1. Our Commitment

TAUSPACE is committed to protecting the privacy and confidentiality of personal information in accordance with the Protection of Personal Information Act (POPIA), ISO 27001 Annex A.5.34, and international data-protection principles. This policy explains how we collect, use, store, and protect personal information obtained through our websites, platforms, and services.

2. Scope

This policy applies to all personal information processed by TAUSPACE, including that of clients, suppliers, business partners, employees, contractors, applicants, and website visitors.

3. Information we Collect

We may collect and process the following categories of personal information:

  • Identification details: Name, ID/passport number, company details
  • Contact information: Email, phone, address
  • Employment details: Job title, department, work history
  • Financial data: Billing or payment information
  • Technical information: Device IDs, IP address, browser type, usage analytics
  • Communications: Records of enquiries, support requests, and correspondence

4. Purpose of Processing

We process personal information to:

  • Provide and improve our services
  • Communicate with clients and respond to enquiries
  • Manage billing, contracts, and legal obligations
  • Maintain network and information security
  • Fulfil compliance requirements under ISO 27001 and POPIA
  • Recruit and administer staff and consultants

5. Lawful Basis for Processing

TAUSPACE processes personal information on one or more lawful bases:

  • Consent
  • Contractual necessity
  • Legal obligation
  • Legitimate interest

6. Data Sharing and Disclosure

TAUSPACE may share personal information only when necessary, with:

  • Service providers and partners under confidentiality agreements
  • Regulators when legally required
  • Infrastructure hosting (e.g., Google Cloud) meeting ISO 27001 and SOC 2 standards
    We do not sell or lease personal information.

7. International Transfers

Where data is transferred outside South Africa, TAUSPACE ensures adequate protection through binding corporate rules, standard contractual clauses, or transfers to jurisdictions with equivalent protection.

8. Data Retention

Personal data is retained only as long as necessary for business, legal, or contractual purposes, after which it is securely deleted or anonymized in line with our Information Retention and Disposal Policy.

9. Data Security

TAUSPACE implements comprehensive security controls, including:

  • Full-disk encryption on endpoints (ESET FDE)
  • Multi-factor authentication and role-based access control
  • Network and firewall protection
  • Continuous monitoring and incident-response processes
  • Regular ISO 27001 internal audits and vulnerability assessments

10. Data Subject Rights

Under POPIA and applicable laws, individuals have the right to:

  • Access their personal information
  • Request correction or deletion
  • Object to processing or withdraw consent
  • Request details on third-party disclosures
    Requests can be sent to our Data Protection Officer (see Contact Information).

11. Cookies and Website Tracking

Our websites may use cookies or analytics tools to improve functionality and user experience. You can control cookie preferences via your browser settings.

12. Policy Updates

We may update this Privacy Policy periodically to reflect legislative or operational changes. Updates will be published on our website with the latest effective date.

13. Contact Information

TS Digital (Pty) Ltd
Data Protection Officer: Nadia Vadachia
Email: infosec@tauspace.com
Telephone: +27 10 140 6574
Website: www.tauspace.com

14. Compliance Reference

This policy aligns with:

-SOC 2 Trust Services Criteria – Confidentiality & Privacy1

-Protection of Personal Information Act (POPIA, Act 4 of 2013)2

-ISO 27001:2022 Annex A.5.34 (Privacy and PII Protection)3

-GDPR Articles 5–14