Privacy Policy
Website Privacy Policy
SKS Hydraulics Africa (Pty) Ltd
Table of Contents
1 DEFINITIONS 3
2 INTRODUCTION 4
3 PRIVACY POLICY 4
4 INFORMATION COLLECTION AND USE 7
5 CONSENT AND WITHDRAWAL 8
6 DATA SUBJECT RIGHTS 9
7 THIRD PARTY DISCLOSURE 10
8 SECURITY SAFEGUARDS AND DATA BREACH NOTIFICATION 10
9 LOG FILES 11
10 COOKIES 12
11 LINKS FROM THE WEBSITE 12
12 APPLICATION OF THE ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT 25 OF 2002 (ECT ACT) AND COMPLIANCE WITH OTHER APPLICABLE SOUTH AFRICAN LAWS 13
DEFINITIONS
The following expressions bear the meanings assigned to them below and cognate expressions bear corresponding meanings:
“Consent”:Â means any voluntary, specific and informed expression of will in terms of which permission is given for the processing of personal information.
“Cookies”: Small data files or similar tracking technologies placed on a user’s device when they visit the Website, which may collect and store information about their online activities.
“Data Breach”:Â An incident in which Personal Information is accessed, disclosed, lost, or otherwise compromised without authorisation.
“Data Controller”:Â SKS Hydraulics Africa (Pty) Ltd (registration number: 2023/998175/07), the entity that determines the purposes and means of Processing Personal Information.
“Data Processor”:Â A third party, such as but not only Peach Payments Gateway or Bobgo Africa, that Processes Personal Information on behalf of the Data Controller.
“Data Subject”:Â The individual whose Personal Information is Processed by or on behalf of the Data Controller.
“Personal Information” or “Personal Data”:Â Any information relating to a Data Subject that can identify them directly or indirectly, including but not limited to first name, surname, email address, physical address, phone number, company name, company registration number, and age.
“Processing”:Â Any operation or set of operations performed on Personal Information, including collection, storage, use, disclosure, or destruction.
“Security Safeguards”:Â Technical and organisational measures implemented to protect Personal Information from unauthorised access, disclosure, loss, or destruction.
“Third Party”:Â Any person or entity other than the Data Subject, Data Controller, or Data Processor with whom Personal Information is shared.
“Website”: The website which can be found at www.skshydraulics.co.za.
INTRODUCTION
This Privacy Policy is to be read in conjunction with the Terms of Service, which is accessible at the URL: http://www.skshydraulics.co.za/website-terms-of-service//. By using the Website, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy and the associated Terms of Service.
This Privacy Policy outlines how SKS Hydraulics Africa (Pty) Ltd, as the Data Controller, collects, Processes, uses, and protects the Personal Information of Data Subjects who interact with the Website. It also describes the rights of Data Subjects regarding their Personal Information and the Security Safeguards implemented to protect such information.
This Privacy Policy is effective as of 05 March 2025 and applies to all users of the Website, including those who register or create a profile on the Website. It is subject to periodic updates to ensure compliance with applicable laws, including the Protection of Personal Information Act (POPIA) and other relevant South African legislation.
PRIVACY POLICY
For the purposes of this Privacy Policy, Personal Information, Processing is understood in accordance with the definition provided in the Protection of Personal Information Act 4 of 2013 (“POPIA”). SKS Hydraulics Africa subscribes to the principles outlined in POPIA and other relevant South African legislation. We are committed to ensuring the quality, accuracy, and confidentiality of Personal Information in our possession.
This Privacy Policy is designed to balance our legitimate business interests with your reasonable expectation of privacy. We will take all reasonable steps to prevent unauthorised access to or disclosure of your Personal Information. However, it is impossible to guarantee absolute security, and we cannot ensure or warrant the security of any Personal Information you provide us.
Users will be prompted to register an account on the Website. During registration, users will be asked to provide Personal Information, including but not limited to first name, surname, email address, physical address, phone number, company name, company registration number, and age.
We will limit the Processing of Personal Information to that which you Consent to, such as through online registration, newsletters, surveys, and marketing communications. Your agreement to this Privacy Policy constitutes your Consent as contemplated in section 69 of POPIA.
Payment information provided through the Website will be captured for transactional purposes. However, we will not retain payment information on our servers.
We will not collect, use, or disclose sensitive information (such as information about racial or ethnic origins or political or religious beliefs) except with your specific Consent or as permitted by law.
