Privacy and Security Policy

This Privacy and Security Policy sets out the policy of Northern Data (Pty) Ltd (hereinafter “Northern Data”) with regard to information that identifies the client and/or the client employees personally (known as ‘personal information', but for purposes of this policy we will call "Personal Data") and other client information that is accessed by Northern Data during the course of providing the Services (hereinafter “Client Data”). Within this policy document we will refer to Northern Data as "we", "us" and/or "our".


By using any of our Services, you confirm that you have read, understood and agreed to this Privacy and Security Policy.  If you do not agree to this Privacy and Security Policy, please do not make use any of our Services. 




Due to the fact that Northern Data is committed to ensuring that the privacy of their clients is protected, Northern Data makes use of Microsoft Azure cloud services when storing any Personal Data and Client Data.


Northern Data takes reasonable steps to protect the Personal Data and Client Data accessed in the course of providing the Services from loss, misuse, unauthorised access, disclosure, alteration, or destruction. No Internet or e-mail transmission is, however, fully secure or error free; any such transmission is accordingly at the client’s own risk. Please keep this in mind when disclosing any Personal Data and Client Data to Northern Data by email. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.


Personal Data


Northern Data is the data controller under South Africa’s Protection of Personal Information Act of 2013 (“POPI”). Northern Data conforms to POPI in terms of the collection, use, and retention of Personal Data


When you interact with us through the Services, we may collect and be given access to minimal Personal Data and other information from you and/or your employees, which typically includes your and/or your employees’: (i) name; (ii) telephone number; (iii) email address; and (vii) any other personal information which you give us in connection with the Services.


By voluntarily providing us with access to Personal Data, you are consenting to our use of it in connection with the rendering of Services and in accordance with this Privacy and Security Policy.


Northern Data is not in the business of selling your Personal Data. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties, as set out below:


Agents and Consultants: On occasion, Northern Data engages other service providers to perform certain business-related functions. When this happens, we only provide them with the information that they need to perform their specific function and they are subject to the terms and conditions of this Privacy and Security Policy.


Legal Requirements: Northern Data may disclose your Personal Data if required to do so by law or if we in good faith believe that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Northern Data, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.


POPI gives you the right to access Personal Data held about you and or your employees.  Any access request may be subject to a small administrative fee to meet our costs in providing you with details of the information we hold about you.  You may also email us at to request that we delete your Personal Data. We will use commercially reasonable efforts to honour your request.


Client Data


Northern Data shall have the right to access Client Data from time to time for the purposes of providing the Service.


As previously noted, Northern Data shall reasonably endeavour to ensure that no Client Data is accessed in an unauthorised manner for the duration of the provision of the Services. Northern Data shall promptly inform the client if any Client Data has been accessed in an unauthorised manner or if Northern Data suspects that such access has occurred.


Northern Data shall securely destroy all Client Data upon the expiry of 90 (ninety) days from the date of completion or termination of the Services.




The Services and our business may change from time to time. As a result it may be necessary for Northern Data to make changes to this Privacy and Security Policy. We will highlight to you any material changes that we make.  Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the revised terms.


Please also feel free to contact us if you have any questions about Northern Data’s Privacy and Security Policy. You may contact us on