Privacy Policy

PRIVACY POLICY

Privacy Policy

1. Overview and Intent

Welcome to Lioness Rising (“Lioness Rising”, “We”, “Us”, “Our”). Our commitment is to empower women to prevent abuse in the future through our various programs and services. This Privacy Policy is designed to transparently outline our practices surrounding the collection, utilization, disclosure, and safeguarding of your personal information as you engage with our website and services, particularly when submitting reservation or quote requests.

As a company dedicated to empowering women to prevent abuse in the future, we handle personal information as a fundamental aspect of conducting our business. This includes organizing and overseeing reservations for events, workshops, or services, and processing requests for quotes. Upholding the privacy and confidentiality of your personal information is a responsibility we take seriously, ensuring that your trust in our services is met with unwavering commitment to discretion and security.

2. What Personal Information we Collect

In accordance with South African data protection legislation, personal information refers to data that can identify a living person directly or in conjunction with other data. This may include but is not limited to opinions, intentions, and identifiable actions relating to an individual.

The scope of personal information we gather encompasses:

  • Identifiers: Essential contact details such as names, addresses, telephone numbers, and email addresses; company names and website; and social media account information.
  • Commercial Information: Records of services requested or other consumer histories related to your interactions with Lioness Rising.
  • Digital Usage Data: Internet or other electronic network activity details, including the devices and networks utilized to interact with us.
  • Financial Data: Payment information is managed through the third-party service PayFast. Lioness Rising does not directly collect or store your credit/debit card numbers, security codes, expiration dates, or other sensitive financial details. This information is processed directly by PayFast, which adheres to its own strict security and privacy protocols.
  • Specific Request Information: Details necessary for completing your reservation or quote request, such as preferred dates, number of attendees, specific service interests, and any special dietary requirements.

When interacting with us for purposes beyond reservations or quotes, such as inquiries or feedback, we may collect pertinent personal information. This includes data necessary for our business operations or that which you voluntarily provide.

Sensitive information, as defined by South African laws (e.g., the Protection of Personal Information Act, POPIA), is collected with the utmost care and only with your explicit consent. This includes racial or ethnic origin, religious or philosophical beliefs, sexual orientation, political association memberships, biometric data, and health information. We collect such details only when necessary for arranging specific services (e.g., dietary restrictions for an event) and will not process this information for unrelated purposes without your renewed consent.

For minors, we collect personal information from a responsible adult when needed for program or event arrangements; however, we do not directly collect data from children without consent.

We commit to only collecting sensitive information when it’s necessary for our services, legally required, or with your explicit consent, and we use it solely for the purpose it was provided, unless you explicitly consent otherwise.

3. How we Collect Personal Information

Our approach to collecting your personal information adheres to the pertinent data protection regulations. We usually gather this data directly from you through various interactions over the course of our relationship. Direct collection is our standard method, resorted to unless it becomes unreasonable or impractical.

Typical circumstances under which we collect your information include:

  • Direct interactions in person, or via telephone, website usage and forms (e.g., reservation, quote, contact forms), letters, emails, social media, and messaging apps like WhatsApp or Telegram.
  • Visits to our websites.
  • We do not have mobile applications.
  • Connections and communications via social media platforms.

We may also gather personal information when you:

  • Inquire about our services or programs.
  • Participate in competitions or sign up for promotions.
  • Opt-in to our marketing communications, such as e-newsletters.
  • Request information.
  • Interact with us or our services on social media platforms.

We respect anonymity; hence, unless you prefer otherwise, we may collect your non-sensitive personal information when you complete surveys or offer feedback without requiring you to reveal your identity.

In certain situations, we might receive your personal information from third parties, such as when someone else makes a reservation on your behalf. When this occurs, we rely on the authority granted by the individual making the request to process this information for all parties involved. When you make a request for others, it is your responsibility to ensure their consent and awareness of our Privacy Policy.

If you discover that your information has been provided to us by someone else without your consent, or if you have not obtained consent before offering someone else’s information, please inform us promptly.

We strive to keep your personal information accurate and up to date, and your assistance is invaluable in this endeavor. Please notify us of any changes or inaccuracies in your data.

Your consent is crucial for providing specific services; a lack thereof might impact the availability or quality of our services. Please note, reservations and quote requests generally require accurate personal details, including full names and contact information. Without this information, service provision could be hindered.

You hold the power to withdraw your consent regarding the use of your personal data at any time. Such a withdrawal must be communicated in writing, following the procedures outlined in section 12 of this policy. Withdrawal of consent does not invalidate the processing of data that is permitted or required by law.

