Privacy Policy
Effective Date: January 1, 2025 | Last Updated: March 15, 2025
Introduction and Scope
novalirentiq (Pty) Ltd, operating as "novalirentiq," respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website novalirentiq.com, use our financial services, or interact with us in any capacity.
This policy applies to all personal information processed by novalirentiq in connection with our financial services platform. By accessing our services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.
Important: This Privacy Policy complies with the Protection of Personal Information Act (POPIA) of South Africa and other applicable privacy legislation. We are committed to processing your personal information lawfully, fairly, and transparently.
Information We Collect
We collect various types of information to provide and improve our financial services. The categories of personal information we may collect include:
Identity Information
- Full name and preferred name
- South African ID number or passport details
- Date of birth and nationality
- Employment status and occupation
- Marital status
Contact Information
- Physical and postal addresses
- Email addresses
- Telephone and mobile numbers
- Emergency contact details
Financial Information
- Bank account details and statements
- Income and expense information
- Credit history and credit scores
- Investment preferences and risk profile
- Financial goals and objectives
Technical Information
- IP address and device identifiers
- Browser type and operating system
- Website usage patterns and preferences
- Login credentials and security tokens
How We Collect Information
We collect personal information through various methods, always ensuring we have a lawful basis for processing:
Direct Collection
Most information is collected directly from you when you register for services, complete application forms, participate in surveys, or communicate with our team. We also collect information during telephone conversations, which may be recorded for quality assurance purposes.
Automatic Collection
Our website uses cookies and similar technologies to collect information about your browsing behavior. This includes pages visited, time spent on our site, and technical information about your device.
Third-Party Sources
We may obtain information from credit bureaus, financial institutions, and other authorized third parties to verify your identity, assess creditworthiness, or comply with regulatory requirements.
How We Use Your Information
Your personal information is processed for specific, legitimate purposes in accordance with POPIA. We use your information to:
- Provide financial services and products tailored to your needs
- Process applications, transactions, and service requests
- Conduct risk assessments and credit evaluations
- Comply with legal and regulatory obligations
- Prevent fraud and ensure account security
- Communicate service updates and important notices
- Improve our services through analysis and research
- Provide customer support and resolve inquiries
- Market relevant products and services (with your consent)
- Maintain accurate records and audit trails
We process your personal information based on various lawful grounds including consent, contractual necessity, legal obligation, vital interests, public task, or legitimate interests. We will always ensure processing is proportionate and necessary for the stated purpose.
Information Sharing and Disclosure
We do not sell your personal information to third parties. However, we may share your information in certain circumstances:
Service Providers and Business Partners
We work with trusted third-party service providers who assist us in delivering our services. These include payment processors, technology providers, and professional service firms. All third parties are contractually bound to protect your information and use it only for specified purposes.
Legal and Regulatory Requirements
We may disclose your information to comply with applicable laws, regulations, legal processes, or government requests. This includes sharing information with the South African Reserve Bank, Financial Intelligence Centre, and other regulatory bodies as required.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.
Your Privacy Rights
Under POPIA and other applicable privacy laws, you have several rights regarding your personal information:
Right of Access
You can request confirmation of whether we process your personal information and obtain copies of such information.
Right to Correction
You may request correction of inaccurate, misleading, or incomplete personal information.
Right to Deletion
You can request deletion of your personal information where we no longer have a lawful basis for processing.
Right to Object
You may object to processing of your personal information for direct marketing purposes or other legitimate interests.
Right to Portability
You can request transfer of your personal information in a structured, commonly used format.
Right to Restrict
You may request restriction of processing in certain circumstances, such as during dispute resolution.
To exercise any of these rights, please contact our Data Protection Officer using the details provided below. We will respond to your request within 30 days and may require verification of your identity before processing your request.
Data Security and Protection
We take the security of your personal information seriously and have implemented comprehensive measures to protect it:
Technical Safeguards
- 256-bit SSL encryption for all data transmission
- Multi-factor authentication for account access
- Regular security audits and vulnerability assessments
- Secure cloud infrastructure with redundant backups
- Firewall protection and intrusion detection systems
Administrative Controls
- Employee training on data protection and security
- Role-based access controls limiting data access
- Regular review and updating of security policies
- Incident response procedures for security breaches
- Third-party security certifications and compliance
Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Our retention periods vary based on the type of information and legal requirements:
| Information Type | Retention Period | Legal Basis |
|---|---|---|
| Account Information | 5 years after account closure | Financial Intelligence Centre Act |
| Transaction Records | 5 years from transaction date | Companies Act and tax legislation |
| Credit Information | 1 year after credit assessment | National Credit Act |
| Marketing Preferences | Until consent withdrawn | POPIA consent requirements |
| Website Analytics | 26 months | Business analytics purposes |
After the retention period expires, we will securely delete or anonymize your personal information, unless there are legal or regulatory reasons for continued retention.
International Data Transfers
Your personal information is primarily processed within South Africa. However, we may transfer information to countries outside South Africa for specific purposes such as cloud storage, technical support, or regulatory reporting.
When we transfer your information internationally, we ensure adequate protection through approved transfer mechanisms such as adequacy decisions, standard contractual clauses, or binding corporate rules. We will only transfer your information to countries or organizations that provide an adequate level of protection for personal information.
Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance your browsing experience and collect analytics information. Cookies are small text files stored on your device that help us remember your preferences and improve our services.
Types of Cookies We Use
- Essential Cookies: Required for website functionality and security
- Performance Cookies: Collect analytics data to improve our services
- Functional Cookies: Remember your preferences and settings
- Marketing Cookies: Used for targeted advertising (with your consent)
You can control cookie settings through your browser preferences. However, disabling certain cookies may affect website functionality and your user experience.
Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete such information promptly.
Parents or guardians who believe we have collected information from a child should contact us immediately using the details provided below.
Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will notify you of any material changes by posting the updated policy on our website and updating the effective date.
For significant changes that may affect your rights, we will provide additional notice through email or prominent website notifications. Your continued use of our services after policy updates constitutes acceptance of the revised terms.
Contact Our Data Protection Officer
Address: 19 Debussy Street, SW5, Vanderbijlpark, 1911, South Africa
Phone: +27 84 402 3972
Email: privacy@novalirentiq.com
General Inquiries: info@novalirentiq.com
For privacy-related complaints, you may also contact the Information Regulator of South Africa at inforeg@justice.gov.za or visit their website at justice.gov.za/inforeg/