Privacy Policy

Privacy Policy Last updated: February 28, 2026

Oh So Tech (Pty) Ltd (“we”, “us”, or “our”) is committed to protecting your privacy and ensuring that your personal information is handled responsibly and securely. We are a South African IT services provider based in Gauteng (Doornpoort, Pretoria), offering managed IT support, on-site and remote repairs, cybersecurity, networking, data recovery, cloud services, custom software development, CCTV setup, hardware upgrades, server management, training, and more for SMEs and individuals.

This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in compliance with the Protection of Personal Information Act, 2013 (POPIA). By using our website https://www.ohsotech.com, submitting forms (e.g., contact, free IT audit request, or booking), or engaging our services, you agree to the practices described here.

We act as the responsible party under POPIA for the personal information we process.

1. Personal Information We Collect

We collect personal information that is necessary for providing our IT services, responding to inquiries, and improving our offerings. This may include:

  • Contact and Identification Details: Name, email address, phone number (including WhatsApp), company name, job title, and physical address (for on-site visits).
  • Service-Related Details: Descriptions of IT issues, device/hardware details, network configurations, login credentials (temporarily for troubleshooting), audit/consultation data, and any files or data shared for recovery, migration, or support.
  • Technical Data: IP address, browser type/user agent, device information, and usage data (e.g., pages visited, forms submitted) collected automatically via cookies or similar technologies.
  • Payment and Billing Information: If applicable for services (e.g., invoices), card details or banking info processed securely via third-party gateways—we do not store full payment details.
  • Other: Testimonials (with consent), feedback, or information from forms/emails.

We do not intentionally collect special personal information (e.g., health, race, religion) unless strictly necessary and with explicit consent (e.g., in rare cases related to employee data or specific service needs).

2. How We Collect Personal Information

  • Directly from you: Via contact forms, free IT audit requests, booking forms, emails, phone/WhatsApp calls, service agreements, or during on-site/remote support.
  • Automatically: Through website cookies, analytics tools, or server logs.
  • From third parties: Rarely, e.g., referrals or public sources (with lawful basis).

3. How We Use Your Personal Information

We process personal information for legitimate purposes, including:

  • Providing and managing IT services (e.g., support tickets, repairs, audits, installations).
  • Communicating with you (quotes, updates, emergency support).
  • Improving services, troubleshooting, and training (with anonymization where possible).
  • Marketing our services (e.g., newsletters, tips on cybersecurity) — only with your consent.
  • Complying with legal obligations, resolving disputes, or enforcing agreements.
  • Internal administration (e.g., invoicing, record-keeping).

Processing is based on:

  • Your consent (e.g., for marketing or certain forms).
  • Necessity to perform a contract (e.g., service delivery).
  • Legitimate interests (e.g., security, service improvement).
  • Legal requirements.

4. Cookies and Similar Technologies

Our website uses cookies and similar tools for functionality, analytics, and performance. These may include:

  • Essential cookies (for site operation).
  • Analytics cookies (e.g., to track usage anonymously).
  • Preference cookies (if any).

We do not use extensive tracking for advertising. You can manage cookies via browser settings. For more details, see our Cookie Policy (or integrate consent banner if implemented). We recommend avoiding uploading images with embedded EXIF/GPS data to our site (e.g., in support tickets).

5. Sharing Your Personal Information

We share personal information only when necessary:

  • With service providers/operators (e.g., cloud hosts like AWS/Azure/Google Cloud, payment processors, antivirus vendors) under strict agreements ensuring POPIA compliance.
  • With business partners (e.g., hardware suppliers for warranties) on a need-to-know basis.
  • To comply with law, respond to legal requests, or protect rights/safety.
  • In business transfers (e.g., merger).

We do not sell your personal information. No sharing with unrelated third parties for marketing without consent.

6. International Transfers

Some tools/services (e.g., cloud providers) may transfer data outside South Africa. We ensure adequate protections (e.g., binding agreements, adequacy decisions, or safeguards per POPIA Section 72).

7. How Long We Retain Your Personal Information

We keep personal information only as long as necessary:

  • For active clients: Duration of service/contract plus reasonable period for records (e.g., 5–7 years for tax/legal purposes).
  • Inquiries/quotes: Up to 12 months if no engagement.
  • Comments/testimonials: Indefinitely (with consent) unless requested removal.
  • Automatically collected data: Shorter periods (e.g., analytics logs).

After this, we securely delete or anonymize it.

8. Security of Your Personal Information

We implement reasonable technical and organizational measures (e.g., encryption, access controls, firewalls, regular updates) to protect against unauthorized access, loss, or breach. As an IT/cybersecurity provider, we prioritize security—but no system is 100% secure.

In case of a breach likely to cause harm, we will notify you and the Information Regulator as required by POPIA.

9. Your Rights Under POPIA

You have the right to:

  • Be informed about processing.
  • Access your personal information.
  • Request correction/deletion (subject to legal retention).
  • Object to processing (e.g., direct marketing).
  • Restrict processing in certain cases.
  • Withdraw consent (where consent-based).
  • Lodge a complaint with the Information Regulator.

To exercise rights, contact our Information Officer (details below). We respond within reasonable timeframes (typically 30 days).

10. Children’s Personal Information

Our services and website are not directed at children under 18. We do not knowingly collect data from minors without parental/guardian consent.

11. Updates to This Policy

We may update this policy. Changes will be posted here with the updated date. Continued use constitutes acceptance.

12. Contact Us / Information Officer

For questions, requests, or complaints:

  • Email: hello@ohsotech.com
  • Phone/WhatsApp: 084 482 5962
  • Address: Doornpoort, Pretoria, Gauteng, South Africa (mobile/on-site service)

Information Regulator (South Africa): https://inforegulator.org.za or inforeg@justice.gov.za

 

Thank you for trusting Oh So Tech with your IT needs and personal information. We are dedicated to transparency and protection.

Shopping Cart
Scroll to Top