Privacy Policy

Introduction

AL and PFA Projects (“we,” “our,” “us”) are committed to protecting the privacy of our clients and website visitors (“you,” “your”). This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information. By using our services, visiting our website, or otherwise providing us with your personal information, you agree to the terms of this Privacy Policy.

Definitions

In this Privacy Policy:

Company: Refers to AL and PFA Projects, the entity responsible for providing electrical services and solar installation services.

Services: Includes all electrical services and solar installation provided by the Company.

User/Client: Any person or entity accessing our website or engaging the Company’s services.

Contract: The agreement between the Company and the Client for the provision of services.

Site: Refers to the physical location where the Company’s services are to be performed.

Terms: Refers to the terms and conditions outlined in this Privacy Policy and any other agreements or policies referenced herein.

Personal Information: Any information that can be used to identify a User/Client, such as name, email address, phone number, physical address, and other details collected during service requests.

Sensitive Information: Information that requires higher protection, such as health data or political opinions, collected only when necessary and with explicit consent.

Data Controller: The entity that determines the purposes and means of processing personal data. In this context, AL and PFA Projects acts as the data controller.

Data Processor: Any person or organization that processes personal data on behalf of the data controller.

Processing: Any operation performed on personal data, whether automated or manual, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, erasure, or destruction.

Third Parties: Individuals or entities not directly affiliated with the Company that may process personal information on behalf of the Company, such as service providers and business partners.

Cookies: Small pieces of data stored on the User’s device by their web browser while they are browsing our website. However, AL and PFA Projects does not collect cookies as per this Privacy Policy.

Data Subject: The individual whose personal data is being collected, held, or processed.

Consent: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of their personal data.

GDPR: General Data Protection Regulation, a regulation in EU law on data protection and privacy for individuals within the European Union and the European Economic Area. Although the Company is based in South Africa, it adheres to the principles of GDPR when applicable.

Retention Period: The length of time the Company retains personal data.

Anonymization: The process of removing personal identifiers from data sets, making it impossible to identify individuals from the data.

Encryption: The process of converting information or data into a code to prevent unauthorized access.

Access Control: Security features that control who can view or use resources in a computing environment. This includes measures like passwords, access levels, and multi-factor authentication.

Legal Hold: A process that ensures that all forms of relevant information are preserved when litigation is reasonably anticipated.

Data Portability: The ability for data subjects to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Data Breach: A security incident in which information is accessed without authorization, resulting in the potential compromise of personal data.

Children’s Privacy: Refers to specific measures taken to protect the personal data of individuals under the age of 18.

International Data Transfers: The movement of personal data across national borders.

Adequacy Decisions: Decisions by relevant authorities that determine whether a third country offers an adequate level of data protection.

Policy Updates: Changes or modifications made to the Privacy Policy to reflect new practices or legal requirements.

1. Information We Collect

1.1 Personal Information We collect various types of personal information to provide and improve our services. Personal information is any information that can be used to identify you directly or indirectly. The types of personal information we collect include:

• Identification Information: This includes your name, email address, phone number, and physical address. We collect this information when you request a service or contact us for support.
• Service Information: Details about the service requests you make, including the type of service (electrical or solar installation), the location where the service is to be performed, and any other relevant details you provide.

1.2 Sensitive Information We do not typically collect sensitive personal information unless necessary for specific services and with your explicit consent. Sensitive information may include:

• Health Data: Information about your health or medical conditions, if required for a particular service.
• Political Opinions: Information about your political beliefs, if relevant to our services.

We handle sensitive information with the utmost care and take additional precautions to protect it.

2. How We Collect Information

2.1 Directly from You We collect information directly from you in several ways:

• Service Requests: When you request our electrical or solar installation services, you provide us with information necessary to fulfill your request, such as your physical address, phone number, and email.
• Communication: We collect information when you communicate with us via email, phone, or other channels. This includes your contact details and any information you choose to share with us.

2.2 From Third Parties We may receive information about you from third parties:

• Business Partners: We may receive information from business partners and affiliates who help us provide our services.
• Public Sources: We may collect information from publicly available sources and databases.

