Privacy Policy

Effective date: 26 October 2025

1. Introduction

This Privacy Policy explains how Office Chair Outlet (“we”, “us”, or “our”) collects, uses, discloses, and safeguards personal information when you visit or make a purchase from officechairoutlet.co.za (the “Site”) or otherwise interact with us. We are committed to processing personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (“POPIA”).

2. Who we are (Responsible Party)

Office Chair Outlet is the responsible party for personal information processed through the Site.

• Trading name: Office Chair Outlet
• Website: officechairoutlet.co.za
• Contact e-mail: support@officechairoutlet.co.za
• Information Officer: [Insert name and contact details, if different]
• Registered address / postal address: [Insert address]

3. What we collect

3.1 Information you provide to us

• Order & account details: name, e-mail address, phone number, billing and delivery addresses, and order history.
• Payment details: payment method, transaction identifiers and status. Note: card data is typically processed by our payment service provider and not stored by us.
• Communications: enquiries, reviews, warranty claims, returns and customer support interactions.
• Marketing preferences: your choices about receiving marketing via e-mail, SMS or other channels.

3.2 Information we collect automatically (Device Information)

When you visit the Site, we automatically collect certain information about your device and how you use the Site, including your IP address, browser type, time zone, cookie identifiers, pages viewed, products viewed, referring websites or search terms, and timestamps. We collect this using cookies, log files, tags, pixels and similar technologies. See Section 9 (Cookies & Analytics) for details.

4. Why we process personal information (Purposes)

• To provide our products and services: accept and fulfil orders, process payments, arrange delivery/collection, and provide invoices and order confirmations.
• Customer care: respond to enquiries, returns, refunds, repairs, guarantees and product safety notices.
• Security & fraud prevention: detect, investigate and prevent fraudulent transactions and abuse of the Site.
• Site performance: operate, maintain, troubleshoot and improve the Site and user experience.
• Marketing & promotions: send product updates, offers and recommendations where permitted (you can opt out at any time).
• Legal & compliance: comply with applicable laws, tax and accounting obligations, and respond to lawful requests.

5. Our processing principles under POPIA

We process personal information in line with POPIA’s conditions, including accountability, processing limitation, purpose specification, further processing limitation, information quality, openness, security safeguards and data subject participation. Your rights under POPIA include the rights to be notified of collection and security compromises, to access your information, to request correction, deletion or destruction, to object to certain processing, including direct marketing, and to lodge complaints with the Information Regulator. :contentReference[oaicite:0]{index=0}

6. Lawful grounds for processing

Depending on the context, we rely on one or more of the following:

• Performance of a contract with you or to take steps at your request before entering into a contract (e.g., processing and delivering your order).
• Legal obligations (e.g., tax, accounting and consumer protection requirements).
• Legitimate interests (e.g., Site security, fraud prevention, service improvement), balanced against your privacy rights.
• Consent for specific activities, including certain direct marketing by electronic communications, as required by POPIA and its regulations. You may withdraw consent at any time. :contentReference[oaicite:1]{index=1}

7. Sharing and disclosure

We may share personal information with:

• Service providers who perform services on our behalf (e.g., website hosting, payment processing, couriers, analytics, marketing support and IT/security providers). Appropriate confidentiality and data protection obligations bind them.
• Business transfers in connection with a merger, acquisition, reorganisation or sale of assets.
• Legal and regulatory disclosures were required by law, court order or lawful authority, or to protect our rights, safety, users or the public.

8. Cross-border transfers

Some recipients may be located outside the Republic of South Africa. Where we transfer personal information internationally, we do so in compliance with Section 72 of POPIA (for example, where the recipient is subject to a law, binding corporate rules or agreement that provides an adequate level of protection; where you consent; or where the transfer is necessary for a contract or in your interests). :contentReference[oaicite:2]{index=2}

9. Cookies & analytics

We use cookies and similar technologies to operate the Site, remember your preferences, analyse traffic and measure marketing performance. You can manage cookies via your browser settings; disabling certain cookies may affect Site functionality.

We may use analytics services (e.g., Google Analytics) to help us understand Site usage and improve our services. These providers use cookies and similar technologies to collect information about your device and interactions with the Site. To learn more about Google’s practices and your choices, see Google’s privacy resources and opt-out tools.

10. Direct marketing

We may send you marketing communications by e-mail, SMS or other electronic means where permitted by law, and we will obtain your prior consent where required under POPIA and the applicable regulations. You may opt out at any time by using the unsubscribe link in our e-mails or replying STOP to SMS, or by contacting us. Guidance from the Information Regulator explains how direct marketing must comply with POPIA’s conditions for lawful processing. :contentReference[oaicite:3]{index=3}

11. Do Not Track

Some browsers offer a “Do Not Track” (DNT) signal. The Site does not currently respond to DNT signals. We will review this statement periodically as standards evolve.

12. Children

Our products and services are intended for adults. We do not knowingly collect personal information from persons under 18 years of age. If you are a parent or guardian and believe that your child has provided us with personal information, don't hesitate to get in touch with us so that we can take appropriate steps.

13. Data retention

We retain personal information only for as long as necessary for the purposes set out in this Policy (for example, for as long as you have an account with us or as needed to provide products or services), and as required to comply with legal, accounting or reporting obligations and to resolve disputes. We will then destroy or de-identify the information in a secure manner.

14. Security

We implement reasonable technical and organisational measures designed to protect personal information against loss, misuse, unauthorised access, disclosure, alteration and destruction, having regard to generally accepted information security practices and procedures and the nature of the personal information.

15. Your rights

You may, subject to applicable law, exercise the following rights:

• Request confirmation that we hold personal information about you and request access to it.
• Request correction, update, deletion or destruction of personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully.
• Object to our processing of your personal information on reasonable grounds relating to your particular situation, including objection to direct marketing at any time.
• Not be subject to a decision based solely on automated processing in certain circumstances.
• Lodge a complaint with the Information Regulator (see Section 17). :contentReference[oaicite:4]{index=4}

16. How to exercise your rights

To exercise your rights, please get in touch with us using the details in Section 18. To help us process your request, please include sufficient information to identify yourself and the information you are referring to. We may require proof of identity and a description of the request. We will respond within timeframes required by law and may refuse or charge a reasonable fee for manifestly unfounded, excessive or repetitive requests where permitted by law.

17. Complaints

If you have concerns about how we process your personal information, please get in touch with us first. You may also lodge a complaint with the Information Regulator:

• Website: inforegulator.org.za
• General enquiries e-mail: enquiries@inforegulator.org.za :contentReference[oaicite:5]{index=5}
• POPIA complaints e-mail: POPIAComplaints@inforegulator.org.za (submit the prescribed Form 5). :contentReference[oaicite:6]{index=6}

18. Contact us

For questions about this Policy or our privacy practices, or to exercise your rights, please contact:

• E-mail: support@officechairoutlet.co.za
• Postal address: [Insert postal address, South Africa]
• Information Officer: [Insert name and contact details]

19. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, technology, legal or regulatory requirements. We will post the updated Policy on the Site with a new effective date. Your continued use of the Site after changes take effect constitutes acceptance of the revised Policy.