Regarding data retention, we keep your personal data only as long as necessary for the purposes they were collected or as law dictates. If the data is no longer required for these purposes or for legal or business needs, we will cease retention or anonymize the data accordingly.

4. Utilization of Personal Information

Our processing of your personal information is conducted strictly within the confines of your explicit consent, the necessity of providing our services, compliance with legal obligations, and the protection of our legitimate interests or those of third parties who receive your information, as detailed in this and subsequent sections.

Processing Activities

  • For Service Delivery: When you engage with us for a reservation or quote request, the personal data we collect is primarily used to process your request and facilitate the delivery of our services or programs. For example, if you request a quote for a workshop, your information is used to generate and send that quote to you. If you make a reservation for an event, your information is used to confirm your attendance and provide event-specific details.
  • Working with Service Providers: As we may collaborate with service providers (e.g., event venues, catering services, workshop facilitators), your data is processed and shared as necessary to fulfill the services you’ve requested. These providers may have their own use for your information, as defined by their privacy policies, which may involve contacting you directly to obtain additional information or provide services related to your bookings.

Additional Uses:

We also use your personal information for an array of other purposes, such as:

  • Personalizing your experience with our services, like remembering your preferences or auto-filling forms.
  • Error identification and resolution.
  • Prevention and investigation of fraudulent or illegal activities.
  • Compliance with regulatory obligations.
  • Enhancement and development of our products and services.
  • Customer relationship management, including creating profiles to personalize our service offerings and suggesting relevant content based on your interactions with us.
  • Engagement in market research and satisfaction surveys to improve our interactions and services.
  • We do not currently operate a loyalty program.
  • Research and analysis for business functions, examining trends, and customer preferences.
  • Management of internal business accounting and administrative tasks.
  • Adherence to our legal obligations, responding to legal processes, law enforcement requests, and other regulatory requirements pertinent to our operations in South Africa.

Marketing Communications

Where the law permits, we may use your information to send targeted marketing related to our services and those from third parties. However, we will only send you marketing communications if you have consented to receive them, and you have the right to withdraw your consent or opt out at any time. Instructions for unsubscribing will be included in any marketing communications sent to you.

Responsibility in Data Sharing

For circumstances where your personal information is shared with service providers, especially overseas, further details are available in section 5 and 6. If you have any concerns or need additional information about the transfer of your personal information, you can consult the “Connect” section.

Legal and Regulatory Obligations

Lastly, we may use your personal information to fulfill various legal and regulatory requirements, which may include but are not limited to responding to legal processes, law enforcement, and handling other legal matters related to our operations.

Opting Out

If at any time you decide not to receive promotional materials, wish to be excluded from market research or other communications, the “Connect” section provides the necessary steps to opt out. 

5. Disclosure of Personal Information to Third Parties

Your personal information is not a commodity for trade; we do not sell, rent, or trade it. Disclosure to third parties is a controlled process, aligning strictly with the conditions set out in this Notice and in accordance with South African data protection laws. To ‘disclose’ means that we may transfer, share, send, or otherwise make your personal information available to other parties as outlined below.

Entities that May Receive Personal Information:

  1. Service Providers and Contractors:
    • This includes any service required as per Section 4 of this Notice (e.g., event venues, catering, workshop facilitators).
    • IT support services like external data hosting to enhance our service offering.
    • Marketing material distributors, including publishers and printers.
    • Organizers of events and expos.
    • Marketing and communications agencies for market research and analysis.
    • Logistic support such as mailing houses, and courier services.
    • Professional advisors such as lawyers, accountants, and recruitment consultants.
  2. Affiliated Entities:
    • Lioness Rising is affiliated with the experience provider Almost Anything Squad for planning and preparing experiences and the booking process. 
  3. Service-Related Providers:
    • Third-party services like Almost Anything Squad to plan and prepare the experiences and booking process.
  4. Financial Transaction Processors:
    • Banks and financial institutions handling our financial transactions.
    • Credit entities and payment processing providers, specifically PayFast.
  5. Authorized Third Parties:
    • Individuals making reservations or requests on your behalf.
  6. Legal and Regulatory Compliance:
    • As required by South African law or to satisfy our legal responsibilities.
    • Government agencies, courts, and law enforcement for legally sanctioned requests or processes.
  7. Safety and Security Measures:
    • When there’s a reasonable belief that disclosure is vital for protecting life, health, or safety.
    • Regulatory bodies and enforcement agencies involved in preventing or investigating illegal activities.
  8. Third-Party Services:
    • We do not offer third-party login options (e.g., “Login with Google” or “Login with Facebook”).

