1. Introduction

Welcome to SA Homeschooling & Beyond (“we,” “us,” “our”). We are committed to protecting the privacy and security of your Personal Information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our2 website sahomeschooling.com (the “Site”).

This policy is primarily drafted in accordance with the Protection of Personal Information Act, No. 4 of 2013 (“POPIA”) of the Republic of South Africa. We also acknowledge that visitors may access our Site from other jurisdictions, and we strive to uphold applicable international data protection standards where relevant, such as the General Data Protection Regulation (GDPR) for visitors from the European Economic Area (EEA), UK, and Switzerland.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

2. Definitions

  • “Personal Information” means information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person, including, but not limited to, information relating to race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth; information relating to the education or the medical, financial, criminal or employment history; any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier8 or other particular assignment; biometric information; personal opinions, views or preferences; correspondence sent that is implicitly or explicitly of a private or confidential nature; and the views or opinions of another individual about the person. This also  encompasses “Personal Data” as defined under GDPR and similar terms under other applicable laws.
  • “Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including its collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use; dissemination by means of transmission, distribution or making available in any other form; or merging, linking, as well as restriction, degradation, erasure or destruction of information and understood to encompass “Personal Data” as defined under GDPR and similar terms under other applicable laws.
  • “Data Subject” refers to the individual to whom the Personal Information relates.
  • “Information Officer” is the person designated by us as responsible for ensuring compliance with POPIA.
  • “GDPR”: The General Data Protection Regulation (EU) 2016/679.
  • “EEA”: European Economic Area (EU member states plus Iceland, Liechtenstein, and Norway).

3. Information We Collect

We may collect Personal Information about you in various ways:

  • Information You Provide Directly:
  • Comments: When you leave comments on the Site, we collect the data shown in the comments form (e.g., name, email address), and also your IP address and browser user agent string to help spam detection. Your comment and its metadata are retained indefinitely unless you request deletion.
  • Contact Forms: If you contact us via a contact form, we collect your name, email address, and any information you provide in your message to respond to your inquiry.
  • Newsletter Subscription: If you subscribe to our newsletter, we collect your name and email address to send you updates. You can unsubscribe at any time using the link provided in the emails.
  • Information Collected Automatically:
  • Log Data and Usage Data: Like many websites, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”)14 address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, and other15 statistics.
  • Cookies and Tracking Technologies: We use cookies and similar tracking technologies (like web beacons and pixels) to access or store information, enhance user experience, analyse site traffic, and potentially for marketing purposes. Please see Section 9 below for more details.

4. How We Use Your Information

We process your Personal Information for the following purposes based on legitimate grounds recognized under POPIA:

  • To Operate and Maintain Our Site: Processing technical data like IP addresses and browser information is necessary for the functioning and security of the Site (Legitimate Interest).
  • To Respond to Your Comments and Inquiries: Processing contact details and messages you submit (Consent/Legitimate Interest).
  • To Send Newsletters and Updates: Sending communications you have subscribed to (Consent).
  • To Improve Our Site: Analysing usage data to understand how visitors interact with our content (Legitimate Interest).
  • To Prevent Spam and Ensure Security: Processing comment data and technical information (Legitimate Interest/Legal Obligation).
  • To Comply with Legal Obligations: Processing information as required by law (Legal Obligation).

5. Legal Basis for Processing (POPIA & GDPR)

We process your Personal Information only when we have a valid legal basis under POPIA and, where applicable, GDPR or other relevant laws. Our principal legal bases are:

  • Consent: Where you have given clear, affirmative consent for us to process your Personal Information for a specific purpose (e.g. subscribing to a newsletter, agreeing to non-essential cookies). You can withdraw consent at any time.
  • Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party (e.g., operating and securing our Site, responding to inquiries initiated by you, analysing site usage for improvements), provided these interests are not overridden by your fundamental rights and freedoms.
  • Legal Obligation: Where processing is necessary for us to comply with the law (e.g., mandatory reporting, responding to legal process).
  • Contract: While less common for a blog, if processing is necessary for a contract you have with us, or because you have asked us to take specific steps before entering into a contract.

6. Sharing Your Information

We do not sell your Personal Information. We may share your information with third parties only in the following situations:

  • Service Providers: We may share information with third-party vendors, consultants, and other service providers who perform services for us or on our behalf and require access to such information to do that work (e.g., website hosting, email delivery services, analytics providers like Google Analytics, spam detection services like Akismet). These providers are obligated to protect your information.
  • Legal Requirements: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
  • Vital Interests and Rights: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, illegal activities, or as evidence in litigation.
  • With Your Consent: We may disclose your Personal Information for any other purpose with your explicit consent.

