Privacy Policy

1. Introduction

BizBook ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payroll management and tax compliance services.

2. Information We Collect

2.1 Personal Information

We collect the following types of personal information:

• Identity Information: Name, date of birth, gender, nationality, ID numbers, passport details
• Contact Information: Email address, phone number, physical address
• Financial Information: Banking details, tax numbers, salary information, income and expenses
• Employment Information: Job titles, employment dates, company information
• KYC Documents: Identity documents, proof of address, bank statements

2.2 Sensitive Personal Information

We may collect sensitive personal information including:

• Tax identification numbers and financial records
• Banking and payment information
• Health information (for medical aid credits)
• Political exposure information (PEP declarations)

2.3 Technical Information

We automatically collect certain technical information:

• IP addresses and device information
• Browser type and version
• Operating system
• Usage patterns and preferences
• Cookies and similar tracking technologies

3. How We Use Your Information

We use your information for the following purposes:

• Service Provision: To provide payroll management, tax compliance, and related services
• Account Management: To create and manage your account, process payments
• Compliance: To meet legal and regulatory requirements, including SARS reporting
• Communication: To send you service-related communications, updates, and notifications
• Security: To protect against fraud, unauthorized access, and other security threats
• Improvement: To analyze usage patterns and improve our services

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Contract Performance: To provide the services you have requested
• Legal Obligation: To comply with South African tax and employment laws
• Legitimate Interest: To improve our services and prevent fraud
• Consent: Where you have given explicit consent for specific processing activities

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

5.1 Regulatory Authorities

• South African Revenue Service (SARS) for tax compliance
• Department of Labour for employment law compliance
• Financial Intelligence Centre (FIC) for anti-money laundering
• Other government agencies as required by law

5.2 Service Providers

• Cloud hosting providers for data storage
• Email service providers for communication
• Payment processors for billing
• IT security providers for data protection

5.3 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and interests.

6. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: All sensitive data is encrypted in transit and at rest
• Access Controls: Strict access controls and authentication requirements
• Regular Audits: Regular security audits and vulnerability assessments
• Staff Training: Regular training on data protection and security
• Incident Response: Procedures for handling security incidents

7. Data Retention

We retain your information for as long as necessary to:

• Provide our services to you
• Comply with legal and regulatory requirements
• Resolve disputes and enforce our agreements
• Meet tax and employment law retention periods (typically 5-7 years)

8. Your Rights

Under South African data protection laws, you have the following rights:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information (subject to legal requirements)
• Portability: Request a copy of your data in a portable format
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing in certain circumstances

9. International Transfers

Your information may be transferred to and processed in countries outside South Africa. We ensure appropriate safeguards are in place for such transfers, including:

• Adequacy decisions by relevant authorities
• Standard contractual clauses
• Binding corporate rules
• Certification schemes

10. Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze website usage and performance
• Provide personalized content
• Ensure security and prevent fraud

You can control cookie settings through your browser preferences.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending you an email notification
• Providing notice through our service

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@solcol.co.za
• Data Protection Officer: dpo@solcol.co.za