Last Updated: [05 February 2025]
(Previous versions are archived and can be provided on request.)
At Inbound Orbit (“IO,” “we,” “us,” “our”), we adhere to the highest standards of data protection and privacy. We understand that safeguarding your personal data is crucial. This Privacy Policy explains how we collect, use, store, and disclose your personal data when you use our services, visit our website at https://www.inboundorbit.co.uk/ (the “Platform”), or otherwise engage with us.
This Privacy Policy has been compiled to address compliance requirements under both South African data protection law (POPIA) and UK data protection law (UK GDPR). By accessing or using our Platform or services, or otherwise providing us with personal data, you confirm that you have read and understood this Privacy Policy. If you do not agree with any part of this Privacy Policy, you should refrain from using our Platform or services.
Note: This Privacy Policy supplements any other privacy notices or fair processing notices we may provide on specific occasions. It is not intended to override them.
This Privacy Policy gives you information on how we collect and process your personal data through any form of engagement with us—whether you use our Platform, engage our services, or otherwise interact with our business. If you have any questions regarding how we use your personal data, please contact us (see 1.3 Our Contact Details below).
We do not intentionally process the data of minors or special categories of personal data (such as health data), and we request that you do not provide such information to us. Doing so may constitute a breach of this Privacy Policy.
You have the right to lodge a complaint with the Information Regulator’s Office of South Africa, the Information Commissioner’s Office (ICO) in the UK, or another relevant supervisory authority if you believe we are mishandling your personal data. However, we would appreciate the opportunity to address your concerns before you approach any regulator, so please contact us first.
We reserve the right to update or amend this Privacy Policy from time to time. Any changes will become effective upon posting the revised version on our Platform. Your continued access or use of our services after these changes become effective indicates your acceptance of the revised Policy.
Our Platform may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party platforms and are not responsible for their privacy statements or practices. We encourage you to read the privacy policies of every third-party service or website you engage with.
“You” refers to individuals or entities who use our services, contribute content, or otherwise engage with IO, including visitors to our Platform.
Personal data means any information relating to an identified or identifiable natural person (or, in some instances, identifiable juristic persons, under POPIA). It does not include data where the identity has been removed (anonymous data).
We may collect, use, store, and transfer different kinds of personal data, including but not limited to:
We also collect, use, and share Aggregated Data (such as statistical or demographic data). Aggregated Data is not considered personal data unless it can identify you directly or indirectly. If we ever combine Aggregated Data with your personal data in a way that identifies you, we will treat the combined data as personal data.
Important: If you fail to provide personal data where required by law or where we need it to perform a contract with you, we may be unable to provide or continue to provide our services.
Please do not provide us with third-party personal data without having a lawful basis (e.g., consent). By submitting third-party personal data, you confirm you have the legal right to do so and indemnify us against any liability arising from your unauthorised disclosure.
We use a variety of methods to collect personal data:
Direct Interactions
You may provide personal data directly by using our services, signing up for our Platform, entering into a contract with us, filling in forms, or corresponding with us by email, phone, or otherwise.
Automated Technologies/Interactions
As you interact with our Platform, we may automatically collect Technical Data (e.g., via cookies, server logs, and similar technologies). If you visit other websites or platforms employing our cookies, we may also receive data about you from them.
Third Parties
We only use your personal data where the law allows us to. Common lawful bases under the UK GDPR and POPIA include:
We may process your personal data for more than one lawful basis depending on the purpose. Typical examples of why we process personal data include:
We aim to give you control over your personal data, including how we use it for marketing. You will receive marketing communications from us if you have requested such communications or if you have purchased services from us and opted to receive marketing.
If you wish to stop receiving marketing messages, you can follow the “unsubscribe” link in any marketing communication or contact us directly. Opting out of marketing messages will not affect personal data processed for other lawful purposes (e.g., performance of a contract).
We may share your personal data with:
We require all third parties to respect the security and confidentiality of your personal data and to process it only for the purposes we specify, in compliance with the law.
We use cookies to collect Technical Data and to help improve user experience. Cookies are small text files placed on your device by the web server. You can block or disable cookies via your browser settings, but doing so may limit some features on our Platform.
This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customise your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.
We are based in South Africa, and our servers or service providers may be located in the UK, the EU, or other countries. Whenever we transfer your personal data out of your country of residence:
We have put in place appropriate technical and organisational measures to safeguard your personal data from unauthorised access, use, alteration, or disclosure. Access to your personal data is limited to those employees, agents, contractors, and other third parties who have a legitimate business need. They are subject to a duty of confidentiality.
We also have procedures to manage any suspected personal data breach and will notify you and relevant regulators where legally required to do so.
We only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider:
You may request deletion of your personal data or account at any time by clicking here. We will delete or anonymise your personal data unless it must be retained for legitimate business or legal reasons (e.g., outstanding payments, dispute resolution).
Depending on your location and subject to the restrictions of applicable law (e.g., UK GDPR, POPIA), you may have the right to:
If you wish to exercise any of these rights, please contact us or click here for access or erasure. We may request additional information to verify your identity. We aim to respond to all legitimate requests within one month, but complex requests may take longer.
For users who are not located in South Africa, we still endeavour to respect and follow relevant data protection obligations, including the UK GDPR. If you believe we are not processing your personal data lawfully, you have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK).
If you have any questions or comments about this Privacy Policy, or if you wish to exercise your data protection rights, please contact our Information Officer / Data Protection Contact:
We appreciate the opportunity to address any concerns you may have. If you are not satisfied with our response, you may lodge a complaint with the Information Regulator in South Africa or with the Information Commissioner’s Office (ICO) in the UK.
If you have any questions or need clarifications, please contact us at any time or click here to erase or access your data..