VVynta Integrate

Legal

POPIA Policy & Compliance Statement

Last updated: 26 June 2026

Vynta (Pty) Ltd is committed to compliance with the Protection of Personal Information Act, 2013 (POPIA) and the related Regulations issued by the South African Information Regulator. This statement explains how we apply POPIA's eight conditions for lawful processing.

Draft notice: This document is a plain-language draft. Vynta recommends independent legal review before relying on it for a live commercial product.

1. Lawful Processing

Vynta processes personal information only where we have a lawful basis: performance of a contract with you, your consent, our legitimate interests (balanced against your rights), legal obligation, or the protection of a legitimate interest of the data subject.

2. Consent

Where consent is required, we obtain it in a clear, specific and informed manner. Consent can be withdrawn at any time by contacting our Information Officer.

3. Information Officer

Information Officer: Placeholder Name
Email: privacy@vynta.co.za
Postal: Vynta (Pty) Ltd, Cape Town, South Africa.

The Information Officer is registered with the Information Regulator of South Africa.

4. Data Subject Rights Under POPIA

  • To be notified that personal information is being collected.
  • To access your personal information held by Vynta.
  • To request correction or deletion of personal information.
  • To object to the processing of personal information.
  • To object to direct marketing.
  • To complain to the Information Regulator.

5. Direct Marketing (Section 69)

Vynta only sends electronic direct marketing to data subjects who have given prior opt-in consent, or to existing customers in relation to similar products and services. Every marketing communication includes a clear opt-out mechanism.

6. Security Safeguards

We implement appropriate, reasonable technical and organisational measures to prevent loss, damage, unauthorised destruction, unlawful access or unlawful processing of personal information, including encryption, access controls, monitoring and staff training.

7. Breach Notification

If there are reasonable grounds to believe that personal information has been accessed or acquired by an unauthorised person, Vynta will notify the Information Regulator and affected data subjects as soon as reasonably possible, in accordance with Section 22 of POPIA.

8. Operator Agreements

All third parties that process personal information on Vynta's behalf are bound by written agreements requiring them to comply with POPIA and to maintain the confidentiality and security of personal information.

9. Retention & Disposal

Personal information is retained only as long as necessary for the purpose for which it was collected, or as required by law. After this period, information is securely deleted or de-identified.

10. Complaints

Complaints regarding the processing of personal information may be lodged with our Information Officer or directly with the Information Regulator (South Africa) at inforegulator.org.za.

Questions?

Contact our Information Officer at privacy@vynta.co.za or via the contact page.