For the purposes of this section, Personal Information will be understood in accordance and regulated by the Electronic Communications and Transactions Act No. 4 of 2021 (‘the ECT Act’), the Data Protection Act No. 3 of 2021 (‘the Data Protection Act’), the Cyber Security and Cyber Crimes Act No. 2 of 2021 (‘the CSCC Act’), and the Information and Communications Technologies Act No. 15 of 2009 (‘the ICT Act’).
1. Key Definitions
Data controller: Any person, either alone or in jointly with other persons, controls and is responsible for keeping and using personal data on a computer, or in structured manual files, and requests, collects, collates, processes, or stores personal data from or in respect of a data subject (Section 2 of the Data Protection Act).
Data processor: A data processor as a person, or a private or public body that processes personal data for and on behalf of and under the instruction of a data controller.
Personal data: Data which relates to an individual who can be directly or indirectly identified from that data which includes a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Sensitive data: Under the Data Protection Act sensitive data has been termed as ‘sensitive personal data’ and means personal data which by its nature may be used to suppress the data subject’s fundamental rights and freedoms and includes:
- the race, marital status, ethnic origin, or sex of a data subject;
- genetic data and biometric data;
- child abuse data;
- a data subject’s political opinions;
- a data subject’s religious beliefs or other beliefs of a similar nature;
- whether a data subject is a member of a trade union; or
- a data subject’s physical or mental health, or physical or mental condition.
Biometric data: Personal data resulting from scientific analysis relating to the physical, physiological, or behavioural characteristics of a natural person, which confirm the unique identification of that natural person.
Pseudonymisation: Processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, where that additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
Data Subject: An individual from, or in respect of whom, personal information is processed (Section 2 of the Data Protection Act).
2. Collection and processing of Personal Information
Color Café collects and processes personal information that is reasonably necessary for its business functions and activities which include but are not limited to the following:
- transacting online at www.colorcafe.com and making of any online purchase(s)
- opening an account on www.colorcafe.com
- taking part in our promotions, surveys, and/or competitions when applicable.
Color Café may also collect personal information about you through accessing data and then analysing from other sources together with the information we already hold about you in order to learn more about your likely preferences and interests. When you visit our websites, social media pages or mobile applications or click on our advertisements on the online media of other companies,
In order to register for certain services or to enter competitions or promotions offered through our website from time to time Color Café may also collect relevant personal information and use such information to provide the services to you.
Color Café may also use such information for its own internal purposes including –
- establishment and verification of your identity;
- maintenance and updates to our customer databases; and
- marketing, product research and development purposes.
Color Café may collect information about you using technology which is not apparent to you, for example “cookies”. An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data stored on the user’s computer by the web browser while browsing a website.
Cookies are designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart) or to record browsing activity (including clicking buttons, logging in, or recording which pages were visited in the past).
Please note that cookies may be necessary to provide you with certain features available on our website, and thus if you disable the cookies on your browser, you may not be able to use those features, and your access to our Website will therefore be limited.
4. Log Files
When you visit Color Café, even if you do not create an account, we may collect information, such as your IP address, the name of your ISP (Internet Service Provider), your browser, the website from which you visit us, the pages on our website that you visit and in what sequence, the date and length of your visit, and other information concerning your computer’s operating system, language settings, and broad demographic information.
This information is aggregated and anonymous data and does not identify you specifically. However, you acknowledge that this data may be able to be used to identify you if it is aggregated with other Personal Information that you supply to us. This information is not shared with third parties and is used only within Color Café on a need-to-know basis.
Any individually identifiable information related to this data will never be used in any way different to that stated above, without your explicit permission.
5. What information we collect.
When you open an account with us, shop at one of our stores, enter any of our competitions, partake in promotions, visit our website, or download or use one of our apps we will collect the following information from you:
- Your name, surname, and residential/postal address;
- Your email address and telephone number.