By agreeing to this Privacy Policy, you Consent to the use of your Personal Information for the following purposes:
The provision and performance of services offered on the Website;
Informing you of changes to the Website;
Marketing-related services, including newsletters, promotions, and updates;
Responding to your queries or requests;
Developing a direct and substantial relationship with users;
Developing an online user profile to enhance user experience;
Understanding general user trends and patterns to improve marketing strategies;
Security, administrative, and legal purposes;
Creating and developing aggregated market data profiles to improve our offerings, without compromising your identity.
We implement up-to-date, reasonable technical and organisational Security Safeguards to protect your Personal Information from accidental or intentional manipulation, loss, misuse, destruction, or unauthorised access. These measures are continually reviewed and improved to align with legal and technological developments.
Personal Information is stored directly or transferred to a central database. If the database is located in a country without substantially similar data protection laws, we will ensure your Personal Information is adequately protected as required by POPIA.
Personal Information will not be stored longer than necessary for the purposes described in this Privacy Policy or as required by law.
Access to Personal Information is restricted to our employees, representatives, and consultants on a need-to-know basis, subject to reasonable confidentiality obligations.
We do not accept users or their representatives under the age of 18 or without the legal capacity to be bound by this Privacy Policy.
We will not sell, share, or rent your Personal Information to any Third Party, except as required to provide our services, such as sharing with Peach Payments Gateway for payment processing or Bobgo Africa for courier services. Any emails sent by us will only relate to the provision of our services or marketing thereof.
INFORMATION COLLECTION AND USE
The Data Controller, SKS Hydraulics Africa, collects and Processes Personal Information from Data Subjects for specific and legitimate purposes, as outlined in this Privacy Policy. The types of Personal Information collected include, but are not limited to:
first name;
surname;
email address;
physical address;
phone number;
company name;
company registration number; and
age.
This information is collected directly from Data Subjects during the registration process or through their interaction with the Website.
The Personal Information collected is used for the following purposes:
To provide and perform services offered on the Website, including order processing and customer support;
To communicate with Data Subjects regarding changes to the Website, updates to services, or other administrative matters;
To send marketing-related communications, including newsletters, promotions, and updates, where Consent has been provided;
To respond to queries or requests submitted by Data Subjects;
To develop and enhance the relationship with users by improving the quality and relevance of services offered;
To create and analyse user profiles to improve the overall user experience;
To monitor and understand general user trends and patterns to inform marketing strategies and business decisions;
For security, administrative, and legal purposes, including compliance with applicable laws such as the Protection of Personal Information Act (POPIA); and
To develop aggregated market data profiles to improve the Website’s offerings, while ensuring the anonymity and confidentiality of individual Data Subjects.
Payment information provided through the Website is captured for transactional purposes only. The Data Controller does not retain payment information on its servers. All payment Processing is handled by Peach Payments Gateway, a Third Party Data Processor, in compliance with applicable laws and security standards.
The Data Controller does not share, sell, or rent Personal Information to Third Parties for marketing purposes, except as necessary to provide the services described in this Privacy Policy. Personal Information may be shared with Third Parties such as Peach Payments Gateway for payment Processing and Bobgo Africa for courier services, subject to appropriate confidentiality and Security Safeguards.
The Processing of Personal Information is limited to the purposes specified in this Privacy Policy or as otherwise disclosed to the Data Subject at the time of collection. The Data Controller ensures that Personal Information is not stored longer than necessary for these purposes or as required by law.
The Data Controller implements and maintains reasonable technical and organisational Security Safeguards to protect Personal Information from unauthorised access, disclosure, loss, or destruction. These measures are regularly reviewed and updated to align with legal and technological developments.
CONSENT AND WITHDRAWAL
The Data Subject provides Consent to the Processing of their Personal Information for the purposes outlined in this Privacy Policy, including but not limited to marketing, profiling, and service-related communications. Such Consent is obtained through clear affirmative actions, such as online registration, checkbox selection, or similar unambiguous methods.
The Data Subject may withdraw their Consent at any time by notifying the Data Controller in writing by sending an email to info@skshydraulics.co.za with the subject “Opt-Out”, or through the designated opt-out mechanisms provided on the Website. Withdrawal of Consent will not affect the lawfulness of Processing based on Consent before its withdrawal.
Upon withdrawal of Consent, the Data Controller will cease Processing the Data Subject’s Personal Information for the specified purposes, unless such Processing is required by law or necessary for the performance of a contract with the Data Subject.