We use this information to enhance our services and provide a better experience for our users.

3. How We Use Your Information

3.1 Providing Services We use your information to provide, operate, and maintain our electrical and solar installation services. This includes:

• Service Delivery: Using your information to fulfill service requests, schedule appointments, and provide customer support.

3.2 Improving Services We use your information to understand how our services are used and to improve their performance. This includes:

• User Feedback: Analyzing feedback and usage data to identify areas for improvement.
• Service Development: Developing new products and services based on user preferences and feedback.

3.3 Communicating with You We use your information to communicate with you about our services. This includes:

• Administrative Information: Sending updates, security alerts, and support messages.
• Customer Support: Responding to your inquiries and providing assistance.

3.4 Marketing and Promotions With your consent, we use your information to send you promotional materials, newsletters, and information about new services or offers. This includes:

• Personalized Marketing: Tailoring marketing content to your interests based on your preferences and usage data.

3.5 Compliance and Legal Obligations We use your information to comply with legal requirements and protect our rights. This includes:

• Regulatory Compliance: Ensuring compliance with tax, financial, and other regulations.
• Enforcing Our Terms: Protecting our rights and property by enforcing our terms and conditions.

4. Sharing Your Information

4.1 With Service Providers We share your information with third-party service providers who perform services on our behalf. This includes:

• Payment Processors: Companies that process payments and manage transactions.
• Data Analytics Providers: Companies that help us analyze usage data and improve our services.
• Marketing Partners: Companies that assist with marketing and promotional activities.

These service providers are contractually obligated to protect your information and use it only for the purposes for which it was shared.

4.2 With Business Partners We may share your information with trusted business partners who collaborate with us in providing services to you. This includes:

• Joint Service Providers: Partners who help us deliver joint services or products.
• Affiliate Programs: Partners with whom we have affiliate marketing arrangements.

4.3 For Legal Reasons We may disclose your information to law enforcement agencies, regulators, or other authorities if required by law or to protect our rights and property. This includes:

• Legal Compliance: Sharing information to comply with legal obligations or respond to legal requests.
• Protection of Rights: Disclosing information to protect our rights, property, or safety, as well as the rights, property, or safety of others.

4.4 In Business Transfers If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. This includes:

• Corporate Transactions: Sharing information with potential buyers or partners during due diligence processes.

5. Data Security

5.1 Security Measures We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: Using encryption technologies to protect sensitive information transmitted over the internet, such as payment details.
• Firewalls and Intrusion Detection: Deploying firewalls and intrusion detection systems to prevent unauthorized access to our networks and systems.
• Access Controls: Restricting access to your personal information to authorized personnel who need the information to perform their job duties.

5.2 Data Encryption We use encryption technologies to protect sensitive information transmitted over the internet. This includes:

• SSL/TLS Encryption: Using Secure Socket Layer (SSL) or Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers.

5.3 Access Controls We implement access controls to ensure that only authorized personnel have access to your personal information. This includes:

• Role-Based Access: Assigning access rights based on job roles and responsibilities.
• Authentication Mechanisms: Using strong authentication mechanisms, such as multi-factor authentication, to verify the identity of users accessing our systems.

5.4 Regular Audits We conduct regular security audits and assessments to ensure the effectiveness of our data protection measures. This includes:

• Vulnerability Scans: Performing regular scans to identify and address security vulnerabilities.
• Penetration Testing: Conducting penetration tests to evaluate the security of our systems and applications.

6. Data Retention

6.1 Retention Period We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This includes:

• Service Provision: Retaining information for the duration of your use of our services and for a reasonable period thereafter.
• Legal Compliance: Retaining information to comply with legal and regulatory requirements.

6.2 Deletion of Data When your information is no longer needed, we will securely delete or anonymize it. You may also request the deletion of your personal information by contacting us. This includes:

• Data Deletion Requests: Responding to your requests to delete your personal information in accordance with applicable laws.
• Data Anonymization: Anonymizing data that is no longer needed to ensure it cannot be used to identify you.

