Impact Business Development (Pty) Ltd (“IBD”, “we”, “us”, “our”) is a technology company registered in South Africa. This policy explains how we handle personal information collected through our website and related enquiry and marketing channels.
| Responsible party | Impact Business Development (Pty) Ltd |
|---|---|
| Registered address | Mount Quray Road, Midlands Office Park, Midrand, Gauteng, 1692, South Africa |
| Company registration no. | 2021/836887/07 |
| Information Officer | Joe Meyer |
| Privacy contact | privacy@mail.impacted.co.za |
Under POPIA, IBD is the “responsible party” for the personal information described here. Under the GDPR, IBD is the “data controller.”
This policy concerns our website and enquiry channels. It is important to be clear about our product, the Behavioural Risk Intelligence Platform and its Harassment Risk Assessment (HRA™).
Participants in an assessment respond through an open link that collects no identifiers of any kind. Responses carry no name, email, employee number, device identifier or any other information that could connect a response to an individual. Because the platform never collects identifiers, assessment responses are anonymous and cannot be linked to any person. The platform therefore does not process respondents’ personal information, and this policy does not apply to it.
Where IBD provides the platform to a client organisation, the handling of any data exchanged in that engagement is governed by the separate agreement between IBD and that organisation.
We only collect personal information that you choose to give us, principally when you complete the “Partner With Us” enquiry form or otherwise contact us. We collect:
| Information | Why we collect it | Lawful basis |
|---|---|---|
| Name, work email, organisation | To identify you and respond to your enquiry | Consent / legitimate interest |
| Partner type, role, country (optional) | To route your enquiry to the right person and respond appropriately | Consent / legitimate interest |
| Organisation size (optional) | To scope a potential assessment, where relevant | Consent / legitimate interest |
| Anything you write in your message | To understand and respond to what you need | Consent / legitimate interest |
| Limited technical/usage data (see section 7) | To operate and secure the website | Legitimate interest |
We do not knowingly collect special categories of personal information through the website, and we ask that you do not include such information in your enquiry message.
We do not sell your personal information. We do not use it for automated decision-making that produces legal or similarly significant effects.
We share personal information only with service providers who help us run our website and manage enquiries, and only as needed for them to perform that service. Our principal processor is:
We may also disclose personal information where required by law, to protect our rights, or in connection with a business transfer. We do not otherwise share your information with third parties.
GoHighLevel (HighLevel Inc.) is based in the United States and processes data on infrastructure located in the United States. This means that when you submit an enquiry, your personal information is transferred to and stored in the United States, outside South Africa and the European Economic Area.
Our website runs on GoHighLevel, which uses cookies and similar technologies necessary to operate the site and its forms, and to provide us with basic, aggregated usage information. We do not use Google Analytics, advertising pixels, or third-party tracking or remarketing tools on our website.
Most browsers let you refuse or delete cookies. Blocking essential cookies may affect how parts of the website function.
We keep enquiry and contact information for 24 months after our last contact with you, after which it is deleted or anonymised, unless we are required to keep it longer to meet a legal obligation or to establish, exercise or defend a legal claim.
We apply appropriate technical and organisational measures to protect personal information against loss, misuse, and unauthorised access or disclosure, and we require our service providers to do the same. No method of transmission or storage is completely secure, but we work to protect your information and to respond appropriately if a security incident occurs.
Depending on where you are, you have rights over your personal information. These include:
To exercise any of these, contact us at privacy@mail.impacted.co.za. We will respond within the time required by law.
If you are in South Africa and believe we have not handled your personal information lawfully, you may complain to the Information Regulator (South Africa): enquiries@inforegulator.org.za / inforegulator.org.za.
If you are in the European Union, you may complain to your local data protection supervisory authority. In France, this is the Commission Nationale de l’Informatique et des Libertés (CNIL): cnil.fr.
We may update this policy from time to time. The current version is always the one published on our website, with its effective date shown at the top.
Questions about this policy or your personal information:
Information Officer: Joe Meyer
Email: privacy@mail.impacted.co.za
Impact Business Development (Pty) Ltd, Mount Quray Road, Midlands Office Park, Midrand, Gauteng, 1692, South Africa