Privacy & POPIA Notice

1. Introduction

This Privacy & POPIA Notice for our WooCommerce e-commerce website explains how we actively collect, process, store, and protect your personal information. This applies when you browse our website, place orders, download digital products, subscribe to services, or contact us. This POPIA Notice is an Extension of our Privacy Policy and required. Read our Terms and Conditions and Cookie Policy in conjunction with our Privacy & POPIA Notice.

Accordingly, we comply with the Protection of Personal Information Act, 4 of 2013 (POPIA). In addition, we use clear, plain-English explanations. As a result, you can easily understand how your data is handled within WooCommerce and Mailchimp systems.

2. Personal Information We Collect

When you use our WooCommerce store, we collect personal information directly through checkout forms, account registration, and system records. This information may include:

  • Full name and surname
  • Email address and contact number
  • Billing and delivery address (physical products only)
  • Order details and purchase history
  • Digital product downloads and access logs
  • Subscription status, renewals, and cancellations
  • IP address, browser type, device data, and cookies
  • Customer service communications

Importantly, WooCommerce processes payments through secure third-party gateways. Therefore, we never store or access your card details.

3. How and Why We Use Your Information

We use personal information only for lawful and necessary business purposes.

3.1Physical Products

First, we use your information to:

  • Process orders and confirm payments
  • Generate invoices and order records
  • Arrange deliveries through courier partners
  • Manage refunds, returns, and warranty claims

3.2 Digital Products

Next, we process personal information to:

  • Grant secure access to downloads
  • Track download limits and expiry rules
  • Prevent unauthorised sharing or misuse

3.3 Subscriptions & Services

Finally, where subscriptions apply, we use your information to:

  • Activate and manage subscriptions
  • Process recurring payments and renewals
  • Provide service access and customer support

Consequently, all processing follows POPIA’s requirements for minimality, purpose limitation, and security.

4. Subscription Cancellation & Billing

If you purchase a subscription:

  • Firstly, you may cancel at any time through My Account → Subscriptions or by contacting support
  • Secondly, cancellations take effect at the end of the current billing cycle unless stated otherwise
  • As a result, you retain access until the paid period ends
  • However, partial refunds for unused time are not issued unless required by the CPA
  • In addition, any outstanding charges before cancellation remain payable
  • Finally, WooCommerce sends an automatic email confirmation of cancellation

5. Marketing Communications Popia Notice

We integrate Mailchimp with WooCommerce to manage marketing communications.

5.1 Consent & Lists

Firstly:

  • WooCommerce collects marketing consent through an optional checkout checkbox
  • Only customers who opt in are added to Mailchimp marketing lists
  • Mailchimp records the consent date, source, and IP address

5.2 Message Types

Secondly:

  • Marketing emails and SMS messages require consent
  • Transactional emails, such as order confirmations and subscription notices, do not require consent

5.3 Opt-Out

Finally:

  • You can unsubscribe from emails using the link provided
  • You can opt out of SMS messages by replying STOP
  • Mailchimp automatically updates suppression lists

Accordingly, we never sell or share personal information for third-party marketing.

6. Cookies & Tracking

We use cookies and similar technologies to:

  • Enable essential WooCommerce functions
  • Maintain shopping cart sessions
  • Remember user preferences and login status
  • Analyse website performance and usage
  • Support Mailchimp remarketing, where consent is provided

Essential cookies remain active at all times. Only after your consent marketing and analytics cookies activated. You can manage these settings through your browser or cookie banner.

7. Data Security

We actively protect personal information by applying reasonable safeguards.

These measures include:

  • SSL encryption on checkout and account pages
  • Secure hosting and firewall protection
  • Restricted administrator access
  • Role-based permissions for staff
  • Ongoing monitoring and system updates

To reduce risk we regularly review these controls.

8. Data Breach Notification (POPIA Section 22)

If a data breach occurs within WooCommerce, Mailchimp, or related systems:

  • Firstly, we investigate and contain the incident
  • Secondly, we notify affected users as soon as reasonably possible
  • Additionally, we inform the Information Regulator where required
  • Finally, we provide guidance to help reduce potential harm

9. Your Rights Under POPIA Notice

Under POPIA notice, you have the right to:

  • Access your WooCommerce account information
  • Request corrections or updates
  • Request deletion, subject to legal retention rules
  • Object to certain processing activities
  • Withdraw marketing consent at any time
  • Lodge a complaint with the Information Regulator

10. Responsible Party & Information Officer

We act as the Responsible Party under POPIA. Therefore, we determine how and why personal information is processed. The Information Officer oversees POPIA compliance. In addition, they handle access requests, corrections, objections, and complaints. If you believe that we have used your personal information contrary to this Privacy Notice, you must first attempt to resolve any concerns with us directly.

Firstly completing the contact form on https://onlinehealthshop.co.za/popia-data-request-form/ with your request/concern. Response varies on request/concern but average prosses to reply within 48 hours. It is also the preferred method.

Secondly you can get in contact with our Information Officer on our POPIA RESPONSIBLE PARTIES page.

Information Officer: Johan Booysen
Email: johan@onlinehealthshop.co.za

If you are not satisfied after this process, you have the right to lodge a complaint with the Information Regulator, under POPIA.

The contact details are:
The Information Regulator (South Africa) Woodmead North Office Park, 54 Maxwell Drive, Woodmead, Johannesburg, 2191
complaints.IR@justice.gov.za

Last Review of this Compliance was done on the 16 March 2026.

Self Audited - POPIA Compliant
PRIVACY POLICY      DATA REQUESTS    RESPONSIBLE PARTIES INFORMATION REGULATOR
BPC REPORT 1: 1.3.0 Free 01/05/2026 18:42:31 Active Has SSL Cookies disabeled or was accepted