Privacy Policy

1. Introduction

1.1. Kolbe Enterprises (“Kolbe Enterprises,” “we,” “us,” “our”) encompasses KO Strategic Advisors and KO Media Collective. This Privacy and Personal Information Policy (“Policy”) explains how we collect, use, store, and disclose your Personal Information (as defined below) in accordance with:

  • The Protection of Personal Information Act 4 of 2013 (“POPIA”),
  • The Electronic Communications and Transactions Act 25 of 2002 (“ECTA”),
  • And, to the extent applicable, the General Data Protection Regulation (“GDPR”) of the European Union.

1.2. By accessing or using our website (“Website”), corresponding with us electronically (e.g., via email, contact forms or newsletter subscriptions), or engaging with any of our services, you confirm that you have read, understood, and agree to be bound by this Policy.

1.3. This Policy must be read together with our Terms and Conditions of Use of Website (“Terms”) and any other agreements, policies, or notices referenced therein.

If you do not agree with any provisions herein, please refrain from using the Website or providing us with your Personal Information.

2. Definitions

2.1. Data Subject: An identifiable natural person (or a juristic person, where applicable under POPIA) to whom Personal Information relates. This includes both South African and EU users where the GDPR applies.

2.2. Personal Information or Personal Data: Any information that relates to an identifiable natural person (or juristic person, where applicable under POPIA). Where the GDPR applies, references to “Personal Data” shall be deemed included. Examples include names, contact details, identification numbers, location data, online identifiers, and more.

2.3. Responsible Party (under POPIA) / Data Controller (under GDPR): The entity (Kolbe Enterprises) that determines the purpose and means of processing Personal Information.

2.4. Operator (under POPIA) / Data Processor (under GDPR): A third party that processes Personal Information on behalf of Kolbe Enterprises under a contractual agreement.

2.5. Processing: Any operation or set of operations concerning Personal Information, whether or not by automatic means. This includes collecting, storing, using, disclosing, merging, erasing, or otherwise dealing with Personal Information.

3. Scope of Application and International Users

3.1. South Africa: This Policy applies to the Processing of Personal Information in South Africa, regulated by POPIA and ECTA.

3.2. European Union: To the extent that the GDPR applies (e.g., if you are located in the EU or if we otherwise process your data in a manner subject to the GDPR), Kolbe Enterprises will ensure compliance with the GDPR’s requirements, including lawful bases for Processing and rights afforded to EU Data Subjects.

3.3. Other Jurisdictions: Users accessing the Website from other jurisdictions do so at their own risk and must ensure compliance with applicable local laws. However, we strive to maintain uniformly high standards of data protection.

4. Collection of Personal Information

4.1. Information You Provide Voluntarily

  • Contact Forms and Email Inquiries: Names, email addresses, telephone numbers, and any additional details you choose to share.
  • Service Requests: If you inquire about or engage our services (e.g., business consulting, accounting, photography, event planning), we may collect relevant background information to assess your needs.
  • Newsletter Subscriptions: Names, email addresses, and any related preferences for receiving communications.

4.2. Information Collected Automatically

  • Cookies and Similar Technologies: We use cookies, pixel tags, and analytics tools (eg. Google Analytics, Site Kit) to collect certain technical data (e.g., IP address, browser type, usage patterns).
  • Log Files: Our servers may automatically log certain information (e.g., pages viewed, access times, referring URLs).

4.3. Future Online Store Transactions (WooCommerce)

  • Once our online store launches, we may collect additional information to process your transactions, such as payment details and shipping/billing addresses. Payment processing may be outsourced to third-party providers under secure protocols.

4.4. Children’s Data

  • Our services and Website are intended for persons aged 18 years or older. We do not knowingly process children’s Personal Information without parental/guardian consent.

5. Lawful Basis for Processing

5.1 POPIA

Under section 9 of the Protection of Personal Information Act 4 of 2013 (“POPIA”), Personal Information must be processed lawfully and in a reasonable manner that does not infringe the privacy of the Data Subject. We adhere to these requirements as follows:

5.1.1 Minimality and Purpose Specification

  • We collect and process only that Personal Information which is adequate, relevant, and not excessive for the specific, explicitly defined purpose related to our legitimate business activities (e.g., providing consulting, creative, or event services).
  • Before or at the time of collection, we take reasonable steps to inform you, the Data Subject, of the purpose(s) for which the information is collected, as well as any additional necessary details prescribed by POPIA (such as whether the provision of information is voluntary or mandatory, any consequences of failure to provide the information, and your rights to access and rectify the information).

5.1.2. Consent and Disclosure

  • Consent for General Processing: Where consent is required, we obtain it explicitly. This may occur in various ways, including a dedicated checkbox on our contact forms or a cookie banner on the Website.
  • Cookie Banner: By accepting our cookie banner, you confirm your consent to our use of cookies and similar tracking technologies, subject to your browser settings and preferences.
  • Contact Forms: Any contact form on our Website will include a mandatory consent box that you must tick to confirm you have read and agreed to this Privacy Policy (and any other relevant terms). Only upon ticking this box will your information be processed as requested.
  • Direct Collection: In the event we collect Personal Information directly from you (e.g., when you send an email or verbally provide details during a consultation), we will ensure you are aware of the purpose for which the information is required.

