R

Refund AI

POPIA Compliance Statement

1. Introduction

This POPIA Compliance Statement explains how Refund AI ("we", "our", "us") complies with the Protection of Personal Information Act 4 of 2013 (POPIA) in South Africa. We are committed to ensuring the privacy and protection of personal information processed by Refund AI.

2. Information Officer

We have appointed an Information Officer who is responsible for ensuring that Refund AI complies with POPIA. The Information Officer can be contacted at compliance@refundai.co.za.

3. Lawful Processing

We process personal information in accordance with the conditions for lawful processing as set out in POPIA. This includes:

  • Processing personal information in a lawful and reasonable manner that does not infringe on the privacy of data subjects.
  • Ensuring that processing is adequate, relevant and not excessive.
  • Taking steps to ensure information is accurate and kept up to date.
  • Not retaining personal information for longer than necessary.

4. Purpose of Processing

We process personal information for the following purposes:

  • To provide our AI-powered tax consultation services.
  • To manage our relationship with clients.
  • To process payments and subscriptions.
  • To comply with legal obligations.
  • For marketing purposes, where consent has been obtained.

5. Categories of Data Subjects and Information

We process personal information relating to the following categories of data subjects:

  • Clients and potential clients
  • Employees and contractors
  • Service providers and suppliers

6. Recipients of Personal Information

We may share personal information with:

  • Service providers who assist with our business operations.
  • Professional advisers such as lawyers, accountants, and auditors.
  • Regulatory authorities, government departments, and law enforcement agencies, where required by law.

7. Security Measures

We have implemented reasonable technical and organizational measures to secure personal information, including:

  • Access controls and authentication procedures.
  • Encryption of sensitive data.
  • Regular security assessments and audits.
  • Staff training on data protection.

8. Data Subject Rights

Under POPIA, data subjects have the right to:

  • Request access to their personal information.
  • Request correction of their personal information.
  • Request deletion of their personal information.
  • Object to the processing of their personal information.
  • Submit a complaint to the Information Regulator.

9. Contact Information

For any queries regarding this compliance statement or to exercise your rights under POPIA, please contact our Information Officer at compliance@refundai.co.za.