Additional Disclosures:

  1. Direct Communication:
    • We will share essential contact details with service providers, such as event venues, to inform you of any changes or disruptions to your service directly.
  2. Third-Party Features on Our Websites:
    • For features operated by unaffiliated third parties, such as social networking and geo-location tools, we advise you to review their privacy policies. When you utilize these features, those entities will handle your personal information under their respective policies.

Remember, we take proactive steps to ensure that your personal information is shared responsibly, with respect for your privacy and in line with legal requirements. If you engage with any third-party features, it’s important to stay informed about how these entities may use your information.

6. International Transfer of Personal Information

Given our operations in South Africa, it’s sometimes necessary to share your personal information with entities beyond South Africa’s borders, especially if we utilize cloud hosting, software services, or collaborate with partners located internationally. Here’s how we handle these international transfers:

Compliance with Local Laws:

We conduct any cross-border information sharing in strict compliance with South African data protection laws (primarily POPIA). This ensures necessary safeguards are in place to protect your data during these transfers. Where required, this includes implementing appropriate lawful transfer mechanisms as per POPIA, such as binding corporate rules, standard contractual clauses, or obtaining explicit consent where no other adequate safeguards exist.

Potential Transfer to Different Jurisdictions:

Your data may be transferred to regions where the local data protection laws do not offer the same level of protection as in South Africa. While we take precautions, we can’t assume liability for the data practices of these overseas entities as per local data protection laws.

  1. Data Sharing with Our Global Entities:
    • Lioness Rising does not have any overseas branches or sister companies where data might be shared for operational purposes.
  2. Working with Overseas Service Providers:
    • To deliver the full scope of our services, we may need to share your information with service providers around the globe. Typically, these providers receive information based on the location where they will perform the services or where their business is headquartered. Examples include Google Business services and MailPoet.
  3. Collaboration with Third-Party Service Providers:
    • Some services, like data processing and storage, may be handled by third parties in different countries. We only share data with these parties as necessary for the execution of our services.

Global Network of Service Providers:

We engage with a diverse range of service providers worldwide, making it impractical to list every country your data might be sent to within this Notice. For specific inquiries about where your data is sent, you’re welcome to contact us as directed in the “Feedback / Complaints / Contact” section below (section 12).

7. Security of Your Personal Information

At Lioness Rising, we are deeply committed to the security of your personal information. We pledge to uphold protective measures—both technical and organizational—to shield your data against any accidental or unlawful events that could lead to its destruction, loss, alteration, or unauthorized disclosure while it’s in our care.

Security Measures in Place:

  • We’ve established physical and digital safeguards designed to secure the personal information entrusted to us. This includes using Google Cloud for storing information, which provides robust security infrastructure, encryption for data in transit and at rest, and access controls.
  • Regular updates to our security frameworks ensure they meet the evolving standards of data protection.
  • Our commitment to your data security is as rigorous as the measures we apply to safeguard our own confidential business information.

Limitations of Our Responsibility:

While we control the data within our purview, it’s important to recognize that we are not responsible for the data handling practices of third parties who may collect or process your personal information through their services or platforms.

Data Retention and Disposal:

In accordance with our data governance policy, we will responsibly destroy or anonymize personal information when it is no longer necessary for our business operations or as mandated by applicable South African law.

We ensure that every step in the lifecycle of your personal data, from acquisition to eventual disposal, is managed with diligence and a keen sense of responsibility, reflecting our commitment to your privacy and trust.

8. Your Data Rights

Understanding your rights regarding personal information we collect is crucial for maintaining transparency and trust. Here’s a detailed overview of what you can do under South African law (POPIA):

  • Right to Access (Subject Access Requests): You’re entitled to request access to the personal information we possess about you.
  • Right to Correction/Rectification: You can request updates, modifications, or correction of your personal information if it is inaccurate or incomplete.
  • Right to Deletion/Erasure: You can request the deletion or destruction of your personal information that we hold, subject to legal limitations (e.g., if we are legally required to retain it).
  • Right to Object: You can object to the processing of your personal information in certain circumstances, including for direct marketing.
  • Right to Restrict Processing: You can request that we limit our use of your data under specific conditions.
  • Right to Withdraw Consent: You can retract any previously given consent for processing your personal information at any time.
  • Request Processing: We commit to processing your requests swiftly, adhering to the timeframes mandated by POPIA, typically within a reasonable period, often 30 days unless the nature of your request dictates otherwise.
  • Right to Deny Requests: While we aim to accommodate your requests, there are lawful bases upon which we might decline them. This could relate to national security, corporate finance, or other areas stipulated by law. Should this occur, we’ll document the denial and provide you with a justification as required by POPIA.
  • Complaints: Should you have concerns about our data practices, you have the right to raise a complaint with the Information Regulator of South Africa. Their contact details can be found on their official website.
  • Accurate Information: It is your responsibility to ensure that the information you provide us is accurate and up-to-date. If there are changes or inaccuracies, it’s imperative you inform us promptly.
  • Opting Out of Communications: You can opt-out of marketing communications at any time by using the unsubscribe link in our emails or contacting us directly as mentioned in section 12.
  • Identity Verification: When making a request, we may ask for proof of identity to ensure security and prevent unauthorized data disclosure.
  • Administrative Fees: In certain cases, we reserve the right to charge a fee for requests that are deemed clearly unfounded or excessive, especially if additional copies of data are requested. This will be in line with what is permitted by POPIA.