5.1.3. Withdrawal of Consent

  • You have the right to withdraw any consent previously given at any time, without affecting the lawfulness of Processing conducted prior to such withdrawal.
  • To withdraw your consent, please send a written request to info@kolbeenterprises.com. We shall process your request and cease (or appropriately limit) the Processing of your Personal Information for the purpose(s) to which consent was originally granted, unless there is another lawful basis upon which we may continue Processing (e.g., to comply with a legal obligation).
  • Note that withdrawal of consent may impact our ability to provide certain services or Website functionalities that rely on such consent-based Processing.

5.1.4. Further Compliance Measures

  • Information Quality: We endeavour to keep Personal Information accurate, complete, and up to date. Should you become aware of any inaccuracies, we encourage you to notify us so that corrections can be made.
  • Data Subject Participation: You retain the right to request access to your Personal Information, as well as to request corrections or deletions thereof, subject to the provisions of POPIA and other applicable laws.
  • Openness: We maintain documentation regarding our processing activities in accordance with POPIA requirements and will, upon request, provide Data Subjects with information about our data-processing practices, subject to applicable legal or confidentiality constraints.
  • Security Safeguards: We employ appropriate, reasonable technical and organisational measures to secure the integrity of Personal Information under our control and to guard against risk, such as loss, damage or unauthorised access.

Through these steps, we ensure the Processing of your Personal Information remains lawful, reasonable, and aligned with the conditions for lawful processing set out in POPIA, safeguarding your right to privacy while enabling us to deliver our services effectively.

5.2. GDPR (for EU Data Subjects)

In accordance with the General Data Protection Regulation (“GDPR”), where it applies to EU Data Subjects, Kolbe Enterprises processes Personal Data on one or more of the following lawful bases:

5.2.1. Consent

  • Explicit Consent: In situations where consent is required under the GDPR (e.g., for certain marketing communications, newsletters, or the use of optional cookies), we will request that you actively indicate your consent. This may be done by ticking an opt-in box, accepting a cookie banner, or otherwise confirming that you agree to our Processing of your Personal Data for specific purposes.
  • Cookie Banner: Optional or non-essential cookies (including certain analytics or advertising cookies) will only be placed on your device if you provide affirmative consent. You may withdraw such consent at any time by adjusting your browser settings or contacting us directly.
  • Contact Forms: Where Personal Data is gathered via a contact form, you will typically be required to tick a box confirming you have read and agreed to this Privacy Policy. Only once you do so will the data be processed for the stated purpose (e.g., responding to your inquiry).

5.2.2. Contractual Necessity

  • We may process your Personal Data when it is necessary for the performance of a contract or to take steps at your request prior to entering into a contract. For instance, if you engage our consulting, accounting, or media services, we must process certain details (e.g., contact information, billing details) in order to fulfil our contractual obligations to you.
  • Failure to provide the requisite Personal Data under this basis may prevent us from performing the contracted services or concluding a service agreement.

5.2.3. Legal Obligation

  • Where we are subject to a legal or regulatory obligation (e.g., taxation, auditing, anti-fraud checks), we may process your Personal Data to comply with such obligations. In these instances, the processing is strictly limited to what is necessary to meet our legal responsibilities.

5.2.4. Legitimate Interests

  • We may rely on legitimate interests as a lawful basis where Processing is necessary for the purposes of our legitimate interests (e.g., improving Website functionality, monitoring analytics), provided such interests do not override your fundamental rights and freedoms.

5.2.5. Withdrawal of Consent

  • Where Processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of Processing conducted prior to such withdrawal.
  • If you withdraw consent, we will stop the Processing for the specific purpose(s) to which the consent related, unless there is another lawful basis upon which we may continue to process the data (e.g., a legal obligation or legitimate interest).
  • To withdraw consent, please contact us at info@kolbeenterprises.com or follow any “unsubscribe” mechanisms provided in our communications (e.g., newsletters).

5.2.6. Further Compliance Measures

  • Data Minimisation and Purpose Limitation: We process only the minimum amount of Personal Data necessary for the relevant purpose(s), ensuring it is used strictly for the purpose initially defined or for compatible purposes in line with GDPR requirements.
  • Transparency and Fairness: We provide clear and accessible information regarding the Processing of Personal Data, including the identity of the controller (Kolbe Enterprises), the purpose of Processing, and the lawful basis relied upon.
  • Accuracy: We take reasonable steps to ensure Personal Data is accurate and, where necessary, kept up to date. Should you identify any inaccuracies, please notify us so we can rectify them promptly.
  • Security of Processing: We implement appropriate technical and organisational measures (eg, encryption, secure hosting, access controls) to ensure a level of security appropriate to the risks posed by Processing, in alignment with the GDPR’s Article 32 requirements.
  • Data Subject Rights: EU Data Subjects have the right to access, rectify, erase (“right to be forgotten”), restrict, or object to the Processing of their Personal Data, as well as to data portability and the right to lodge a complaint with a competent supervisory authority in the EU. For a full explanation of these rights and how to exercise them, please refer to our GDPR-focused provisions in the main Privacy Policy.

