Privacy Policy

1. Introduction

SHIELD TECHNOLOGIES and its subsidiaries (collectively “Shield Technologies”, “us”  and “we”) understand the importance of protecting your personal  information and we value and respect it. This Privacy Statement describes how SHIELD TECHNOLOGIES collects and uses your  personal information, with whom we share it, and your choices and  rights in relation to your personal information. It applies to personal information that we collect from you during your  interactions with us, whether online, including through our websites  (including mobile sites), social media sites, and mobile applications  (collectively “Internet Services”) that link to this Privacy Statement,  in writing or orally, or personal information that we may collect  offline or receive from third parties.

2. Personal information we collect

SHIELD TECHNOLOGIES is subject to the Protection of Personal Information  Act, No. 4 of 2013 (“POPIA”), the main operative provisions of which  still have to be enacted. “Personal information” is defined in POPIA as  information relating to an identifiable, living, natural person, and  where it is applicable, an identifiable, existing juristic person,  including but not limited to: (a) information relating to the race, gender, sex, pregnancy, marital  status, national, ethnic or social origin, colour, sexual orientation,  age, physical or mental health, well-being, disability, religion,  conscience, belief, culture, language, and birth of the person; (b) information relating to the education or the medical, financial, criminal or employment history of the person; (c) any identifying number, symbol, e-mail address, physical address,  telephone number, location information, online identifier, or other  particular assignments to the person; (d) the biometric information of the person; (e) the personal opinions, views, or preferences of the person; (f) correspondence sent by the person that is implicitly or explicitly  of a private or confidential nature or further correspondence that would  reveal the contents of the original correspondence; (g) the views or opinions of another individual about the person; and (h) the name of the person if it appears with other personal information  relating to the person or if the disclosure of the name itself would  reveal information about the person. Depending on how you interact with us, personal information we collect may include but without limitation: • your name • email address • postal address • telephone number • log-in and account information for authentication purposes and account access • your gender and • social media account information. We may also collect other information that does not personally identify  you. Such other information includes browser and device information,  website and application usage data, IP addresses, demographic  information such as marketing preferences, geographic location, home  language, and information collected through cookies and other  technologies or information that has been anonymised or aggregated. If  we link this information with your personal information, we will treat  such linked information as personal information. You can choose not to  provide personal information to us when requested. However, if this is  necessary to provide you with our solutions, products, and services,  access to our Internet Services, or to perform administrative functions,  we may be unable to do these things.

3. How we collect your personal information

We may collect your personal information from you in a variety of ways when you interact with us, including: • When you access our Internet Services, or interact with us in any other way, or use our solutions, products, and services. o We collect personal information when you place orders for our  solutions, products, and services, you create an account with us, we  process your orders and payment transactions, perform administrative and  business functions, market our solutions, products, and services to you  and when you register for our events, workshops, and seminars or  subscribe to our mailing lists and newsletters. • When you communicate with us. o We collect personal information when we respond to your inquiries and  requests, obtain feedback from you about our solutions, products, and  services or apply for employment with us. • From third-party sources. o We collect personal information from third parties, including public  databases, social media sites, business partners with whom we offer  co-branded services or engage in joint marketing activities, and third  parties that provide list enhancement or similar services. When you use our Internet Services, we may, and third parties we engage  may automatically collect data, including personal information through  the use of cookies and similar technologies. For more information, see  the “Cookies and Similar Technologies” section below.

4. Legal basis for processing your personal information

When we process your personal information in connection with the  purposes set out in this Privacy Statement, we may rely on one or more  of the following legal bases, depending on the purpose for which the  processing activity is undertaken and the nature of our relationship  with you: • Our legitimate interests (or those of a third party with whom we share  your personal information) for the purpose of managing, operating, or  promoting our business, including direct marketing, and transfers within  the • SHIELD TECHNOLOGIESGroup of companies of personal information for business  and administrative purposes, except where such interests are overridden  by your interests or fundamental rights or freedoms which require  protection of personal information. • Where this is necessary to comply with a legal obligation on us. • To protect the vital interests of any individual. • Where you have consented for such processing to take place .

