Let's connect

Privacy Policy

1. Introduction

We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our mobile platform, or interact with our services. We adhere to the requirements of:

  • The Protection of Personal Information Act, 2013 (POPIA)
  • The General Data Protection Regulation (GDPR)
  • ISO/IEC 27001:2022 Information Security Management standards

By using our website or services, you acknowledge that you have read and understood this Privacy Policy and agree to the processing of your personal information as set out herein.

2. Who We Are

This Privacy Policy applies to the processing of personal data by:

  • Wyzetalk (Proprietary) Limited, a company registered in South Africa with registration number 2011/118805/07
  • Wyzetalk Holding B.V, a company incorporated in the Netherlands with registration number KvK 76640353

(Collectively referred to as “we”, “us” or “our”), operating a multi-channel SaaS platform for workforce engagement. Our contact details can be found in the “Contact Us” section below.

3. What Personal Data We Collect

We may collect and process the following types of personal information:

  • Identity and Contact Data: Full name, business or personal email address, phone number, employer/company name.
  • Technical and Usage Data: IP address, browser type, device identifiers, usage logs, session activity, cookies.
  • Communication Data: Enquiries submitted via forms, messages, or support interactions.
  • Consent Records: Records of marketing opt-ins, privacy consents, or other affirmative actions.
  • Platform User Data: Information entered when using our mobile or web-based platform (if applicable), which may include names, location, communication preferences, and interaction history.

We do not intentionally collect sensitive personal information unless it is explicitly provided by you for a specific lawful purpose.

4. How and Why We Use Personal Data

We collect and use personal data for the following purposes:

  • To provide access to and improve our Website and Services.
  • To communicate with you regarding enquiries, support requests, or contractual matters.
  • To monitor platform usage, security events, or technical diagnostics.
  • To maintain compliance with POPIA, GDPR, and ISO27001 obligations.
  • To send optional marketing communications where consent has been obtained.
  • To comply with legal or regulatory requirements, including data subject rights management, audit duties, and breach notifications.

We will only use your personal data where there is a lawful basis to do so. This includes your consent, the performance of a contract, our legal obligations, or legitimate business interests that do not override your rights.

5. Legal Bases for Processing

We process personal information only where we have a valid legal basis under applicable data protection laws. Depending on the context, our lawful bases for processing may include:

  • Consent: Where you have voluntarily provided your information and consented to specific processing activities.
  • Contractual Necessity: Where processing is necessary for the performance of a contract with you.
  • Legal Obligation: Where processing is required to comply with applicable laws and regulations.
  • Legitimate Interests: Where processing is necessary to pursue our legitimate business interests, provided these interests do not override your rights.

Where we rely on your consent, you have the right to withdraw it at any time by contacting us using the details in the “Contact Us” section.

6. Sharing of Personal Data

We do not sell your personal information. However, we may disclose your personal data to third parties in the following circumstances:

  • Affiliates and Subsidiaries: For internal administrative purposes or shared services.
  • Service Providers and Subprocessors: For service delivery, including IT, analytics, communication, and storage.
  • Legal and Regulatory Disclosures: To authorities where required by law or to protect our legal interests.
  • Business Transfers: In case of merger, acquisition, or other corporate changes.

All recipients are contractually obligated to protect the confidentiality and integrity of the data in accordance with POPIA, GDPR, and ISO/IEC 27001:2022.

7. International Data Transfers

Personal data may be transferred to countries outside your country of residence. Where such transfers occur, we ensure that:

  • Adequate safeguards are in place (e.g., Standard Contractual Clauses)
  • Transfers are based on adequacy decisions (if applicable)
  • Binding Corporate Rules or legally recognised mechanisms are implemented

You may request a copy of the relevant safeguards by contacting us.

8. Data Security

We implement appropriate security measures including:

  • Encryption and secure transmission
  • Role-based access controls
  • System monitoring
  • Incident response procedures
  • Staff training

Our framework aligns with ISO/IEC 27001:2022 and is regularly reviewed and tested.

9. Data Retention

We retain personal data only as long as needed for:

  • Providing services and account management
  • Compliance with legal and contractual obligations
  • Dispute resolution and legal protection

When no longer needed, data is securely deleted, anonymised, or archived. You may request our Data Retention Policy or schedule.

10. Your Rights

You have the following rights in relation to your personal data:

  • Right of Access: To obtain a copy of your data.
  • Right to Rectification: To correct inaccurate or incomplete data.
  • Right to Erasure: To delete data that’s no longer necessary or was processed unlawfully.
  • Right to Restriction: To limit processing in certain circumstances.
  • Right to Object: To object to processing based on legitimate interest or direct marketing.
  • Right to Data Portability: To transfer your data to another service provider.
  • Right to Withdraw Consent: To withdraw your consent at any time.

To exercise any of your rights, please contact us. We may request verification of your identity before processing your request.

11. Contact Details

Email: dpo@wyzetalk.com
Address: Unit D10, Octo Place, Electron Road, Techno Park, Stellenbosch, Western Cape, 7600 / Generaal Vetterstraat 4, 1059BV, Amsterdam, the Netherlands.
Attention: Nicole Swart (Data Protection Officer) / Pieter Roodt (Information Security Officer)

12. Complaints

If you are dissatisfied with how we handle your data, you may contact:

We encourage you to contact us first to resolve your concern.

13. Updates to This Policy

We may update this Privacy Policy periodically. The “Last Updated” date will reflect changes. Continued use of our website or services signifies your acceptance of the revised policy.