6.3 Retention for Legal Obligations We may retain certain information for legal compliance, resolving disputes, and enforcing our agreements. This includes:

• Legal Hold: Retaining information subject to a legal hold in connection with litigation or regulatory investigations.
• Dispute Resolution: Retaining information necessary to resolve disputes or enforce our agreements.

7. Your Rights

7.1 Access and Correction You have the right to access the personal information we hold about you and request corrections if it is inaccurate or incomplete. This includes:

• Access Requests: Requesting a copy of your personal information and details about how we process it.
• Correction Requests: Requesting corrections to your personal information if it is inaccurate or incomplete.

7.2 Data Portability You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format. This includes:

• Data Portability Requests: Requesting that we transfer your personal information to another data controller, where technically feasible.

7.3 Right to Erasure You have the right to request the deletion of your personal information under certain circumstances, such as when it is no longer necessary for the purposes for which it was collected. This includes:

• Erasure Requests: Requesting that we delete your personal information in accordance with applicable laws.

7.4 Right to Restriction of Processing You have the right to request the restriction of processing of your personal information if you contest its accuracy, if the processing is unlawful, or if you need the information for legal claims. This includes:

• Restriction Requests: Requesting that we limit the processing of your personal information under specific conditions.

7.5 Right to Object You have the right to object to the processing of your personal information for direct marketing purposes or when processing is based on our legitimate interests. This includes:

• Objection Requests: Requesting that we stop processing your personal information for specific purposes.

7.6 Right to Withdraw Consent If we process your personal information based on your consent, you have the right to withdraw your consent at any time. This includes:

• Withdrawal Requests: Requesting that we stop processing your personal information based on your consent.

7.7 How to Exercise Your Rights To exercise any of your rights, please contact us using the details provided in Section 14. We will respond to your request within a reasonable timeframe. This includes:

• Contacting Us: Providing your contact information and details about your request to help us verify your identity and process your request.

8. Children’s Privacy

8.1 Age Limitations Our services are not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. This includes:

• Age Restrictions: Ensuring our services are designed for use by adults and implementing measures to verify the age of users.

8.2 Parental Consent If we become aware that we have inadvertently collected personal information from a child under 18 without parental consent, we will take steps to delete the information as soon as possible. This includes:

• Parental Notification: Notifying parents or guardians if we become aware of unauthorized data collection from their children.

8.3 Parental Rights Parents or guardians who believe that their child has provided us with personal information without their consent should contact us to request the deletion of the information. This includes:

• Deletion Requests: Responding to parental requests to delete their child’s personal information.

9. International Data Transfers

9.1 Cross-Border Data Transfers We may transfer your personal information to countries outside of your home country for processing and storage. These countries may have data protection laws that are different from those in your home country. This includes:

• International Transfers: Transferring data to countries where we have operations, service providers, or data centers.

9.2 Adequacy Decisions When transferring personal information internationally, we will ensure that appropriate safeguards are in place, such as adequacy decisions by relevant authorities or the use of standard contractual clauses. This includes:

• Adequacy Mechanisms: Using mechanisms approved by data protection authorities to ensure the protection of your personal information during international transfers.

9.3 Your Rights Regarding International Transfers You have the right to request more information about the safeguards we have in place for international transfers and to obtain a copy of the relevant data protection clauses. This includes:

• Transfer Requests: Requesting details about international data transfers and the protections in place.

10. Changes to This Privacy Policy

10.1 Policy Updates We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. This includes:

• Notification of Changes: Notifying you of significant changes to this Privacy Policy by posting the updated policy on our website and indicating the date of the latest revision.
• Reviewing Updates: Encouraging you to review this Privacy Policy periodically to stay informed about how we protect your information.

10.2 Continued Use Your continued use of our services following the posting of changes to this Privacy Policy constitutes your acceptance of those changes. This includes:

• Acceptance of Changes: Acknowledging that you have read and understood the updated Privacy Policy.