Privacy Policy for the Community Fresh Application

1.1 Welcome to Community Fresh (hereinafter referred to as “the Service”), operated by Seriti Institute (“us”, “we”, or “our”).
1.2 Seriti is committed to protecting the privacy of its data subjects and ensuring that all information is used reasonably, securely, in a manner relevant to our business activities and accordance with applicable laws. We respect your privacy and take the protection of Personal Information very seriously.

1.3 We are dedicated to delivering excellent service every time you use our Service, and to do this, we need to use some of your Personal Information. Our Community Fresh App Privacy Policy governs your visit to Community Fresh and explains how we collect, safeguard and disclose information that results from your use of our Service. This policy is also subject to the general privacy policy of Seriti Institute.
1.4 The Protection of Personal Information Act (POPI) protects personal information and prescribes what we must and must not do with it. POPI created an Information Regulator that checks that companies manage personal information responsibly and respect your privacy.

2.1 We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions. Our Terms and Conditions (“Terms”) govern all use of our Service and, together with the Privacy Policy, constitute your agreement with us (“Agreement”).
2.2 Definitions:
a) The service means the Community Fresh app operated by Seriti Institute.
b) Personal information and process/processing bear the same meanings as set out in POPI.
c) We, us, or our refers to Seriti Institute.
d) You and your refers to every person that accesses or uses our Platforms, also referred to as a User.
2.3 Registered User(S) refers to anyone registered on our Platforms who has provided us with a unique cell phone number and password, as well as other Personal Information, to order goods and services on our Platforms.
2.4 Usage Data is data collected automatically, either generated by using the Service or from the Service infrastructure itself (for example, the duration of a page visit).
2.5 Cookies are small files stored on your device (computer or mobile device).
2.6 Data Controller means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the way any personal data are or are to be processed. For this Privacy Policy, we are a Data Controller of your data.
2.7 Data Processors (or Service Providers) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
2.8 Data Subject is any living individual who is the subject of Personal Data.

3.1 We collect various types of information for various purposes to provide and improve our Service to you in a reasonable, adequate, relevant, and purpose-specific manner.
3.2 When you register to use our Service, we may collect the following Personal Information:
e) Name and surname
f) Physical address
g) Gender
h) Mobile phone number
i) Location
j) Online identifiers
k) Date of Birth
l) Identification number
m) Cookies and Usage Data

3.3 You warrant that the information you have provided is accurate, current, true and correct and that does not impersonate or misrepresent any person or entity or falsely state or otherwise misrepresent your affiliation with anyone or anything.
3.4 We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any or all of these communications from us by following the unsubscribe link.

4.1 We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through any device (“Usage Data”). When you access the Service with a device, this Usage Data may include information such as the type of device you use, your device’s unique ID, your device operating system, the type of Internet browser you use, unique device identifiers and other diagnostic data, your device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit and the time spent on those pages.

5.1 We may use and store information about your location if you permit us to do so (“Location Data”). We use this data to provide features of our Service, improve our service, and customise our Service. You can enable or disable location services when you use our Service at any time through your device settings.

6.1 We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used, such as beacons, tags and scripts, to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

6.2 Examples of Cookies we use:
a) Session Cookies: We use Session Cookies to operate our Service.
b) Preference Cookies: We use Preference Cookies to remember your preferences and various settings and to personalise your interactions with our Service.
c) Security Cookies: We use Security Cookies for security purposes.
d) Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.

7.1 Seriti Institute uses the collected data for various purposes:

a) To provide and maintain our Service;
b) to notify you about changes to our Service;
c) to allow you to participate in interactive features of our Service when you choose to do so;
d) to provide customer support;
e) to gather analysis or valuable information so that we can improve our Service;
f) to monitor the usage of our Service;
g) to detect, prevent and address technical issues;
h) to fulfil any other purpose for which you provide it;
i) to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;
j) in any other way we may describe when you provide the information; k) for any other purpose with your consent.

7.2 Users may opt out of marketing communications at any time via email or in-app settings.

8.1 We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for more extended time periods.

9.1 We may transfer certain Personal Information outside the geographic borders of South Africa to service providers for the purposes set out above, including data storage and backup to ensure the integrity of our systems.
9.2 When we transfer your Personal Information outside South Africa’s geographic borders, we will ensure that it is done in accordance with the requirements for lawful transfer outside South Africa as set out in POPI.

10.1 We may disclose personal information that we collect or you provide for various purposes:
10.2 Disclosure for Law Enforcement: Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities.
10.3 Business Transaction: If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.
10.4 Other cases: We may disclose your information also:
a) to our subsidiaries and affiliates; b) to contractors, service providers, and other third parties we use to support our business;
c) to fulfil the purpose for which you provide it;
d) for the purpose of including your company’s logo on our website;
e) for any other purpose disclosed by us when you provide the information;
f) with your consent in any other cases;
g) if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Seriti Institute, our customers, or others.

11.1 The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
11.2 We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
11.3 If you wish to be informed about what Personal Information we hold about you and if you want it removed from our systems, please email us at info@seriti.org.za.

12.1 Having provided adequate proof of your identity, you have the right to:
12.1.1 View, correct, object and/or amend your Personal Information we process. Please note that as a registered user, you can do this through your user account for the Personal Information reflected therein.
12.1.2 Request a record or description of your Personal Information.
12.1.3 Request to have your Personal Information corrected, destroyed or deleted. Please note that you can stop being a registered user by cancelling your account. In this instance Seriti Institute will only retain your Personal Information subject to any legislative requirement and/or our internal retention policy.
12.1.4 We comply with your requests upon receipt unless we have a credible reason why we cannot comply.
12.1.5 Us indicating where, if we cannot agree whether to correct or delete your Personal Information as requested, a correction or deletion was requested but was not made.
12.1.6 Inform you, if reasonably practicable, should we change your Personal Information, and this has an impact on decisions about you.
12.1.7 Notify you of the action taken by us because of your request.
12.1.8 Notify you of unauthorised access to your Personal Information.
12.1.9 Provide you with reasonable evidence of our compliance with our obligations under this Privacy Policy on reasonable notice and request.
12.1.10 Submit a complaint to the Information Regulator.

13.1 If you have any complaints about this Privacy Policy or our compliance with it, you can lodge a complaint with the Information Regulator.
13.2 The contact details of the Information Regulator are available on its website at: https://justice.gov.za/inforeg/
13.3 We may occasionally update this Privacy Policy. When you use our Platforms, the version posted on this page applies to you.