📄 Privacy Policy

Effective Date: [Insert Date]
Platform: https://erp.syms.website
Company: SYMS Company (Pty) Ltd
Registration No: 2018/481405/07
Contact: [email protected] | +27 12 881 7331

1. Introduction

At erpSYMS, your privacy is important to us. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR).

By using our platform, you consent to the practices outlined in this policy.

2. Information We Collect

We may collect and process the following information:

a. Personal Information

• Full name, email address, phone number

• Company name and business details

• Job title or role

• Billing and payment information

b. System Usage Data

• Login activity

• Device and browser type

• IP address and geolocation (approximate)

• User actions and navigation within the ERP

c. Cookies and Tracking

• We use strictly necessary and optional cookies (analytics, performance, marketing). See our Cookie Policy.

3. How We Use Your Information

We use your data to:

• Provide access to and maintain the erpSYMS platform

• Deliver customer support and training

• Process billing and subions

• Improve system functionality and user experience

• Comply with legal and regulatory requirements

• Send platform updates, newsletters, or promotional content (opt-in only)

4. Legal Basis for Processing (GDPR)

Our lawful basis for collecting and processing your personal data includes:

• Contractual obligation: To deliver the ERP services you’ve subscribed to.

• Legal compliance: For tax, auditing, and regulatory purposes.

• Legitimate interest: For system security, improvement, and support.

• Consent: For marketing communications or optional cookies.

5. Data Sharing and Third Parties

We do not sell your data.

We may share limited data with trusted third-party processors for:

• Cloud hosting and data storage (e.g., AWS, Azure)

• Payment processing (e.g., Paystack, Stripe)

• Email communication platforms (e.g., Mailchimp, SendGrid)

• Legal or regulatory authorities when required by law

All third parties are contractually bound to data confidentiality and compliance.

6. Data Security

We implement strict technical and organizational measures to protect your data, including:

• Encrypted data transmission (SSL/TLS)

• Role-based access controls

• Secure data backups

• Regular security audits and monitoring

7. Data Retention

We retain your data only as long as necessary for the purposes stated, or as required by law. You may request data deletion at any time unless it conflicts with legal obligations.

8. Your Rights (POPIA & GDPR)

You have the right to:

• Access your personal data

• Correct or update inaccurate data

• Object to certain types of processing

• Request data deletion ("right to be forgotten")

• Withdraw consent for marketing communications

• Lodge a complaint with the Information Regulator (South Africa) or your local authority

To exercise any of these rights, contact us at [email protected].

9. International Data Transfers

If you access erpSYMS from outside South Africa, please note your data may be transferred and processed in countries with different data protection laws. We ensure such transfers meet GDPR or equivalent safeguards.

10. Children’s Privacy

Our services are intended for business use only and are not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors.

11. Updates to This Policy

We may update this Privacy Policy occasionally. Updates will be posted on this page with a revised effective date. Continued use of erpSYMS constitutes your acceptance of the revised terms.

12. Contact Us

If you have questions or concerns regarding your privacy or this policy:

📧 Email: [email protected]
📞 Phone: +27 12 881 7331
📍 Address: 1 Amarand Avenue, Waterkloof Glen, Pretoria, 0081, South Africa