5. Use of your personal information

We may use your personal information to: • Enable you to effectively use and to improve our solutions, products, and services, for example to: o Perform administrative and business functions and internal reporting. o Send administrative information to you. o Obtain feedback from you about our services, products, and solutions  including through client satisfaction surveys, in which event, we will  only use your personal information for the sole purpose of sending you a  survey. o Respond to your inquiries and fulfill requests by you. o Assess the performance of our Internet Services and to improve their operation. o Inform you about and provide you with our products, services, and solutions. o Update our records and keep your contact details up to date. We engage in these activities to manage our contractual relationship  with you, to comply with our legal obligations, or for our legitimate  business interests. • Provide you with marketing materials and personalise your experience with us, for example to: o Send marketing communications to you. o Enable you to subscribe to our newsletters and mailing lists. o Enable you to register for SHIELD TECHNOLOGIES events, workshops, and seminars. We engage in these activities with your consent or for our legitimate business interests. • Achieve our business purposes and analyse information. For example, to: o Establish, manage, and maintain our business relationship with you. o Compile usage statistics for our Internet Services. o Recruit staff. o Process and respond to privacy requests, questions, concerns, and complaints. o Fulfill legal and contractual obligations. We engage in these activities to manage our contractual relationship  with you, to comply with a legal obligation, and for our legitimate  business interests.

6. Sharing your personal information

We may share your personal information for the purposes set out in this Privacy Statement (as applicable): • With our subsidiaries for the purposes set out in this Privacy  Statement. SHIELD TECHNOLOGIES is the party responsible for the management of  jointly used personal information. • With business partners with whom we offer co-branded services or engage in joint marketing activities. • With service providers to provide operational services or facilitate  transactions on our behalf, including but not limited to processing of  orders, assisting with sales-related activities or post-sales support,  client support, email delivery, data analytics, and auditing. • Where you consent to the sharing of your personal information. • In connection with any joint venture, merger, sale of company assets,  consolidation or restructuring, financing, or acquisition of all or a  portion of our business by or to another company. • Where applicable, for credit reference, fraud prevention or business scoring agencies, or other credit scoring agencies. • For debt collection agencies or other debt recovery organisations. • For other legal reasons: o We may share your personal information in response to a request for  information by a competent authority in accordance with, or required by  any applicable law, regulation, or legal process; o Where necessary to comply with judicial proceedings, court orders, or government orders; or o To protect the rights, property, or safety of SHIELD TECHNOLOGIES, its  business partners, you, or others, or as otherwise required by  applicable law. Any third parties with whom we share personal information are  contractually required to implement appropriate data protection and  security measures to protect personal information and are not permitted  to use personal information for any purpose other than the purpose for  which they are provided with or given access to personal information.

7. Security of your personal information

SHIELD TECHNOLOGIES is committed to protecting your personal information  from accidental or unlawful destruction, damage, loss, alteration,  unauthorised access, or disclosure by using reasonable, appropriate,  physical, administrative, and technical safeguards and contractually  requiring that third parties to whom we disclose your personal  information do the same.

8. Cross border transfers

SHIELD TECHNOLOGIES has a number of operations outside of South Africa and  may transfer your personal information to countries where we do business  or to international organisations in connection with the purposes  identified above and in accordance with this Privacy Statement. • For individuals who are citizens and residents of countries in the European Union (“EU”): • The protection of your personal information is regulated by the  General Data Protection Regulation 2016/679 (“GDPR”) which came into  force on 25 May 2018. SHIELD TECHNOLOGIES will comply with all legal  obligations under the GDPR insofar it relates to it and its  subsidiaries. • Where we transfer your personal information from a location within the  EU to a country or international organisation outside the EU we shall  comply with the provisions and our obligations under Chapter 5 of the  GDPR, insofar they are applicable to us. • You may obtain a copy of these measures by contacting us in accordance with the “How to contact us” section below.

