POPIA Compliance Notice

Introduction

Syniq Ops ("we", "us", "our"), operated by Syniq (Pty) Ltd, is committed to complying with the Protection of Personal Information Act 4 of 2013 (POPIA) of the Republic of South Africa. This notice outlines how we process personal information in accordance with POPIA's eight conditions for lawful processing.

Responsible Party

Syniq (Pty) Ltd is the responsible party under POPIA for the processing of your personal information. Our contact details are:

• Company: Syniq (Pty) Ltd
• Email: syniq.store@gmail.com
• Service: Syniq Ops Business Management Platform

Personal Information We Process

We collect and process the following categories of personal information:

• Account Information: Name, email address, password (encrypted), business name
• Business Information: VAT registration number, contact details, business address
• Client Data: Information you store about your clients (names, contact details, VAT numbers)
• Financial Data: Invoices, expenses, job records, payment information
• Usage Data: Log files, IP addresses, browser type, device information, usage patterns
• Communication Data: Support requests, feedback, correspondence with us

Purpose of Processing

We process your personal information for the following purposes:

• To create and maintain your user account
• To provide the Syniq Ops platform and its features
• To process payments and manage billing
• To authenticate users and maintain security
• To provide customer support and respond to inquiries
• To improve our services and develop new features
• To send important service updates and notifications
• To comply with legal obligations and prevent fraud

Legal Basis for Processing

We process personal information based on the following lawful grounds under POPIA:

• Consent: You have given explicit consent for us to process your data for specific purposes
• Contract Performance: Processing is necessary to fulfill our service agreement with you
• Legal Obligation: Processing is required to comply with South African laws and regulations
• Legitimate Interest: Processing is necessary for our legitimate business interests (e.g., security, fraud prevention)

Data Subject Rights Under POPIA

As a data subject under POPIA, you have the following rights:

• Right to Access: Request access to your personal information we hold
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Right to Object: Object to the processing of your personal information in certain circumstances
• Right to Data Portability: Request your data in a portable format
• Right to Withdraw Consent: Withdraw previously given consent at any time
• Right to Lodge a Complaint: Lodge a complaint with the Information Regulator

Security Measures

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, loss, destruction, or alteration:

• Encryption of data in transit and at rest
• Secure authentication mechanisms
• Regular security audits and updates
• Access controls and user permissions
• Secure hosting infrastructure
• Staff training on data protection

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this notice, unless a longer retention period is required by law. When you close your account, we will delete or anonymize your personal information within a reasonable timeframe, except where retention is required for legal, regulatory, or legitimate business purposes.

Sharing of Personal Information

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party service providers who assist in operating our platform (e.g., hosting, payment processing)
• Legal Authorities: When required by law or to protect our rights and safety
• Business Transfers: In the event of a merger, acquisition, or sale of assets

We ensure that all third parties are bound by confidentiality obligations and comply with POPIA requirements.

Cross-Border Data Transfers

Your personal information may be processed on servers located outside of South Africa. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with POPIA requirements, including contractual agreements with service providers.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. For detailed information about our use of cookies, please see our Cookie Policy.

Changes to This Notice

We may update this POPIA Compliance Notice from time to time. We will notify you of any material changes via email or through the platform. Your continued use of our services after such notification constitutes acceptance of the updated notice.

Exercising Your Rights

To exercise any of your rights under POPIA, please contact us at:

• Email: syniq.store@gmail.com
• Subject Line: "POPIA Data Subject Request"

We will respond to your request within a reasonable timeframe as required by POPIA.

Information Regulator

If you believe we have not complied with POPIA, you have the right to lodge a complaint with the Information Regulator (South Africa):

• Website: www.justice.gov.za/inforeg
• Email: inforeg@justice.gov.za