Privacy Policy

Legalaut ("we", "our", or "us") is committed to protecting the privacy of individuals who visit our website and use our services. This Privacy Policy explains how we collect, use, share, and safeguard your personal information in accordance with applicable South African law, including the Protection of Personal Information Act 4 of 2013 ("POPIA").

1. Information We Collect

1.1 Information You Provide

We collect personal information that you voluntarily provide to us when you register for an account, subscribe to our services, fill out a form, or otherwise contact us. This may include:

• Full name, email address, and phone number
• Company or organisation name and job title
• Billing address and payment information
• Legal documents or data you upload for processing
• Communications you send to us, including support requests

1.2 Information Collected Automatically

When you access our website or services, we automatically collect certain technical information, including:

• IP address and browser type
• Device identifiers and operating system
• Pages visited, time spent, and navigation paths
• Referring URL and search terms
• Date and time of each visit

1.3 Information from Third Parties

We may receive information about you from third-party sources, such as business partners, marketing partners, social media platforms, and publicly available databases. We may combine this information with other information we collect about you.

2. How We Use Your Information

We use the personal information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve our legal automation services, including document generation, contract management, and analytics.
• Account Management: To create and manage your account, process transactions, and send you related information such as confirmations and invoices.
• Communication: To respond to your enquiries, provide customer support, and send you technical notices, updates, and administrative messages.
• Marketing: To send you promotional communications about our products, services, and events that may interest you, where you have provided consent or where permitted by law.
• Analytics: To analyse usage patterns, monitor the effectiveness of our services, and improve user experience.
• Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements.
• Security: To detect, prevent, and respond to fraud, abuse, security risks, and technical issues.

3. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: We engage trusted third-party companies and individuals to perform services on our behalf, such as hosting, payment processing, email delivery, and analytics. These providers have access to your information only as necessary to perform their functions and are contractually obligated to maintain its confidentiality.
• Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including to meet national security or law enforcement requirements.
• Business Transfers: In the event of a merger, acquisition, reorganisation, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.
• Aggregated Data: We may share aggregated, non-personally identifiable information publicly or with third parties for industry analysis, research, or marketing purposes.

4. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our website. Cookies are small data files stored on your device that help us improve our services and your experience.

4.1 Types of Cookies We Use

• Essential Cookies: Necessary for the website to function properly. These cannot be disabled.
• Performance Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Functional Cookies: Enable enhanced functionality and personalisation, such as remembering your preferences.
• Marketing Cookies: Used to track visitors across websites to display relevant advertisements.

4.2 Managing Cookies

You can control and manage cookies through your browser settings. Please note that removing or blocking cookies may impact your user experience and some features may no longer be available. For more information about cookies and how to manage them, visit www.allaboutcookies.org.

5. POPIA Compliance

As a South African company, we are committed to compliance with the Protection of Personal Information Act 4 of 2013 ("POPIA"). In terms of POPIA:

• We act as a "responsible party" when processing your personal information for our own purposes.
• We process personal information lawfully and in a manner that does not infringe on your privacy.
• We collect personal information for a specific, explicitly defined, and lawful purpose.
• We will not retain your personal information for longer than is necessary for achieving the purpose for which it was collected, unless retention is required by law.
• We have appointed an Information Officer who is responsible for encouraging compliance with POPIA and dealing with requests from data subjects.
• We ensure that adequate technical and organisational measures are in place to secure the integrity and confidentiality of your personal information.

Our Information Officer can be reached at contact@legalautomationhub.co.za.

6. Data Security

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Regular security assessments and penetration testing
• Access controls and multi-factor authentication for internal systems
• Employee training on data protection and security best practices
• Incident response procedures and breach notification protocols
• Regular backups stored in geographically redundant, secure facilities

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider:

• The amount, nature, and sensitivity of the personal information
• The potential risk of harm from unauthorised use or disclosure
• The purposes for which we process the information
• Whether we can achieve those purposes through other means
• Applicable legal, regulatory, and contractual requirements

When your personal information is no longer required, we will securely delete or anonymise it. If deletion is not possible (for example, because the information has been stored in backup archives), we will securely isolate it from any further processing until deletion is possible.

8. Your Rights

Under POPIA and other applicable data protection laws, you have the following rights with respect to your personal information:

• Right of Access: You have the right to request confirmation of whether we hold personal information about you and to request access to that information.
• Right to Correction: You have the right to request that we correct or update any inaccurate or incomplete personal information.
• Right to Deletion: You have the right to request that we delete your personal information, subject to certain legal exceptions.
• Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes.
• Right to Data Portability: You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format.
• Right to Lodge a Complaint: You have the right to lodge a complaint with the Information Regulator of South Africa if you believe your rights have been infringed.

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within 30 days.

9. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Address: 210 Church Street, Pretoria 0002, South Africa
• Email: contact@legalautomationhub.co.za
• Information Officer: contact@legalautomationhub.co.za

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.