Your privacy is critically important to us. At The Billing Co we have a few fundamental principles:
- We don’t ask you for personal information unless we truly need it. (We can’t stand services that ask you for things like your gender or income level for no apparent reason.)
- We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights.
- We don’t store personal information on our servers unless required for the on-going operation of one of our services.
- Within our products, we aim to make it as simple as possible for you to control what can be kept private the ability to permanently delete data.
Below is our privacy policy which incorporates these goals: Should you wish to enquire about how your personal data is being dealt with, please contact us.
The Billing Co owns and operates several online services including thebillingco.co.za. It is our policy to respect your privacy regarding any information we may collect while operating our online services.
Website Visitors
Like most website operators, The Billing Co collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. The Billing Co’s purpose in collecting non-personally identifying information is to better understand how The Billing Co s visitors use its services. From time to time, The Billing Co may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its services.
The Billing Co also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in. The Billing Co only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below.
Gathering of Personally-Identifying Information
Certain users of The Billing Co online services choose to interact with The Billing Co in ways that require The Billing Co to gather personally-identifying information. The amount and type of information that The Billing Co gathers depends on the nature of the interaction. For example, we ask users who sign up for a The Billing Co shop user account to provide a username, email address and company information. Those who engage in transactions with The Billing Co – by purchasing additional access to the available online services, for example – are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, The Billing Co collects such information only insofar as is necessary or appropriate to fulfil the purpose of the user’s interaction with our online services. The Billing Co does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.
Aggregated Statistics
The Billing Co may collect statistics about the behaviour of visitors to its websites. For instance, The Billing Co may monitor the most popular uses of The Billing Co.biz to better optimise the user interface in future releases. The Billing Co may display this information publicly or provide it to others. However, The Billing Co does not disclose personally-identifying information other than as described below.
Protection of Certain Personally-Identifying Information
The Billing Co discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on The Billing Co’s behalf or to provide online services available from The Billing Co, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using The Billing Co’s websites, you consent to the transfer of such information to them. The Billing Co will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, The Billing Co discloses potentially personally-identifying and personally-identifying information only in response to lawful legal procedure, court order or other legal governmental request, or when The Billing Co believes in good faith that disclosure is reasonably necessary to protect the property or rights of The Billing Co, third parties or the public at large. If you are a registered user of a The Billing Co web service and have supplied your email address, The Billing Co may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with The Billing Co and our products. We primarily use our various online communication mediums to communicate this type of information, so we expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. The Billing Co takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
Cookies
A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. The Billing Co may use cookies to help identify and track visitors, their usage of The Billing Co online services, and their service access preferences. The Billing Co online service users who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using The Billing Co services, with the drawback that certain features of our online services may not function properly without the aid of cookies.
Business Transfers
If The Billing Co, a specific service, or substantially all of its assets, were acquired, or in the unlikely event that The Billing Co goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of The Billing Co or the specific service may continue to use your personal information as set forth in this policy.
Ads
The Billing Co does not have any ads appearing on any of our online services at this time. At any point if we decide to run adverts, these may be delivered to users by advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. This Privacy Policy covers the use of cookies by The Billing Co and does not cover the use of cookies by any advertisers.
Privacy Policy Changes
Although most changes are likely to be minor, The Billing Co may change its Privacy Policy from time to time, and in The Billing Co’s sole discretion. The Billing Co encourages visitors to frequently check this page for any changes to its Privacy Policy. If you have an account on any of our online services, you should also check your dashboard for alerts to these changes. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.
(Note, this document is available for reuse and modification under a Creative Commons Sharealike license. We have borrowed parts of this licence from automattic.com and built on it)
POPIA and GDPR
The Billing Co recognises the importance of protecting data and complying with jurisdictional data laws. These laws include but are not limited to POPIA and GDPR.
Please note that The Billing Co is not providing legal advice, and we advise our clients to consult with their own independent legal counsel for any information related to compliance with POPIA, GDPR or other legislation in your region.
What is POPIA
The South African Protection of Personal Information Act (POPIA) is a comprehensive data protection and privacy legislation enacted in South Africa. POPIA aims to regulate the processing of personal information in a manner that respects individuals’ privacy rights while promoting responsible and secure data handling practices by organisations. It establishes guidelines and principles for the lawful and transparent collection, storage, processing, and sharing of personal information, requiring organisations to obtain consent for data processing, protect data against breaches, and grant individuals certain rights over their personal information. POPIA also imposes obligations on businesses to implement appropriate security measures and to notify authorities and affected individuals in the event of data breaches. Compliance with POPIA is essential for organisations operating in South Africa to ensure the privacy and protection of individuals’ personal data.