6. Purpose of Processing

We process Personal Information to:

  • Provide and Improve Services: Assess your inquiries, deliver consulting or creative services, and continuously refine our offerings.
  • Communicate: Respond to messages, provide updates, newsletters, and marketing communications (subject to your subscription choices).
  • Analyse and Optimise: Track Website usage, enhance user experience, and gather analytical data to inform business decisions.
  • Ensure Legal Compliance: Fulfil our obligations under applicable laws and regulations.
  • Manage Transactions (forthcoming e-commerce store): Process purchases, payments, and related communications.

7. Retention of Personal Information

7.1. Retention Period

  • We retain Personal Information only for as long as necessary to fulfil the above-stated purposes or to comply with legal and contractual obligations.
  • For newsletters, data is retained until you unsubscribe or opt out.
  • For inquiries or service engagements, data may be retained to maintain service records and satisfy statutory record-keeping requirements.

7.2. Deletion or Anonymisation

  • Upon expiration of the retention period, or upon request (if legally permitted), we will either securely delete or anonymise your Personal Information.

8. Data Security

8.1. Technical and Organisational Measures

  • We implement reasonable and appropriate security safeguards (e.g., secure hosting, encryption, access controls, periodic security assessments) to protect against the unauthorised access, alteration, or disclosure of Personal Information.

8.2. No Absolute Guarantee and Limited Liability

  • While we strive to implement appropriate technical and organisational measures to safeguard your Personal Information, no electronic transmission or storage method can be guaranteed to be 100% secure. You acknowledge and accept that you provide your Personal Information at your own risk. To the maximum extent permitted by applicable law, we shall not be liable for any damages, losses, or liability arising out of or in connection with any unauthorised access to, or breach of, our data security measures, unless such unauthorised access or breach is proven to be the direct result of our gross negligence or wilful misconduct.

8.3. Force Majeure

  • We shall not be liable for any breach or compromise of data security caused by events beyond our reasonable control, including acts of God, cyberattacks, or natural disasters.

9. Sharing and Disclosure

9.1. Third-Party Service Providers

  • We may share Personal Information with trusted third parties (Operators/Data Processors) for hosting, payment processing, marketing support, or analytics. They are contractually bound to protect Personal Information and process it only according to our instructions.
  • Embedded content (e.g., videos, images) behaves as if you visited the source website. External sites may collect data, use cookies, and track interactions.
  • Our site uses LiteSpeed Cache and QUIC.cloud for performance enhancement. See the QUIC.cloud Privacy Policy for more details.

9.2. Legal Requirements

  • We will disclose Personal Information if compelled by a valid court order, subpoena, or other legal process.

10. Cross-Border Transfers

10.1. Transfers Outside South Africa

  • Where Personal Information is transferred outside of South Africa, we ensure compliance with POPIA and, where applicable, GDPR. Such transfers may rely on adequacy decisions, standard contractual clauses, or other lawful mechanisms.

10.2. Transfers from the EU

  • If Personal Data is transferred from the EU to South Africa or any other jurisdiction, we use appropriate safeguards and ensure that data subjects’ rights are respected.

11. Data Subject Rights

11.1. South African Users (POPIA)

  • Request access to or correction of your Personal Information;
  • Object to Processing or withdraw consent in certain circumstances;
  • Lodge a complaint with the Information Regulator if you believe your rights have been infringed.

11.2. EU Users (GDPR)

  • Right of Access: Obtain confirmation whether your Personal Data is processed and request a copy.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data, subject to legal constraints.
  • Right to Restrict Processing and Right to Object: In certain circumstances, object to or restrict Processing.
  • Right to Data Portability: Receive Personal Data in a structured, commonly used format or request its transfer to another controller, where technically feasible.
  • Right to Withdraw Consent: Without affecting the lawfulness of prior Processing.
  • Right to Lodge a Complaint: With a supervisory authority in the EU.

12. Cookies and Similar Technologies

12.1. We use cookies to enhance functionality, remember user preferences, and analyse website traffic. Non-essential cookies (including certain analytics or marketing cookies) will only be placed with your consent, in line with GDPR requirements where applicable.

12.2. You can modify your browser settings to block or delete cookies. However, some features of the Website may not function properly if cookies are disabled.

13. Changes to this Policy

13.1. We may update or amend this Policy from time to time. Changes will be posted on the Website with an updated “Last Updated” date. Continued use of the Website after such changes signifies your acceptance of the updated Policy.

14. Contact Information

For any queries regarding this Policy, or to exercise your data protection rights, please contact:

Address: Centurion, Gauteng, South Africa

Email:

info@kolbeenterprises.com

Telephone:

KO Strategic Advisors: 010 979 0081 | KO Media Collective: 010 979 0082

+27 658788807 (Nadia)

+27 726012634 (Anton)

Scroll to Top