Who we are (Responsible Party)
Truwealth Technology Solutions (Pty) Ltd (“TW Technologies”, “we”, “us”, “our”) is the responsible party for personal information we collect and process through our website, LinkedIn lead generation forms, and related channels.
Registered address: 74 Rockdale Avenue, Westville, Durban, South Africa
Website: https://truwealthgroup.co.za/
General email: info@tw-tech.co.za
Information Officer (POPIA contact): Devashnee Govender
Information Officer email: info@tw-tech.co.za
Scope
This Privacy Policy explains how we collect, use, share, store, and protect personal information, and how you can exercise your rights under the Protection of Personal Information Act, 2013 (“POPIA”).
Personal information we collect
Depending on how you interact with us (website forms, LinkedIn lead generation forms, email, calls, meetings, or service delivery), we may collect:
3.1 Identifiers and contact details
• Name and surname
• Email address
• Phone number
3.2 Business and profile details
• Company name
• Job title
• Industry
• Business location
• Number of users/employees (if you choose to provide it)
3.3 Service and enquiry details
• Your IT priorities, challenges, requirements, and any messages you submit
• Information needed to assess or scope services such as managed IT, Microsoft 365/SharePoint, cybersecurity, automation, or POS solutions
3.4 Technical and usage data (website)
• IP address
• Device and browser information
• Pages visited, referral sources, and activity on the site
• Cookies or similar technologies (where used)
3.5 Communication and record-keeping
• Emails and correspondence
• Call notes and meeting notes
• Support, assessment, or proposal-related correspondence
Where we collect personal information from
We collect personal information:
• Directly from you when you submit forms, contact us, or communicate with us
• From LinkedIn Lead Gen Forms when you submit a lead form on LinkedIn
• From cookies/analytics tools on our website (where enabled)
Where required, we will indicate whether a field is optional or mandatory and the consequences of not providing the information (for example, we may be unable to respond to a request if essential contact information is not provided).
Why we process personal information (purposes)
We process personal information to:
• Respond to enquiries and contact requests
• Arrange and deliver assessments (for example, IT readiness or risk reviews), quotes, and proposals
• Provide and manage services (for example, managed IT, Microsoft 365/SharePoint, cybersecurity, automation, and POS solutions)
• Communicate about service updates, operational matters, and support
• Improve our website, marketing, and lead qualification processes
• Maintain records for business continuity, governance, and reporting
• Comply with legal obligations and protect our legal interests (including dispute resolution and enforcement of agreements)
Lawful grounds for processing (POPIA)
We only process personal information where permitted under POPIA. This generally includes processing where:
• You have provided consent (for example, you request contact, submit a lead form, or opt in to marketing)
• Processing is necessary to take steps prior to entering into a contract, or to perform a contract with you
• Processing is required to comply with a legal obligation
• Processing is in our legitimate interests to operate our business and respond to enquiries, provided your rights are not overridden
Direct marketing
Where we send direct marketing communications by electronic means (email, SMS, or WhatsApp), we do so in accordance with POPIA.
You can opt out at any time by:
• Replying “STOP” (where applicable), or
• Using an unsubscribe link (where available), or
• Emailing us at info@tw-tech.co.za
Opting out of marketing will not affect service-related communications (for example, notices about an active assessment, support, or operational updates).
Sharing your personal information (operators and third parties)
We may share personal information with trusted operators and third parties only where necessary for the purposes described above, including:
• Our internal sales, operations, and service delivery teams
• Cloud and productivity providers (for example, Microsoft 365) and hosting/email service providers
• CRM, marketing, and automation platforms (where used)
• Website analytics and security providers (where used)
• Professional advisers (accountants, auditors, and lawyers) where necessary
• Regulators or authorities where required by law
We do not sell personal information.
Cross-border transfers
Some service providers may store or process data outside South Africa (for example, cloud platforms). Where personal information is transferred cross-border, we take reasonable steps to ensure appropriate protection consistent with POPIA, including contractual safeguards and suitable security controls.
Security safeguards
We implement reasonable technical and organisational measures to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction. Measures may include:
• Access controls and role-based permissions
• Multi-factor authentication (MFA) where appropriate
• Encryption where appropriate
• Secure backups and monitoring
• Staff confidentiality obligations and privacy training where appropriate
Data breach handling
If we have reasonable grounds to believe that personal information has been accessed or acquired by an unauthorised person, we will take steps required by POPIA, which may include notifying affected persons and/or the Information Regulator where required.
Retention (how long we keep personal information)
We retain personal information only for as long as necessary to fulfil the purposes set out in this policy, unless a longer period is required or permitted by law (for example, accounting, contractual, or dispute-related obligations).
As a general guideline:
• Lead and enquiry records are typically retained for 12 to 36 months, unless you become a client, request deletion (where applicable), or retention is required by law.
Your rights under POPIA
Subject to POPIA and applicable exceptions, you have the right to:
• Request access to personal information we hold about you
• Request correction, deletion, or destruction of personal information (where appropriate)
• Object to processing in certain circumstances, including direct marketing
• Withdraw consent where processing is based on consent (this will not affect processing already carried out)
• Lodge a complaint with the Information Regulator (South Africa)
To exercise your rights, email info@tw-tech.co.za with the subject line: POPIA Request
Complaints to the Information Regulator (South Africa)
If you are unhappy with how we handle personal information, you may lodge a complaint with the Information Regulator (South Africa) using their official channels and complaint mechanisms.
Children
Our services and marketing are intended for businesses and business decision-makers. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take reasonable steps to address it.
Cookies and tracking (website)
We may use cookies and similar technologies to:
• Improve website functionality
• Understand website usage and performance
• Improve campaigns and lead attribution
• Enhance security
Where required, we will request consent for non-essential cookies. You can manage cookies through your browser settings. Disabling certain cookies may affect website functionality.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top will reflect the latest revision. Material changes will be posted on this page.