9. Your rights under data protection laws in the EU

SHIELD TECHNOLOGIES adheres to applicable data protection laws in the EU,  which provide you with certain rights relating to your personal  information (if you are an EU citizen), subject to any legal exceptions.  Your rights include: • The right to access personal information that we hold about you. • The right to rectify inaccurate personal information we hold about you  without undue delay, and considering the purposes of the processing, to  have incomplete personal information about you completed. • The right to ask us to erase your personal information (the right to  be forgotten) without undue delay in certain circumstances. • The right to restrict the processing of your personal information in certain circumstances. • The right to receive your personal information from us in a  structured, commonly used and machine-readable format and to transmit  your personal information to a third party without obstruction (right to  data portability) in certain circumstances. • Where we process personal information based on your consent, you have  the right to withdraw your consent at any time for future processing. • Where we process your personal information based upon our legitimate  interests or those of a third party, you have the right to object to the  processing of your personal information at any time (including to any  profiling). • Where we process your personal information for direct marketing  purposes, you have the right to object to processing your personal  information at any time, including profiling to the extent that it is  related to such direct marketing. • The right not to be subject to a decision based solely on automated  processing, including profiling, which produces legal effects concerning  you or similarly significantly affects you. You may lodge a complaint with a data protection supervisory authority  in the EU if you believe that your data protection rights relating to  your personal information have been breached by SHIELD TECHNOLOGIES or that  your personal information has been compromised in some way. You may  contact us with requests, complaints, or questions regarding these  rights as set forth in the “How to contact us” section, below. Similarly, individuals in countries outside of the EU may exercise their  rights under any applicable data protection laws by contacting us in  accordance with the “How to contact us” section, below.

10. Cookies and Similar Technologies

When you access our Internet Services, we use cookies (small text  files containing a unique ID number which are placed on your PC or  device) and similar technologies including scripts, embedded web links  and web beacons. We use cookies to assist us with activities such as: • Enabling you to sign in to our Internet Services; • Authenticating you; • Keeping track of information, you have provided to us; • Improving your browsing experience; • Customising our interactions with you; • Storing and managing your preferences and settings; • Compiling statistical data; • Analyzing the performance and usability of our Internet Services; • Measuring traffic patterns for our Internet Services; and • Determining which areas of our Internet Services have been visited. These technologies collect information that your browser sends to our  Internet Services including your browser type, information about your IP  address (a unique identifier assigned to your computer or device which  allows your PC or device to communicate over the Internet), together  with the date, time and duration of your visit, the pages you view and  the links you click. Our Internet Services may also contain web beacons or similar  technologies from third-party analytics providers, through which they  collect information about your activities across our Internet Services  to help us compile aggregated statistics.

11. Links to third-party websites and applications

Our Internet Services may contain links to third-party websites and  applications. We are not responsible for and make no representations or  warranties in relation to the privacy practices or content of any  third-party websites and applications. Your use of such sites and  applications is subject to the applicable third-party privacy statement  and is at your own risk.

12. Direct marketing

We may send you direct marketing communications about our solutions,  products, and services. You can choose whether you wish to receive  marketing communications from SHIELD TECHNOLOGIES by email, SMS, post, and  phone. You may opt-out of receiving marketing materials from us at any  time and manage your communication preferences by: Following the unsubscribe instructions included in each marketing email  or SMS text message from us; Sending an email to the sender of the  marketing communications; or Writing to: SHIELD TECHNOLOGIES Attn: Group Executive:Email:  info@shieldtechnologies.co.za, including your details and a description of the  marketing material you no longer wish to receive from us. We will comply  with your request as soon as is reasonably practicable. If you opt-out of receiving marketing-related communications from us, we  may still send you administrative messages as part of your ongoing use  of our products, solutions, and services, which you will be unable to  opt-out of. We do not provide your personal information to unaffiliated third  parties for direct marketing purposes or sell, rent, distribute or  otherwise make personal information commercially available to any third  party.

13. Retaining your personal information

We will retain your personal information for as long as is necessary  to fulfill the purpose for which it was collected unless a longer  retention period is required to comply with legal obligations, resolve  disputes, protect our assets, or enforce agreements. The criteria we use  to determine retention periods include whether: • We are under a legal, contractual or other obligation to retain  personal information, or as part of an investigation or for litigation  purposes; • Personal information is needed to maintain accurate business and financial records; • There are automated means to enable you to access and delete your personal information at any time; • You have consented to us retaining your personal information for a  longer retention period, in which case, we will retain personal  information in line with your consent.

14. Updates to this Privacy Statement

We may update this Privacy Statement at any time. If we do, we will  update the “last modified” section at the bottom of this Privacy  Statement. We encourage you to regularly review this Privacy Statement to stay informed about our privacy practices.

15. How to contact us

If you have any complaints, requests, or questions about how your  personal information is handled by SHIELD TECHNOLOGIES, you have a privacy  concern or you wish to make a request or a complaint relating to your  personal information, please contact us. You can reach us at SHIELD TECHNOLOGIES Email: info@shieldtechnologies.co.za You also have the right to lodge a complaint with the Information Regulator once POPIA comes into effect.