Fraud Blocker Privacy Policy - Esterhuizen Coaching & Consulting

Privacy Policy

1. Introduction

This Privacy Policy applies to Esterhuizen Consulting & Coaching (ECCSA), operating in the Republic of South Africa, and all associated websites, platforms, subdomains, learning systems, stores, and trading names operated by ECCSA, including but not limited to:

  • esterhuizenconsulting.co.za
  • store.esterhuizenconsulting.co.za
  • lms.esterhuizenconsulting.co.za
  • ecounselling.co.za
  • bizcoaching.co.za
  • getacoach.co.za

Collectively referred to as “the Platforms”.

This Privacy Policy is issued in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA).

2. Responsible Party

Esterhuizen Consulting & Coaching (ECCSA) is the Responsible Party for the processing of personal information in terms of POPIA.

3. Categories of Data Subjects

We may process personal information relating to:

  • Clients
  • Prospective clients
  • Learners and LMS users
  • Coaching and counselling participants
  • Assessment candidates
  • eCommerce customers
  • Website users
  • Contractors and service providers

4. Personal Information We Process

We may collect and process personal information, including, but not limited to:

  • Names and surnames
  • Identity or passport numbers (where legally required)
  • Email addresses
  • Telephone and mobile numbers
  • Physical and postal addresses
  • Booking, scheduling, and appointment information
  • Coaching, counselling, and session notes (where applicable)
  • Psychometric assessment results and related information
  • Learning management system user data
  • eCommerce order and billing information
  • Enquiry and communication records
  • Website administrator details
  • IP addresses, cookies, logs, and backup data

5. Special Personal Information

Due to the nature of our professional services, ECCSA may process special personal information as defined under POPIA, including:

  • Psychological information
  • Health-related information disclosed during counselling or coaching
  • Assessment-related data
  • Information relating to minors (where applicable)

Such information is processed:

  • With explicit consent,
  • Where necessary for the performance of a contract,
  • Where required or permitted by law, or
  • Where necessary for the establishment, exercise, or defence of a legal claim.

Special personal information is subject to enhanced confidentiality and security safeguards.

6. Children’s Personal Information

Where services involve minors:

  • Parental or guardian consent is required prior to processing.
  • Information is processed strictly for the intended service purpose.

We do not knowingly collect personal information from children without appropriate consent.

7. Purpose of Processing

Personal information is processed for purposes including:

  • Providing coaching, counselling, and consulting services
  • Conducting psychometric assessments
  • Managing bookings, workshops, and appointments
  • Delivering LMS and educational content
  • Processing eCommerce transactions
  • Responding to enquiries
  • Sending service-related communications
  • Compliance with legal and regulatory obligations
  • Billing and accounting

Personal information is processed only for specific, lawful, and necessary purposes.

8. Lawful Basis for Processing

Processing is based on one or more of the following:

  • Consent
  • Performance of a contract
  • Legal obligation
  • Legitimate interest
  • Protection of legitimate interests of the data subject

9. Direct Marketing

Personal information may be used for service-related communications.

Marketing communications are sent only:

  • With consent where required, and
  • With an opt-out mechanism available at all times.

10. Cookies, Analytics, Ratings & Monitoring

Our Platforms use:

  • Cookies
  • Analytics tools
  • Security monitoring systems
  • Ratings and review tools

These are used for:

  • Functionality
  • Security
  • Performance analysis
  • User experience improvement

Users may control cookies via browser settings.

11. Artificial Intelligence Processing

Artificial intelligence tools may be used to assist with:

  • Content development
  • Administrative tasks
  • Optimisation
  • Technical diagnostics

Personal information is not used to train public AI models without lawful basis or consent.

AI outputs are subject to human oversight.

12. Payment Processing

Payments are processed via secure third-party providers, including Yoco.

ECCSA does not store:

  • Credit card numbers
  • CVV numbers
  • Online banking credentials

Limited transaction-related information may be retained for accounting and reconciliation.

Payment processors operate under applicable banking regulations and PCI-DSS standards.

13. Third-Party Operators

ECCSA may appoint operators, including:

  • Hosting providers
  • LMS platforms
  • Cloud infrastructure services
  • Security providers
  • Analytics providers
  • Payment processors
  • AI service providers

Operators process personal information under written agreements and appropriate safeguards.

14. Cross-Border Transfers

Some third-party service providers may be located outside South Africa.

Where cross-border transfers occur, ECCSA ensures:

  • The recipient is subject to adequate data protection laws, or
  • Contractual safeguards are in place, or
  • Consent is obtained where required.

15. Security Safeguards

ECCSA implements reasonable technical and organisational measures to protect personal information against:

  • Loss
  • Unauthorised access
  • Disclosure
  • Destruction
  • Misuse

No system can guarantee absolute security.

16. Data Retention

Personal information is retained only for as long as necessary to:

  • Fulfil contractual obligations
  • Comply with legal requirements
  • Maintain professional records
  • Resolve disputes

Backups may contain archived data for continuity purposes.

17. Data Breach Notification

In the event of a security compromise affecting personal information, ECCSA will:

  • Take reasonable steps to investigate and contain the breach
  • Notify affected data subjects where required
  • Notify the Information Regulator where required by POPIA

18. Data Subject Rights

In terms of POPIA, data subjects have the right to:

  • Access their personal information
  • Request correction
  • Object to processing
  • Request deletion (where lawful)
  • Withdraw consent
  • Lodge a complaint

Requests may be submitted to:

Email:

Identity verification may be required.

19. Complaints

If you believe your personal information has been processed unlawfully, you may lodge a complaint with:

The Information Regulator (South Africa)
Website: https://www.justice.gov.za/inforeg/
Email:

20. PAIA Manual

Access to information requests are governed by ECCSA’s Section 51 PAIA Manual.

21. Changes to this Policy

This Privacy Policy may be updated from time to time. Updated versions will be published on the Platforms.

22. Contact Details

Information Officer: Elna Esterhuizen
Email:
General Enquiries:
Phone: +27 79 878 6041

SEARCH ...