We ensure that any third parties processing Personal Information on our behalf are contractually obligated to protect it and comply with applicable data protection laws.

7. International Transfers of Information

Your Personal Information may be processed, stored, and transferred to servers located outside of South Africa, including countries that may not have data protection laws equivalent to POPIA or GDPR.

We will only transfer your Personal Information internationally in compliance with POPIA and, where applicable, GDPR:

  • To countries deemed to provide an adequate level of protection by the South African Information Regulator or the European Commission.
  • By using appropriate safeguards recognised by law, such as entering into Standard Contractual Clauses (SCCs) approved by relevant authorities (like the European Commission) with the recipient.
  • Where you have explicitly consented to the proposed transfer after being informed of the potential risks.
  • Where the transfer is necessary for the performance of a contract between you and us, or for pre-contractual measures taken at your request.

Our use of common third-party services (e.g., Google Analytics, cloud hosting providers, email marketing platforms) may involve such transfers, and we rely on their implemented safeguards (like SCCs) where necessary.

8. Data Security

We use administrative, technical, and physical security measures to help protect your Personal Information. While we have taken reasonable steps to secure the Personal Information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable26 to interception and misuse by unauthorized parties.

9. Cookies and Tracking Technologies

We use cookies (small text files placed on your device) and similar technologies:

  • Essential Cookies: Necessary for the website to function properly (e.g., session management).
  • Performance/Analytics Cookies: Help us understand how visitors use our Site (e.g., Google Analytics).
  • Functionality Cookies: Remember choices you make (e.g., username).
  • Marketing/Targeting Cookies: Used by us or third-party advertisers (if applicable) to deliver relevant content or ads.

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. However, blocking essential cookies may impact your ability to use our Site. 

If you are accessing the Site from the EEA, UK, or other regions requiring explicit opt-in consent for non-essential cookies, we will seek your prior consent before placing such cookies via a consent management tool or banner. Essential cookies required for site functionality do not require prior consent but are explained here. You can manage cookie preferences.

10. Data Retention

We will retain your Personal Information only for as long as is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). For example:

  • Comment data is retained indefinitely unless deletion is requested, to recognize and approve follow-up comments automatically.
  • Analytics data is typically retained for a set period (e.g., 26 months).
  • Information provided via contact forms is retained as long as necessary to address the inquiry and for record-keeping.

11. Your Rights Regarding Your Personal Information

Depending on your location and the data protection laws applicable to you (such as POPIA in South Africa, GDPR in the EEA/UK), you may have the following rights concerning your Personal Information:

  • Right of Access: To request confirmation if we process your Personal Information and to obtain a copy of it.
  • Right to Rectification: To request correction of inaccurate or incomplete information.
  • Right to Erasure (‘Right to be Forgotten’): To request deletion of your Personal Information under certain conditions (e.g., no longer necessary, consent withdrawn, processed unlawfully).
  • Right to Object: To object to processing based on our legitimate interests or for direct marketing purposes.
  • Right to Restrict Processing: To request a limitation on how we process your Personal Information under specific circumstances.
  • Right to Data Portability (primarily under GDPR): To receive your Personal Information (that you provided to us based on consent or contract) in a structured, commonly used, machine-readable format, and to transmit it to another controller where technically feasible.
  • Right to Withdraw Consent: Where processing is based on your consent, you can withdraw it at any time (this won’t affect the lawfulness of processing before withdrawal).
  • Right Not to Be Subject to Automated Decision-Making: To not be subject to decisions based solely on automated processing (including profiling) that produce legal or similarly significant effects on you, except under specific circumstances.
  • Right to Lodge a Complaint: To file a complaint with the relevant supervisory authority (see Section 16).

To exercise these rights, please contact our Information Officer (details in Section 15). We may need to verify your identity before fulfilling your request. Please note that these rights are not absolute and may be subject to legal limitations.

12. Children’s Privacy

Our Site is not intended for use by individuals under the age of 18. We do not knowingly collect Personal Information from children under 18. If we become aware that we have collected Personal Information from a child under 18 without verification of parental consent, we will take steps to remove that information from our servers.

13. Links to Other Websites

Our Site may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Effective Date” at the top. You are advised to review this Privacy Policy41 periodically for any changes. Changes are effective when they are posted on this page.

15. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights under POPIA, please contact our designated Information Officer:

  • Stanley Moloto – Chief Digital Officer
  • Email: stanley@digitalafrikan.com

16. Information Regulator (South Africa)

If you are unsatisfied with our response or believe we are processing your Personal Information unlawfully, you have the right to lodge a complaint with the Information Regulator (South Africa):