These rights ensure you maintain control over your personal data and provide a pathway to address any concerns or changes regarding how your information is handled by us.

9. Social Media Integrations

On our platforms, we enrich the user experience with social media features like “Like” and “Share” buttons. These functions are powered by third-party companies, such as Meta (Facebook, Instagram) or X (formerly Twitter), and they operate directly from our website or app, or by the third parties’ platforms. They might collect data related to your usage, like the pages visited on our services, your IP address, and may use cookies for functionality.

Here’s what happens with your data and these social media features (SM Features):

  • Data Linking: If you’re signed into a third-party social media service, they might connect your activity on our services with your profile on their platform. Your interactions might be tracked, and the third-party could send us information aligned with their policies, like your name or contact list.
  • Information Sharing: We might exchange information with these third-party services to tailor marketing on their platforms to your interests, which you can usually control through your social media privacy settings.
  • Privacy Policies: Your engagement with SM Features falls under the third party’s privacy policy. We recommend reviewing those policies to understand how they process your information.

Remember, these integrations are designed to make your experience seamless and socially connected, but you have control over how much of your information is shared through these channels. For more detailed information, refer to the privacy policies of the respective third-party social media companies.

10. IP Address Collection and Use

Whenever you interact with our digital touch-points, be it the website, mobile applications, or electronic communications, our servers might record certain details related to your device and the network you utilize to connect with us. This includes the IP address, which is essentially the numerical label assigned to your device for internet connectivity.

Here’s an insight into how and why we handle IP address data:

  • System Management: IP addresses are crucial for managing and ensuring the smooth functioning of our systems.
  • Security: They are vital in scrutinizing and resolving any security concerns that may arise.
  • Analytics: We aggregate IP address data to amass anonymized statistics about how users engage with our services, which helps in understanding usage patterns and improving user experience.
  • Marketing Personalization: Should you consent to our marketing communications, we might associate your IP address with your personal profile to customize and enhance the relevance of the promotional content we deliver to you.

Our use of IP addresses is always conducted with a commitment to respecting your privacy and in compliance with applicable data protection laws in South Africa.

11. Linked Sites

While navigating through our websites, you might find links that lead you to external, third-party websites. It’s important to acknowledge that these sites are beyond our sphere of influence and control. Consequently, our responsibility does not extend to the privacy practices or content of these external sites.

Here’s what you should consider regarding linked sites:

  • Privacy Practices: Each website operates under its privacy policy. Because their standards and practices may not align with ours, we recommend you review their policies to understand how they will handle your personal information.
  • Content Evaluation: We advise you to critically evaluate the content provided by third-party websites to ensure it meets your expectations and requirements.

We encourage safe and informed Browse, urging you to stay aware of the privacy terms and content standards of any external site you engage with through our digital platforms.

12. Feedback, Complaints, and Contact Information

We are open to hearing from you on any aspect concerning your personal information. Be it feedback, questions, or concerns about how we handle your data, your input is valuable to us.

For Subject Access Requests or Other Inquiries: If you need to update your personal information, access the data we hold about you, request its deletion, or limit its processing, reach out to us at roar [at] lionessrising [dot] org. We’re committed to addressing these requests promptly as mandated by South African law.

Your voice matters in shaping our data protection practices, and we aim to foster a transparent and responsive dialogue.

13. Updates to Our Privacy Notice

Our Privacy Notice may be subject to amendments over time to stay aligned with new regulatory requirements, changes in our business practices, or in response to other relevant factors. When we update the Notice:

  • Notification of Changes: Any revisions will be communicated through an updated version posted on our website. Alongside, we’ll issue a clear notification to bring attention to any substantial modifications.
  • Last Updated: We will always include the date of the most recent update at the end of the Notice to help you identify the latest version.

Your Participation: We rely on you to periodically review the Notice on our website to stay informed about any updates. Your awareness and understanding of our Privacy Notice are essential, as it outlines how we handle and protect your personal data.

Last Updated: July 3, 2025