- Your age, gender, nationality, and language;
- Any other form of personal information that we may reasonably require to offer or provide any of our services or products to you;
6. How we use your Personal Information
We may use your personal information to:
- Respond to any queries or requests you may have;
- inform you of changes made to our website;
- verify your identity, provide you with our products and services,
- improve your overall user experience by analysing it for trends,
- invite you to attend events and promotions we hold,
- developing an online user profile;
- for security, administrative and legal purposes;
- send you marketing material (including electronic communications) relating to products and services you might be interested in. You can unsubscribe from our newsletter at any time and thereafter we will not market to you.
- the creation and development of market data profiles which may provide insight into market norms, practices and trends to help us improve our offering to you. Such information will be compiled and retained in aggregated form, but shall not be used in any way which may comprise the identity of a user.
7. Disclosure of Personal Information
We are not in the business of selling personal information and therefore we will not disclose your personal information to anyone except as provided in this policy.
We may for marketing purposes disclose or transfer your personal information to our agencies.
It may be necessary for us to disclose or transfer your personal information to suppliers, affiliates, partners or agents in order to provide you with our services.
We will obviously need to disclose your personal information to employees of ours who require it to do their jobs. We make sure they are aware of and take their confidentiality obligations seriously. They are contractually bound to keep all confidential information confidential.
There may be situations where the law requires us to disclose your personal information. In all other situations, we will not disclose your personal information without notifying you and enabling you to object.
8. Storage of personal information
Color Café uses all reasonable endeavours to put in place and maintain secure electronic procedures and systems to ensure accuracy and to eliminate risks of unauthorised access to, and loss, misuse or wrongful alteration of, personal information with reference to accepted technological standards.
If you have any questions concerning your personal information, please contact us.
9. Personal information shared
9.1 Color Café will not sell, rent or otherwise disclose your personal information to any third party without your express and informed consent, provided that by using our website and/or subscribing for any of our services, you provide said consent for Color Café to disclose your personal information to third parties as follows –
9.1.1 to third party companies employed by Color Café to provide services for us, including for example, our website hosting and development company may require access to your personal information to perform their functions and not for any other purpose;
9.1.2 to transfer Color Café’s customer database/s, including personal information contained therein, to any third party who acquires all or substantially all the assets or shares in our company or our website service whether by sale, merger, acquisition or otherwise;
9.1.3 to governmental agencies, exchanges and other regulatory or self-regulatory organisations if Color Café is required to do so by law or if we believe that such action is necessary to –
126.96.36.199 comply with the law or with any legal process;
188.8.131.52 protect and defend our rights and property or that of our customers and companies in our group;
184.108.40.206 prevent fraud or abuse, misuse or unauthorised use of our website; and/or
220.127.116.11 protect the personal safety or property of our customers or the public (if you provide false or deceptive information about yourself or misrepresent yourself as being someone else, Color Café will disclose such information to the appropriate regulatory bodies and commercial entities).
9.2 Color Café reserves the right to share non-personal, non-individual information in aggregate form with third parties for business purposes, for example with advertisers on our website or business associates and partners. This does not involve disclosing any personal information which can identify any individual consumer in any way.
Although absolute security cannot be guaranteed on the internet, Color Café has in place up-to-date, reasonable technical and organisational security measures to protect your Personal Information against accidental or intentional manipulation, loss, misuse, destruction or against unauthorised disclosure or access to the information we process online.
The Color Café web site uses an industry standard 128-bit Server CA certificate to implement Secure Sockets Layer (SSL) encryption to encrypt transmission of sensitive information between the user’s browser and our web server. SSL security is among the best approaches available today for secure commerce transactions. All personal information of our users is encrypted in order to ensure that it cannot be read during the transmission of information over the internet.
12. Accuracy of Information
It is important that the information we have about you is accurate and up to date. If your personally identifiable information changes you may correct or update it online. We cannot be liable for any information that is inaccurate and/or obsolete.
13. Communicating with us
14. Communicating with you / Opting Out
As an existing customer, we provide you the opportunity to ‘opt-out’ of having your personally identifiable information used for certain purposes, when we ask for this information. If you no longer wish to receive our newsletters and/or promotional communications, you may opt-out of receiving them by:
- following the instructions included in each newsletter or communication
- updating your registered profile preferences on our website.