Protection of Personal Information Policy

Applicable to all brands, divisions, joint ventures, subsidiaries, suppliers, directors, and employees.

Eatfresh is committed to protecting your privacy and ensuring that your personal information is processed lawfully, transparently, and securely in accordance with the Protection of Personal Information Act, No. 4 of 2013 (POPIA). This policy outlines our approach to managing personal information across our operations, in our engagements with clients, suppliers, service providers, and website visitors.

1. Scope and Purpose

This POPIA Policy applies to all personal information processed by Eatfresh. It is intended to inform you of how and why we collect, use, disclose, and retain your personal data. This policy supports our broader commitment to responsible information governance and data protection.

2. Collection and Use of Personal Information

Eatfresh collects personal information directly from individuals, or indirectly via third parties and public sources, where lawful. The types of data collected may include names, contact details, employment and contractual information, and browsing behaviour via cookies. We process personal information to fulfil contractual obligations, comply with laws, manage services, administer accounts, improve offerings, and communicate with you where appropriate. We will only collect information that is adequate, relevant, and not excessive forthe purpose.

3. Legal Basis for Processing

Eatfresh processes personal information based on one or more of the following legal grounds:

  • Your consent
  • Performance of a contract
  • Compliance with a legal obligation
  • Legitimate interests pursued by Eatfresh or a third party

4. Your Rights

As a data subject, you have the right to:

  • Access your personal information
  • Request correction or deletion of personal information
  • Object to processing or withdraw consent
  • Lodge a complaint with the Information Regulato

5. Disclosure and Security

Eatfresh may share personal information with trusted service providers or regulators where necessary, under strict confidentiality obligations. We implement appropriate security safeguards to protect data from loss, misuse, unauthorised access, or disclosure.

6. Retention and Deletion

Personal information is retained only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. When no longer required, the information is securely destroyed or anonymised in accordance with our Records Retention Policy.

7. Marketing and Preferences

We may send you marketing communications where you have provided consent or where you are an existing client and the content relates to similar products or services. You may opt out of these communications at any time using the unsubscribe option or by contacting us directly.

8. Contact Information

Deputy Information Officer:
Email: popi@tsebo.com
Tel: 011 441 5300
Address: Tsebo Office Park, 85 Protea Road, Sandton, South Africa

This POPIA Policy is reviewed periodically to ensure ongoing alignment with regulatory requirements and data protection best practices.