The Data Subject acknowledges that withdrawing Consent may limit their ability to access certain features or services on the Website.
DATA SUBJECT RIGHTS
In accordance with the Protection of Personal Information Act (POPIA) and other applicable laws, the Data Subject has the right to access, correct, or delete their Personal Information held by the Data Controller. The Data Subject may exercise these rights by submitting a written request to the Data Controller in the manner prescribed by POPIA.
The Data Subject has the right to object to the Processing of their Personal Information, particularly for marketing or profiling purposes, and to withdraw their Consent at any time. Such withdrawal of Consent will be effective upon receipt of the Data Subject’s notification, unless the Processing is required by law or necessary for the performance of a contract.
The Data Subject may request a record of their Personal Information held by the Data Controller, including details of the purposes for which it has been Processed, the recipients of such information, and the period for which it will be retained. The Data Controller will respond to such requests within a reasonable timeframe as prescribed by law.
The Data Subject has the right to lodge a complaint with the Information Regulator if they believe their rights under POPIA have been violated. The Data Controller will cooperate with the Information Regulator in addressing such complaints.
The Data Controller will notify the Data Subject of any rectification, erasure, or restriction of Processing of their Personal Information, unless such notification is impossible or involves disproportionate effort.
To access, correct, or delete your personal information, submit a written request to:
Email: info@skshydraulics.co.za.
Postal Address: 23 Milkwood Crescent, Stand 56, Seringeti Golf Estate, Kempton Park, Gauteng, 1619, South Africa
Requests will be processed within 21 (twenty-one) business days, subject to verification of identity. The Data Controller reserves the right to charge a reasonable administrative fee for excessive or repetitive requests.
THIRD PARTY DISCLOSURE
The Data Controller may share Personal Information with Third Parties, including but not limited to Peach Payments Gateway for payment processing and Bobgo Africa for courier services, where necessary to provide the services described in this Privacy Policy. Such disclosure will be limited to the purposes outlined in this Privacy Policy and will be subject to appropriate Security Safeguards and confidentiality obligations.
The Data Controller does not sell, transfer, or rent Personal Information to Third Parties for marketing purposes. Any sharing of Personal Information with Third Parties will be conducted in compliance with the Protection of Personal Information Act (POPIA) and other applicable South African laws.
If Personal Information is transferred outside South Africa, the Data Controller shall ensure that the recipient country has substantially similar data protection laws as specified under Section 72 of POPIA. If no such laws exist, the Data Controller shall implement binding corporate rules or standard contractual clauses to ensure data protection compliance, as required by POPIA.
The Data Controller shall take reasonable steps to ensure that Third Party service providers comply with data protection laws. However, and to the fullest extent permissible in law, the Data Controller shall not be liable for any unauthorised access, misuse, or breach of personal information by third parties
SECURITY SAFEGUARDS AND DATA BREACH NOTIFICATION
Security Safeguards:Â The Data Controller implements and maintains reasonable technical and organisational Security Safeguards designed to protect Personal Information from unauthorised access, disclosure, loss, or destruction. These measures are regularly reviewed and updated to address evolving risks and comply with applicable laws, including the Protection of Personal Information Act (POPIA).
Data Breach Notification:Â In the event of a Data Breach, the Data Controller will promptly assess the nature and scope of the breach. If the breach poses a risk to the rights and freedoms of Data Subjects, the Data Controller will notify the Information Regulator and affected Data Subject(s) without undue delay, in accordance with the requirements of POPIA. Such notification will include details of the breach, the likely consequences, and the measures taken or proposed to mitigate its effects.
Mitigation Measures:Â The Data Controller will take immediate steps to contain and mitigate the impact of any Data Breach, including investigating its cause, implementing corrective actions, and preventing future occurrences. The Data Controller will also cooperate with relevant authorities as required by law.
Limitation of liability: To the maximum extent permissible in law, the Data Controller shall not be liable for any loss, damage, or harm suffered by any Data Subject due to unauthorised access, cyberattacks, or data breaches caused by Third Party service providers, provided that reasonable security measures were in place.
LOG FILES
When you visit the Website, even if you do not register or create an account, the Data Controller may automatically collect certain information, including but not limited to your IP address, the name of your Internet Service Provider (ISP), browser type, the website from which you accessed the Website, the pages you visit on the Website, the sequence of your visits, the date and duration of your visit, and other technical details such as your computer’s operating system, language settings, and broad demographic information.
