We Collect Personal Information

We collect personal information in the following ways:

• when you contact us directly through email or other communications
• when you interact with our website, including through cookies or similar technologies
• through general business interactions conducted in the course of our operations

Why We Collect Personal Information

We process personal information for the following purposes:

• responding to enquiries and communications
• managing business relationships and professional engagements
• maintaining contact lists and sending communications, including direct marketing
• operating, maintaining, and securing our website
• complying with legal and regulatory obligations

Lawful Basis for Processing

We process personal information only where permitted by law. Depending on the circumstances, processing is based on one or more of the following lawful grounds:

• your consent, where required
• performance of a contract or taking steps prior to entering a contract
• compliance with legal obligations
• our legitimate business interests, provided such interests are balanced against your rights and freedoms

Depending on the context, more than one lawful basis may apply to the processing of personal information.

Marketing Communications

We maintain a list of business contacts and prospective clients for relationship management, direct outreach, and the sharing of information about our services.

Communications may be sent on a one-to-one basis or, where appropriate, as broader marketing communications. Where required, direct marketing communications will only be sent with your consent.

You may opt out of receiving marketing communications at any time by contacting us or by using the opt-out mechanism provided in the marketing communication sent to you.

Cookies and Similar Technologies

Our website may use cookies and similar technologies to ensure basic functionality, security, and performance.

Sharing of Personal Information

We do not sell personal information.

We may share personal information with trusted third-party service providers who support our business operations, including technology, hosting, marketing, finance, and legal. Such service providers are contractually required to process personal information only for specified purposes, protect personal information, maintain confidentiality, and implement appropriate security measures.

We may also disclose personal information where required by law or regulatory authorities.

Cross-border Transfers

Personal information may be transferred to and processed by service providers located outside South Africa, including the United States or the European Union, where such transfers are permitted by law. Where transfers occur, they are limited, purpose-specific, and subject to appropriate safeguards that ensure a level of protection substantially similar to that provided under POPIA and, where applicable, GDPR standards.

Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law.

Data Security

We implement appropriate technical and organisational measures to safeguard personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

Access to personal information is restricted to authorised personnel on a need-to-know basis and is subject to appropriate confidentiality obligations.

We take reasonable steps to respond to and manage any suspected data security breaches in accordance with applicable law.

Your Rights

Subject to applicable law, you have the right to:

• Request access to your personal information
• Request correction or updating of inaccurate information
• Request deletion of personal information
• Rrequest restriction of processing of your personal information
• Object to the processing of your personal information, including for direct marketing purposes
• Withdraw consent where processing is based on consent

You also have the right to lodge a complaint with the Information Regulator in South Africa and, where applicable, with a relevant supervisory authority in your jurisdiction.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published on our website and will take effect from the date of publication.

Contact Us

If you have any questions about this Privacy Policy or our data protection practices, please contact Nevellan@triplicityid.com.

You also have the right to lodge a complaint with the Information Regulator in South Africa or, where applicable, with a relevant data protection authority in your jurisdiction.