Privacy Policy
Last revised: June, 2026
Relationship Audits SA is committed to protecting your privacy. This Privacy Policy sets out how we collect and process personal information through our website, online systems, and related services.
Where we collect personal information directly through our website and services, such as enquiries and demo requests, Relationship Audits SA acts as the data controller. Where we process personal information on behalf of our clients as part of delivering our survey and research services, we act as a data processor and handle such data only in accordance with our clients’ instructions.
As a global service provider, we process data from individuals across multiple jurisdictions and are committed to complying with applicable data protection legislation in each region, including South Africa’s Protection of Personal Information Act (POPIA) and, where applicable, the EU/UK General Data Protection Regulation (GDPR) and other relevant international data protection laws.
1. Information We Collect
Information visitors provide on our website: Visitors may provide us with personal information when making enquiries through our website, through our contact form or when signing up for a free demo. Our forms collect information such as name and email address. Visitors may additionally choose to provide further information through the online form or in direct communications with one of our partners via email, phone, or in person. We keep copies of such communications for our records. We collect and use this information on the basis of our legitimate interests in responding to and managing enquiries from potential clients.
Information we collect automatically: We may collect information through our website and online systems by automated means, including IP address, browser type, operating system, number of visits, and page interactions. This information is collected using commonly used technologies including cookies. We collect this information on the basis of our legitimate interests in maintaining and improving the performance and security of our website and services.
Information customers provide to us: When customers sign up to use our services, they provide personal information for themselves and designated points of contact, including first and last names, email address, and telephone numbers. They may also provide billing details such as bank information, billing address, and billing contacts. Relationship Audits SA keeps records of all transactional information. We process this information as necessary for the performance of our contract with the customer and to fulfil our obligations under that agreement.
Information we process on behalf of our customers: When customers use our services, they may provide personal information to be input into our system for processing on their behalf. In this capacity we act as a data processor, handling such data only in accordance with our customers’ instructions as defined in the relevant customer agreements. This data is used solely to provide and deliver the services to our customers. The lawful basis for this processing is determined by and remains the responsibility of our customer as data controller.
2. Use of Information
We may use the information we collect for the following purposes:
- Provide and maintain services for our customers
- Communicate with customers and respond to enquiries
- Identify server or IT network issues
- Monitor system usage and performance
- Improve website navigation and system features
- Monitor website traffic and analyse trends
- Investigate and prevent security breaches
- Carry out other legitimate business purposes in compliance with applicable law
3. Storage of Data
The personal data we collect is processed on our secure servers located in the Netherlands, operated by Liquid Web. Any third-party processors we use are identified in Section 4.
Regardless of where your data is stored or processed, we take appropriate steps to ensure that your privacy rights are protected in accordance with this Privacy Policy and the data protection laws applicable to your jurisdiction.
4. Third Party Processors
We may share and disclose personal information to third parties in the following circumstances:
Service Providers: We work with vendors and third-party service providers who require access to personal information to assist in the provision of our services and other business functions:
- SendGrid (email communications): https://www.twilio.com/en-us/legal/privacy
- Liquid Web (infrastructure hosting): https://www.liquidweb.com/policies/privacy-policy/
Licensed Partners: Our platform is licensed to authorised third-party partners in other jurisdictions who operate as data processors in their own right, acting on behalf of their clients as data controllers. In these arrangements, Relationship Audits SA acts as sub-processor, providing the underlying platform through which the licensed partner delivers its services. Each licensed partner is responsible for ensuring that appropriate data protection obligations are in place with their clients and that data subjects are informed of the sub-processing arrangement.
5. Data Retention
Any personal data we process on our clients’ or customers’ behalf is retained in accordance with the relevant client and customer agreements. We only retain data for as long as necessary for the purposes for which it is being processed, and we periodically review the continued relevance of the data we hold. This approach is consistent with the storage limitation principles under POPIA, EU GDPR, UK GDPR, and equivalent international data protection frameworks.
We will delete data when, for example:
- The data subject has withdrawn consent to processing
- A contract has been performed or can no longer be performed
- The data is no longer relevant for the purposes for which it was originally collected
We will delete your personal data from our archives no later than 6 years from the last time it was used for the purposes for which it was originally collected. This retention period reflects our legitimate interest in retaining records for the duration of applicable legal limitation periods, including the 6-year limitation period under the UK Limitation Act 1980 and equivalent provisions in other applicable legal systems.
6. Security
We maintain reasonable and appropriate security measures to protect personal information from loss, misuse, unauthorised access, disclosure, alteration, and destruction. We have physical, electronic, and managerial procedures in place to safeguard and secure the information we collect.
7. International Data Transfers
As a global service provider, we may process personal data from individuals located anywhere in the world. Where personal data is transferred internationally, we take appropriate steps to ensure adequate safeguards are in place in accordance with the data protection laws applicable to the origin of that data.
This includes compliance with:
- POPIA for South African data subjects
- EU GDPR for individuals in the European Economic Area
- UK GDPR for individuals in the United Kingdom
- Equivalent protections for individuals in other jurisdictions
We will not transfer personal data internationally unless we are satisfied that an adequate level of protection is in place, whether through applicable law, binding agreements, standard contractual clauses, or other appropriate mechanisms.
8. Age Limitations
Our services are not directed at children under the age of 18. We do not knowingly solicit or collect personal information from children under the age of 18.
9. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- The right to access your personal information
- The right to correct inaccurate or incomplete information
- The right to request deletion of your personal information
- The right to object to or restrict processing
- The right to data portability (where applicable under EU GDPR or UK GDPR)
- The right to withdraw consent at any time, where processing is based on consent
- The right to lodge a complaint with the relevant supervisory authority
Relevant supervisory authorities include:
- South Africa: The Information Regulator (www.inforegulator.org.za)
- United Kingdom: The Information Commissioner’s Office (www.ico.org.uk)
- European Union: The supervisory authority in your country of residence
To exercise any of these rights, please contact us at info@relationshipaudits.com. We will respond to all requests within the timeframes required by applicable law.
10. Updates to the Policy
We reserve the right to change or update this policy from time to time. If changes are made, we will post the revised policy on our website and update the last revised date at the top of this page.
11. Contact Us
For any questions or concerns regarding the use or disclosure of personal information through our website or services, please contact us at:
Relationship Audits SA Email: info@relationshipaudits.com