Privacy Policy

RaveDigital (Pty) Ltd ("RaveDigital", "we", "us", or "our") is a South African digital agency specialising in AI-powered websites, lead generation systems, and business automation. We are committed to protecting the personal information of every individual who interacts with our website, services, or communications.

This Privacy Policy applies to all personal information collected through our website at ravedigital.co.za, our lead capture forms, email communications, and any other touchpoints where we collect personal information.

We collect only the personal information that is necessary for the purposes described in this policy. The categories of information we may collect include:

We do not collect special personal information (as defined in POPIA Section 26) such as race, religion, health information, sexual orientation, or criminal records.

We collect personal information through the following means:

• Lead capture forms — when you submit an enquiry through our website contact or quote request forms.
• Email and phone communications — when you contact us directly via email or telephone.
• WhatsApp — when you initiate a conversation through our WhatsApp business contact.
• Cookies and analytics — automatically when you browse our website, subject to your cookie consent preferences.
• Service delivery — during the course of providing services to you as a client.

We process your personal information only for specific, explicitly defined, and lawful purposes. We will not process your information in a manner incompatible with these purposes.

Under POPIA, we are required to have a lawful basis for processing your personal information. We rely on the following grounds:

• Consent — you have given us clear consent to process your information for a specific purpose (e.g., direct marketing, analytics cookies).
• Contractual necessity — processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
• Legal obligation — processing is necessary to comply with a legal obligation to which we are subject.
• Legitimate interest — processing is necessary for our legitimate business interests (e.g., fraud prevention, website security), provided those interests are not overridden by your rights.

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following limited circumstances:

• Service providers (Operators) — third-party vendors who assist us in operating our website and delivering our services (e.g., email delivery via Resend, analytics via Google Analytics, hosting infrastructure). These parties process data on our behalf and are bound by confidentiality obligations.
• Legal requirements — where disclosure is required by law, court order, or a competent authority.
• Business transfers — in the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to equivalent privacy protections.
• With your consent — in any other circumstance where you have given us explicit consent to share your information.

We retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law.

When your information is no longer required, we will delete or anonymise it in a secure manner.

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

• HTTPS encryption on all website communications (TLS 1.2+)
• Encrypted database storage for all lead and client data
• Access controls limiting data access to authorised personnel only
• Cloudflare Turnstile CAPTCHA on all public-facing forms to prevent automated abuse
• Regular security reviews of our systems and third-party integrations

The Protection of Personal Information Act grants you the following rights in respect of your personal information held by us. You may exercise any of these rights by contacting our Information Officer.

We will respond to all rights requests within 30 days of receipt, as required by POPIA.

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse site traffic. You can manage your cookie preferences at any time through our cookie consent banner or by clicking "Manage Cookies" in the footer.

For full details on the cookies we use, their purposes, and how to control them, please read our Cookie Policy.

Our website may contain links to third-party websites and integrates with the following third-party services:

• Google Analytics — website usage analytics (subject to your cookie consent)
• Resend — transactional email delivery
• Cloudflare Turnstile — bot protection on forms
• WhatsApp Business — customer communication (Meta's privacy policy applies to WhatsApp conversations)

We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any external sites you visit.

Our website and services are directed at businesses and adults. We do not knowingly collect personal information from children under the age of 18. If you believe a child has submitted personal information to us, please contact us immediately and we will delete that information without delay.

Some of our third-party service providers (such as Google Analytics and Resend) may process your personal information outside of South Africa. Where such transfers occur, we ensure that adequate safeguards are in place as required by POPIA Section 72, including that the recipient country provides an adequate level of protection, or that appropriate contractual protections are in place.

We will only send you direct marketing communications (such as newsletters or service updates) where you have given us your explicit consent to do so, or where we have an existing client relationship and the communication is relevant to services similar to those you have previously engaged.

Every marketing communication we send will include a clear and easy mechanism to opt out. You can also opt out at any time by contacting us at [email protected] with the subject line "Unsubscribe".

If you are unhappy with how we have handled your personal information, please contact our Information Officer in the first instance. We will investigate your complaint and respond within 30 days.

If you remain dissatisfied after our response, you have the right to lodge a complaint with the Information Regulator of South Africa:

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of our website after any changes constitutes your acceptance of the updated policy.

For any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal information, please contact our designated Information Officer:

We aim to respond to all privacy-related requests within 2 business days and to resolve all matters within the 30-day period prescribed by POPIA.