Privacy Policy

At Pre-Owned Phones, we take your privacy seriously. This Privacy Policy explains how Pre-Owned Phones (“we,” “us,” or “our”) collects, uses, stores, and protects your personal information when you visit www.preownedphones.co.za or purchase products from us.

This policy is governed by the Protection of Personal Information Act, 2013 (Act 4 of 2013) (“POPIA”) and other applicable South African laws.

1. Who We Are

Responsible Party (as defined under POPIA):

Pre-Owned Phones

Johannesburg, South Africa

Website: www.preownedphones.co.za

If you have any questions about this Privacy Policy or how we handle your personal information, please contact our Information Officer via the Contact page on our website.

2. What Personal Information We Collect

We collect personal information that you provide directly to us, as well as information automatically gathered when you use our website. This includes:

Information You Provide

•      Identity information: Full name, ID number (where required for SAPS compliance under the Second-Hand Goods Act).

•      Contact information: Email address, phone number, delivery address, billing address.

•      Payment information: Card details and payment data (processed securely by our payment gateway — we do not store full card numbers on our servers).

•      Account information: Username, password (encrypted), purchase history.

•      Communication records: Messages, emails, support tickets, and reviews you submit.

Information Collected Automatically

•      Device and browser information: IP address, browser type, operating system, device identifiers.

•      Usage data: Pages visited, time spent, click patterns, referral source.

•      Cookies and tracking technologies: See Section 8 below.

3. How We Use Your Personal Information

We use your personal information for the following purposes:

•      Processing and fulfilling orders — including payment, dispatch, delivery, and after-sales support.

•      Communication — sending order confirmations, tracking updates, warranty notifications, and responding to enquiries.

•      Account management — creating and maintaining your customer account.

•      Legal compliance — meeting our obligations under the Second-Hand Goods Act, Consumer Protection Act, tax legislation, and other applicable laws.

•      Marketing — sending promotional emails, special offers, and product updates (only where you have opted in, and you can unsubscribe at any time).

•      Website improvement — analysing usage patterns to improve site performance and user experience.

•      Fraud prevention and security — detecting and preventing fraudulent transactions and protecting our business.

4. Legal Basis for Processing

In line with POPIA, we process your personal information only where:

•      You have given consent for the processing.

•      Processing is necessary to perform a contract with you (e.g., to fulfil your order).

•      Processing is required to comply with a legal obligation (e.g., SAPS reporting under the Second-Hand Goods Act).

•      Processing is necessary to pursue our legitimate business interests, balanced against your rights.

5. Who We Share Your Information With

We do not sell your personal information. We share it only with trusted third parties who help us run our business, and only to the extent necessary. These include:

•      RAM Hand-to-Hand Couriers — for delivery of your orders (name, address, contact number).

•      Payment gateway providers — for secure processing of payments.

•      Shopify — our e-commerce platform provider, which hosts our website and order data.

•      South African Revenue Service (SARS) — for tax and customs compliance where applicable.

•      South African Police Service (SAPS) — for compliance with the Second-Hand Goods Act where required.

•      Email and communication providers — for sending transactional and marketing communications.

•      Analytics providers (e.g., Google Analytics, Meta) — for understanding website usage.

•      Legal and professional advisors — where necessary for legal compliance or dispute resolution.

All third parties are required to handle your information in accordance with POPIA and applicable data protection laws.

6. Cross-Border Transfer of Information

Some of our service providers (such as Shopify, Google, and Meta) may store data on servers located outside of South Africa. Where this occurs, we ensure that adequate data protection safeguards are in place in line with Section 72 of POPIA.

7. How Long We Keep Your Information

We retain your personal information only for as long as is necessary for the purposes set out in this policy, or as required by law. Specifically:

•      Order and transaction records: Retained for at least 5 years as required by the Tax Administration Act and the Companies Act.

•      Second-Hand Goods Act records: Retained for the period required by SAPS regulations.

•      Marketing preferences: Retained until you unsubscribe or request deletion.

•      Account information: Retained for the duration of your account and a reasonable period thereafter.

Once information is no longer required, it will be securely deleted or anonymised.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience, analyse traffic, and personalise content. The types of cookies we use include:

•      Essential cookies — required for the website to function (e.g., shopping cart).

•      Analytics cookies — help us understand how visitors interact with our site (e.g., Google Analytics).

•      Marketing cookies — used to deliver relevant advertising (e.g., Meta Pixel, Google Ads).

•      Preference cookies — remember your settings and preferences.

You can manage or disable cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

9. Your Rights Under POPIA

You have the following rights regarding your personal information:

•      Right of access — to request a copy of the personal information we hold about you.

•      Right to correction — to request that we correct inaccurate or incomplete information.

•      Right to deletion — to request that we delete your personal information, subject to legal retention requirements.

•      Right to object — to object to the processing of your information for direct marketing or other purposes.

•      Right to withdraw consent — where processing is based on consent.

•      Right to lodge a complaint — with the Information Regulator of South Africa.

To exercise any of these rights, please contact our Information Officer via the Contact page.

10. Direct Marketing

We will only send you marketing communications where you have given us consent. You may opt out at any time by:

•      Clicking the “unsubscribe” link in any marketing email.

•      Contacting our support team directly.

Opting out of marketing does not affect transactional communications (e.g., order confirmations, delivery updates, warranty notifications).

11. How We Protect Your Information

We take reasonable and appropriate technical and organisational measures to safeguard your personal information against loss, unauthorised access, alteration, or disclosure. These include:

•      Secure hosting with industry-standard encryption (SSL/TLS).

•      Restricted access to personal information on a need-to-know basis.

•      Secure payment processing through PCI-compliant gateways.

•      Regular review of our security practices.

Despite our best efforts, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to notifying you and the Information Regulator without undue delay in the event of a data breach affecting your information, in line with Section 22 of POPIA.

12. Children's Privacy

Our website and products are not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a child without parental consent, we will delete it promptly.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The updated policy will be posted on this page with a revised effective date. We encourage you to review this policy periodically.

15. Contact Us and Complaints

If you have any questions, concerns, or complaints about this Privacy Policy or our handling of your personal information, please contact us first via the Contact page on our website.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Regulator of South Africa:

The Information Regulator (South Africa)

JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

Email: enquiries@inforegulator.org.za

Complaints: POPIAComplaints@inforegulator.org.za

Website: https://inforegulator.org.za