Privacy Policy

Last Updated: [17 October 2025]

1. Introduction & Purpose

Ezendawo Local News (“we”, “us”, “our”) is committed to protecting the privacy and personal information of visitors to our website, and users of our services, in compliance with South Africa’s Protection of Personal Information Act, No. 4 of 2013 (“POPIA”) and related regulations.

This Privacy Policy describes what personal information we collect, how we use and share it, how we protect it, and the rights you have regarding your data.

By using our website, subscribing to our newsletters, submitting content (e.g. comments, articles), or otherwise interacting with us, you accept the practices described in this policy.

2. Definitions

• Personal Information / Personal Data: Any information relating to an identifiable, living natural person, and where applicable, an identifiable juristic (legal) person.

• Responsible Party: The entity (Ezendawo Local News) that determines the purpose for which personal information is processed.

• Operator / Processor: A third party acting on behalf of the Responsible Party, processing personal information under contract.

• Data Subject / User: A person whose personal information is processed by us.

• Information Officer: The person appointed by us to ensure POPIA compliance.

3. What Information We Collect

We may collect and process the following kinds of personal information:

• Identity information: name, username, title, date of birth

• Contact information: email address, phone number, postal address

• Website usage data: e.g. IP address, device type, browser type, operating system, pages visited, time stamps, referral source

• User-generated content: comments, reviews, articles, photographs or other media you upload

• Subscription / newsletter data: preferences, subscription status

• Communications data: when you contact us (via email, forms, feedback, etc.)

• Other information you choose to provide, e.g. in surveys, contests

If we collect any special personal information (e.g. about health, race, religion) we will explicitly obtain separate consent and comply with stricter handling procedures.

We collect data:

1. Directly from you (e.g. when you register, submit content, subscribe, contact us)

2. Automatically via website analytics, cookies, log files

3. From third parties (e.g. social media platforms, advertising partners) — only if lawful and you have been informed

4. Lawful Basis for Processing

Under POPIA, we process personal information only if one or more of the following bases applies:

• Consent: you have given us your consent (explicit, informed, voluntary) for a specific purpose

• Contract: processing is necessary to perform a contract to which you are party (e.g. subscription, service provision)

• Legal obligation: processing to comply with a legal duty

• Legitimate interests: for our (or a third party’s) legitimate interests, so long as your rights and freedoms are respected

• Protection of vital interests: to protect someone’s life or safety

• Public interest (where permitted by law)

You have the right to withdraw your consent at any time (for future processing) without affecting the lawfulness of prior processing.

5. Purpose & Use of Personal Information

We use personal information for the following purposes:

• To provide, maintain and improve our website, content, and services

• To register and manage user accounts and subscriptions

• To send newsletters, updates, alerts, and promotional materials (where consent given)

• To enable commenting, content contributions, and community interactions

• For analytics, monitoring, site optimization, and reporting

• To detect, prevent, and respond to fraud, abuse or security incidents

• To comply with legal obligations, enforce our terms, and protect rights

• For marketing and advertising (with consent or where permitted)

• To share information with third-party service providers (e.g. payment gateways, mailing services, cloud hosting) under contract

We will not use your personal information for materially different or incompatible purposes without giving you prior notice and, where required, obtaining fresh consent.

6. Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect website usage data.

• Some cookies are essential, required for site operation (login, navigation, etc.).

• Others are non-essential / optional, such as performance, analytics, or advertising cookies.

We will display a cookie consent banner or tool at first visit, allowing you to accept or decline non-essential cookies.

If you disable certain cookies, parts of the site may not function correctly.

7. Disclosure and Sharing of Personal Information

We may disclose or share personal information:

• With service providers / subcontractors / processors (hosting, email, analytics, payment, etc.), only under contract, and only to the extent necessary

• With affiliates or partners for joint services (where applicable)

• When required by law, court order, regulatory request, or to protect lawful interests (e.g. fraud prevention)

• In case of restructuring, merger, sale or acquisition (with safeguards for data transfer)

• For legal claims, defenses, or investigations

We require all third parties with whom we share data to apply appropriate security and privacy safeguards.

If we transfer personal information outside South Africa, we will ensure that the receiving country has data protection standards equivalent to POPIA or use binding instruments/contracts to protect data. InCountry+2DLA Piper Data Protection+2

8. Data Security & Safeguards

We commit to implementing appropriate technical and organizational security measures to prevent loss, unauthorized access, alteration, or destruction of personal information. These may include:

• Encryption (in transit and at rest)

• Access controls and authentication

• Firewalls, secure networks, intrusion detection

• Regular security audits, vulnerability assessments

• Staff training and confidentiality requirements

• Secure disposal / deletion when information is no longer needed

In the event of a security compromise / data breach, we will notify:

1. The Information Regulator via the mandated e-portal as soon as reasonably possible (per new requirement as of April 2025) Inside Privacy

2. Affected data subjects (unless the breach is unlikely to result in any risk of harm)

3. We will provide a description of the nature of the breach, possible consequences, steps taken or to be taken, and mitigating measures

9. Retention of Personal Information

We will retain personal information only for as long as necessary to fulfill the purposes described above or to comply with legal obligations, resolve disputes, or enforce agreements.

After that, we will securely delete, anonymize or destroy personal data.

10. Your Rights as a Data Subject

Under POPIA, you have the right to:

• Be notified when we collect your personal information

• Access the personal information we hold about you

• Correct or update inaccurate or incomplete data

• Object to or restrict processing (especially for direct marketing)

• Withdraw consent (for future processing)

• Request deletion of your personal information (where lawful)

• Request the portability of data (in a structured, commonly used, machine-readable format)

• Lodge a complaint with us

• Lodge a complaint with the Information Regulator if you believe your POPIA rights are infringed

To exercise these rights, contact us (details in section 13). We may require proof of identity before fulfilling your request.

11. Children & Minors

If users under age [e.g. 16 / 18] wish to provide personal information or register, we will require parental/guardian consent (or similar safeguard) before processing their data.

We will not knowingly collect personal data from children without such consent.

12. Changes to This Policy

We may update this Privacy Policy from time to time (e.g. when we change practices, add services, or due to regulatory updates). We will post a revised version on our website with the “Last Updated” date.

Where significant changes affect how we treat your personal information, we will notify you via prominent notice or direct communication (e.g. email) and, if required, seek your consent again.

13. Contact Information & Complaints

If you have any questions, requests, complaints or want to exercise your data subject rights, please contact:

Information Officer / Privacy Officer
Ezendawo Local News
[Postal address]
[Email address]
[Phone number]

If you remain unsatisfied, you may lodge a complaint with the Information Regulator of South Africa:
Office of the Information Regulator (South Africa)
[Contact details / portal]

14. Severability & Interpretation

If any provision of this Privacy Policy is found invalid or unenforceable, that provision shall be severed, and the rest of the policy will remain in full force.

Headings are for convenience and do not affect interpretation.