POPIA Definitions:
| A responsible party | a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information |
| An Operator | a person who processes personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that party |
| Personal information | information relating to an identifiable, living, natural person and, where applicable, to an identifiable, existing juristic person |
| data subject | the person to whom personal information relates |
What is GDPR
GDPR is designed to safeguard the privacy and personal data of EU residents and applies not only to organisations based in the EU but also to any entity worldwide that processes the personal data of individuals within the EU. GDPR is a comprehensive framework that enhances individuals’ privacy rights, increases transparency, and places significant responsibilities on organisations to handle personal data with care and in compliance with the law. It has had a far-reaching impact on data protection and privacy practices globally, setting a high standard for data protection regulations worldwide.
Which laws apply to The Billing Co
POPIA only applies where either the responsible party is domiciled in South Africa or is using means in South Africa. GDPR applies where the responsible party is domiciled in the European Union or storing data for European Union citizens. If you fall within the definition of a responsible party, and The Billing Co contains a data subject’s personal information then POPIA or GDPR will likely apply.
Personal information might be stored in obvious locations, such as fields identified by the personal data label like name and address, or personal information may be stored in less obvious locations, for example as unstructured data such as comments, notes, custom fields, or file attachments. As a responsible party, the client (you) determine what personal information you will store within the system and where you store it.
As an operator, The Billing Co has taken steps to secure personal information that is stored or input into the system.
The conditions for lawful processing of information
POPIA provides for eight conditions for the lawful processing of personal information including:
1. Accountability
The responsible party must ensure that the conditions and all the measures set out in the Act that give effect to such conditions, are complied with at the time of determining the purpose and means of the processing.
Both the client and The Billing Co have responsibilities with regards to the protection of personal information and must comply with the act in its entirety.
2. Purpose specification
Personal information may only be processed in a fair and lawful manner and only with the consent of the data subject.
The responsible person in this case is the client, any personal information added to The Billing Co must have been gathered with the consent of the data subject
3. Processing limitation
Personal information may only be processed for specific, explicitly defined and legitimate reasons.
The client should only store personal information in The Billing Co for the specific purpose that the information was collected for and for which permission has been given.
4. Further processing limitation
Personal information may not be processed for a secondary purpose unless that processing is compatible with the original purpose.
E.g. If the information was provided with the purpose of selling a specific product or service, it could not be used for marketing a different product or service.
5. Information quality
The responsible party must take reasonable steps to ensure that the personal information collected is complete, accurate, not misleading and updated where necessary.
Personal information should not misrepresent the individual or entity.
6. Openness
The data subject whose information you are collecting must be aware that you are collecting such personal information and for what purpose the information will be used.
Reasons for collecting personal data must be specified and simple to understand.
7. Security safeguards
Personal information must be kept secure against the risk of loss, unlawful access, interference, modification, unauthorised destruction and disclosure.
This is the primary condition where The Billing Co is the responsible party. Security measures are in place to keep personal information secure. The Client maintains responsibility for keeping their user accounts secure.
8. Data subject participation.
Data subjects may request whether their personal information is held, as well as the correction and/or deletion of any personal information held about them.
There must be defined processes whereby users can refuse the collection of personal data and personal data can be removed or corrected as needed.
FAQ’s
Do you need consent to store data in The Billing Co?
You need consent to store and communicate with an individual whose information is stored in The Billing Co. It’s a good idea to inform people that you are storing their data and how you will use it, then get their permission to use their data. People may also request that their data is deleted and you must comply with their request.
The Billing Co provides the tools you need to remain compliant and we are consistently improving our service to make it simpler to go out and make sales.
What is consent?
Someone handing over a business card or giving you an email address to enter a competition is not sufficient. The user has to explicitly consent to how their information is used. Be sure to let people know how you are storing their information and how you intend to use it.What
What is positive Opt-in?
You cannot ask a person if they want to opt out of you using their data for whatever you like. The person has to specifically opt-in to you using their data for a specific purpose. You can’t contact a person under the assumption that they’ll tell you if they don’t want to communicate with you anymore.
Can I Buy Lists of Leads? / 3rd Party Consent
A person has to consent to a specific organisation using their data. That means contacting someone based on a list you bought, even if the person who you bought the list from had permission to sell it to you (which is unlikely), is not allowed. Just don’t do it.
Who does the law apply to?
GDPR is in effect for all members of the European Union. Any person or company conducting business or making products or services available to persons within the EU must comply to the law. It does not apply outside the EU. POPIA applies in South Africa. Many other countries do have their own privacy and data laws in place.
Where does The Billing Co store information?
The data of European citizens must remain in the EU. Don’t worry, at The Billing Co we store all our European user data in Europe. We consistently work on improving our security and doing our best to make sure any data you store on The Billing Co stays safe.