• Global
  • ZA
  • US

Centrax Global Privacy Policy


This Privacy Policy is tailored for compliance with the Protection of Personal Information Act (POPIA), the General Data Protection Regulation (GDPR), and relevant USA laws including the California Consumer Privacy Act (CCPA) and Texas-specific regulations.

Scope of this Privacy Policy

This Privacy Policy applies to all Centrax Digital websites that link to it. It also applies to the products and services provided by Centrax Digital through these websites, covering operations in the USA, UK, and South Africa.

Introduction

Centrax Digital is committed to implementing reasonable measures to support compliance with data protection laws, including GDPR, POPIA, and US privacy laws such as the California Consumer Privacy Act (CCPA) and Texas privacy regulations like TITEPA and HB 4390. Data protection by design and by default is applied during the development and delivery of Centrax Digital's services.

Part I – Information Centrax Digital Collects and Processes as a Responsible Party
What Information Centrax Digital Collects

We collect information about you only if we need it for a legitimate purpose, under the following circumstances:

Information Collected Automatically
Information from Third Parties
Purposes for Using Information:
Legal Bases for Collecting and Using Information:
Your Rights Under GDPR, POPIA, and CCPA:
Part II – Information That Centrax Digital Processes on Your Behalf as a Data Processor

You may entrust us with information you control (e.g., customer data). This data is referred to as "service data." We process service data in compliance with your instructions.

How We Use Service Data:

We process service data to deliver services, such as generating invoices or managing marketing campaigns, with your knowledge and consent.

Who We Share Service Data With:

We share service data with employees, independent contractors, and third-party service providers bound by strict confidentiality agreements.

Part III – General
Children’s Personal Information:

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. In compliance with COPPA (USA), we take steps to delete such information if found.

International Data Transfers:

We transfer personal information internationally within our network, adhering to GDPR's SCCs, POPIA’s cross-border transfer rules, and USA regulations. Data is stored securely and transferred under legally approved mechanisms.

Data Retention:

We retain personal data as long as necessary for business or legal purposes. Data is securely deleted or anonymized once no longer needed, according to relevant laws.

Data Breach Notifications:

In compliance with GDPR, POPIA, and Texas laws (HB 4390), we will notify you of any data breaches that affect your personal information. In the EU/UK, this notification will occur within 72 hours of becoming aware of the breach.

Compliance with Legal Obligations and Business Transfers:

We may disclose your personal data to comply with legal obligations or in the event of a business transfer (e.g., merger or acquisition). Any acquiring entity will be required to adhere to this privacy policy.