Scroll Top

Design@Bay Privacy Policy

Protection of Personal Information Act (POPI) Compliance Statement

South Africa’s new data protection law, POPIA (link, came into full effect on 1 July 2021.

Design@Bay is committed to ensuring the security and protection of the personal information that we process and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program that complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the POPIA.

Design@Bay respects your privacy and is committed to protecting your personal data. We want to assure you that all data shared with Design@Bay is securely stored according to best business practices, and access is strictly controlled. This privacy policy informs you how we look after your personal data when you visit our website and do business with us.


Design@Bay is responsible for your personal data (collectively referred to as “Design@Bay”, “we”, “us”, or “our” in this privacy policy).

Design@Bay operates the website:

Purpose of this privacy policy

This privacy policy aims to give you information on how Design@Bay collects and processes your personal data through your use of this website, including any data you may provide through this website, for example, when you contact us or sign up to a newsletter.

This privacy policy must be read together with any other privacy notice or fair processing notice we may provide on specific occasions when collecting or processing personal data about you to fully know how and why we are using your data. This privacy policy supplements the other notices and is not intended to override them.

The data we collect about you

The Design@Bay website may collect certain information about your visit, such as ;

  • the name of the Internet service provider and the Internet Protocol (IP) address through which you access the Internet;
  • the date and time you access the website;
  • the pages that you access while at the website; and
  • the Internet address of the website from which you linked directly to our website.

This information is used to help improve the website, analyse trends, and administer the website.

We may need to change this policy from time to time to address new issues and reflect changes on our website. We will post those changes here so that you will always know what information we gather, how we might use that information, and whether we will disclose that information to anyone. Please refer back to this policy regularly. If you have any questions or concerns about our privacy policy, please send us an email.

By using this website, you signify your acceptance of our Privacy Policy. If you do not agree to this policy, please do not use our website. Your continued use of the website following the posting of changes to these terms will mean that you accept those changes.

Cookie/Tracking Technology

The website may use cookie and tracking technology depending on the features offered. Cookie and tracking technology are useful for gathering information such as browser type and operating system, tracking the number of visitors to the website, and understanding how visitors use the Site. Cookies can also help customise the Site for visitors. Personal information cannot be collected via cookies and other tracking technology; however, cookies may be tied to such information if you previously provided personally identifiable information. Aggregate cookie and tracking information may be shared with third parties.

You can set your browser to refuse all or some browser cookies or alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

 Third-Party Links

To provide increased value to our Users, we may provide links to other websites or resources. You acknowledge and agree that we are not responsible for the availability of such external sites or resources and do not endorse and are not responsible, directly or indirectly, for the privacy practices or the content (including misrepresentative or defamatory content) of such websites, including (without limitation) any advertising, products or other materials or services on or available from such websites or resources, nor for any damage, loss or offence caused or alleged to be caused by, or in connection with, the use of or reliance on any such content, goods or services available on such external sites or resources.

How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

1. Where it is necessary for our legitimate interests (or those of a third party), your interests and fundamental rights do not override those interests.

Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before processing your personal data for our legitimate interests.

2. Where you have given us consent

Consent means that you have given us clear consent to process your data for a specific purpose. You have the right to withdraw consent to marketing at any time by contacting us.

3. Where we need to comply with a legal or regulatory obligation.

Complying with a legal or regulatory obligation means processing your personal data where necessary to comply with a legal or regulatory obligation that we are subject to.

Purposes for which we will use your personal data

1. Legitimate interests

We rely on the legitimate interest basis to process your data in the following circumstances:

  • To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

This is necessary for running our business, provision of administration and IT services, network security to prevent fraud and in the context of a business reorganisation or a restructuring exercise.

  • To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.

This is necessary to study how individuals use our website, develop our website, grow our business, and inform our strategy.

  • To use data analytics to improve our website, services, marketing, users relationships and experiences.

This is necessary to define types of users for our services, keep our website updated and relevant, and develop and inform our strategy.

  • To respond to queries made through the website.

This is necessary to be able to provide you with a response to your query.

2. Consent

We rely on your consent to process your data in the following circumstances:

  • Send you marketing material when you have signed up to receive our marketing material or asked a specific question on our website.

3. Legal or regulatory obligation

We also rely on the legal or regulatory obligation ground to process your data in some circumstances. This means processing your personal data necessary for compliance with a legal or regulatory obligation that we are subject to.

Please contact us if you want more details about the specific legal ground we rely on to process your personal data.

Disclosures of your personal data

We may have to share your personal data with the parties set out below for the purposes set out in paragraph 4 above.

External Third Parties:

Service providers who provide IT, system administration services and e-marketing on the Design@Bay’s behalf.

Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.

South African Revenue Service & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances.

Third parties may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, the new owners may use your personal data the same way as set out in this privacy notice.

We require all third parties to respect the security of your personal data and treat it according to the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and per our instructions.

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and notify you and any applicable regulator of a breach where we are legally required to do so.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.

We consider the amount, nature, and sensitivity to determine the appropriate retention period for personal data. This, along with the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.

Contact details

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.

Tel: +27 41 374 1331 / 373 7045


Our Address: 11 Stanley Street, Central, Gqebera, South Africa

Call Now Button