This information is collected for internal use only and is aggregated and anonymised, meaning it does not directly identify you as a Data Subject. However, you acknowledge that this data may potentially be used to identify you if combined with other Personal Information you provide to the Data Controller.
The information collected through log files is not shared with Third Parties and is used solely on a need-to-know basis for purposes such as improving Website functionality, analysing user trends, and enhancing security measures. Any individually identifiable information related to this data will not be used in any manner other than as described in this Privacy Policy without your explicit Consent.
COOKIES
The Website uses Cookies as defined in clause 1.2. Cookies are small data files or similar tracking technologies placed on your device when you visit the Website. These may collect and store information about your online activities, enhancing your browsing experience.
The following types of Cookies are used on the Website:
Session Cookies:Â These are temporary Cookies that maintain a ‘session state’ during your use of the Website. They expire when you close your browser or after a period of inactivity. Session Cookies are essential for the Website to function optimally but do not identify you personally.
Permanent Cookies: These Cookies store a unique code on your device to identify you as an individual user. No Personal Information is stored in Permanent Cookies. While not required for the Website’s functionality, they may improve your browsing experience. You can view these Cookies in your browser’s settings.
Third Party vendors, such as Peach Payments Gateway, may use Cookies for transactional purposes. However, the Website does not retain payment information on its servers.
By using the Website, you Consent to the use of Cookies as described in this clause. Any Personal Information collected through Cookies will be processed in accordance with this Privacy Policy.
LINKS FROM THE WEBSITE
The Website may contain links to Third Party Websites, including payment gateways, courier services, or other external platforms (“Third Party Websites”). If you select a link to any Third Party Website, you may be subject to such Third Party Websites’ terms and conditions and/or other policies, which are not under the control or responsibility of the Data Controller.
Hyperlinks to Third Party Websites are provided “as is,” and the Data Controller does not necessarily agree with, edit, or sponsor the content on such Third Party Websites.
The Data Controller does not monitor or review the content of any Third Party Websites. Opinions expressed or material appearing on such websites are not necessarily shared or endorsed by the Data Controller, and the Data Controller should not be regarded as the publisher of such opinions or material.
Users should evaluate the security and trustworthiness of any Third Party Websites before disclosing any Personal Information to them. The Data Controller does not accept any responsibility for any loss or damage resulting from your disclosure of Personal Information to Third Parties.
APPLICATION OF THE ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT 25 OF 2002 (“ECT ACT”) AND COMPLIANCE WITH OTHER APPLICABLE SOUTH AFRICAN LAWS
Data Messages (as defined in the ECT Act) will be deemed to have been received by the Data Controller if and when the Data Controller responds to the Data Messages.
Data Messages sent by the Data Controller to a Data Subject will be deemed to have been received by such Data Subject in terms of the provisions specified in section 23(b) of the ECT Act.
Data Subjects acknowledge that electronic signatures, encryption, and/or authentication are not required for valid electronic communications between Data Subjects and the Data Controller.
Information to be provided in terms of section 43(1) of the ECT Act:
The Data Controller is SKS Hydraulics Africa (Pty) Ltd, a company incorporated in South Africa with registration number 2023/998175/07, and its registered address is 23 Milkwood Crescent, Stand 56, Seringeti Golf Estate, Kempton Park, Gauteng, 1619, South Africa.
The address for service of legal documents is 23 Milkwood Crescent, Stand 56, Seringeti Golf Estate, Kempton Park, Gauteng, 1619, South Africa.
The contact number for the Data Controller is 011 869 5020.
The Website URL is www.skshydraulics.co.za, and the URL where this Privacy Policy is located is http://www.skshydraulics.co.za/Privacy-Policy/.
The email address of the Data Controller is info@skshydraulics.co.za.
Data Subjects warrant that Data Messages sent to the Data Controller from any electronic device used by them were sent and/or personally authorised by them.
This Website and the processing of Personal Information are governed by the laws of South Africa, including but not limited to the Protection of Personal Information Act (POPIA), the ECT Act, and the Consumer Protection Act (CPA).
The Data Controller ensures that all electronic communications, transactions, and Processing of Personal Information comply with the applicable provisions of the ECT Act, POPIA, and other relevant South African legislation.
SKS Hydraulics Africa shall retain personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or as required by law. Upon expiration of this period, all Personal Information shall be securely deleted or anonymised.
This Privacy Policy is governed by the laws of South Africa.