PRIVACY NOTICE

PRIVACY NOTICE

CoreXalance (Pty) Ltd.

Last updated: 2025
Version: 1.0

INTRODUCTION

CoreXalance (Pty) Ltd (“CoreXalance”, “we”, “us”, “our”) is committed to protecting the privacy and personal information of all individuals and entities with whom we interact. This Privacy Notice explains how we collect, use, store, share, and protect personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA).

RESPONSIBLE PARTY & CONTACT DETAILS

Responsible Party:
CoreXalance (Pty) Ltd
Registration number: 2007/021277/07

Information Officer:
Ms M. Kayser

Contact details:
📍 Roodekrans, Roodepoort, Gauteng, South Africa
📞 (011) 476-1533 / 1552
📧 core@corexalance.co.za

WHAT PERSONAL INFORMATION WE COLLECT

Depending on our relationship with you, we may collect and process the following categories of personal information:

Natural persons

  • Names and contact details
  • Physical and postal addresses
  • Identification numbers and dates of birth
  • Financial and tax-related information
  • Employment-related information
  • Correspondence and communications

Juristic persons and representatives

  • Entity name and registration details
  • Contact persons and authorised signatories
  • Financial, tax, and statutory information
  • Shareholding and beneficial ownership information
  • B-BBEE information

Employees and directors

  • Identification and contact details
  • Employment history and qualifications

PURPOSE OF PROCESSING

We process personal information for lawful business purposes, including:

  • Providing products and services
  • Client and stakeholder communication
  • Administration of agreements and accounts
  • Reporting, research, and analysis
  • Credit vetting, due diligence, and risk assessments
  • Marketing and business development (where permitted)
  • Fraud prevention and regulatory compliance
  • Employment administration
  • Legal and contractual obligations

LAWFUL BASIS FOR PROCESSING

We process personal information only where one or more lawful grounds apply, including:

  • Your consent
  • Performance of a contract
  • Compliance with legal obligations
  • Protection of legitimate interests
  • Establishment, exercise, or defence of legal rights

Special personal information is processed only where permitted by law and with appropriate safeguards.

SHARING OF PERSONAL INFORMATION

We may share personal information with:

  • Service providers and contractors who assist us in delivering services
  • Professional advisors (legal, accounting, compliance)
  • Regulatory authorities where required by law

All third parties are required to implement appropriate security and confidentiality measures.

TRANSBORDER TRANSFERS

Personal information may be stored or processed outside South Africa where we use cloud services or international service providers.

Where this occurs, we ensure that appropriate contractual safeguards are in place and that transfers comply with section 72 of POPIA.

RETENTION OF PERSONAL INFORMATION

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Retention periods are determined with reference to applicable legislation and business requirements. Once no longer required, information is securely destroyed or anonymised.

INFORMATION SECURITY

We implement reasonable technical and organisational measures to protect personal information against loss, unauthorised access, or misuse, including:

  • Access controls and authentication measures
  • Secure IT infrastructure and systems
  • Encryption and secure storage where appropriate
  • Contractual security obligations for service providers

DATA SUBJECT RIGHTS

You have the right to:

  • Request access to your personal information
  • Request correction or deletion of information
  • Object to processing in certain circumstances
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with the Information Regulator

Requests may be submitted to the Information Officer using the prescribed process.

DIRECT MARKTING

We will only send direct marketing communications where permitted by law. You may opt out of marketing communications at any time by following the unsubscribe instructions or contacting us directly.

Request access to your personal information

Request correction or deletion of information

Object to processing in certain circumstances

Withdraw consent where processing is based on consent

UPDATES TO PRIVACY NOTICE

We may update this Privacy Notice from time to time to reflect changes in law or our business practices. The latest version will always be available on our website.

CONTACT US

If you have any questions about this Privacy Notice or how your personal information is handled, please contact:

📧 core@corexalance.co.za

IMPORTANT NOTE

This Privacy Notice is intended for public information purposes. Internal governance, security procedures, and compliance frameworks are addressed separately in our internal POPIA documentation.