1. Who We Are
Vitaderm (Pty) Ltd operates the website vitaderm.co.za from South Africa.
2. Contact for Privacy Matters
For any privacy-related requests, questions, or to exercise your POPIA rights:
- Customer Care Line: +27 86 999 0757
- Email: info@vitaderm.co.za
We will respond within 30 days.
3. Information We Collect
- Personal data: Name, email, phone number, billing and shipping addresses (from orders, accounts, or contact forms).
- Payment data: Processed securely via third-party gateways (e.g., PayFast, Ozow)—never stored on our servers.
- Automated data: IP address, device type, browser, pages visited, session duration, and referral source.
- Voluntary data: Product reviews, survey responses, or support messages.
4. How We Use Your Data
We process your data to:
- Fulfil product orders and manage deliveries.
- Prevent fraud and ensure transaction security.
- Provide customer support.
Analyse site performance and user behaviour. - Deliver targeted advertising only if you consent.
5. Legal Basis (POPIA Section 11)
- Contract: To process and deliver your orders.
- Consent: For marketing communications, remarketing, and non-essential cookies.
- Legitimate interest: Site security, fraud detection, and service improvement.
6. Cookies & Tracking Technologies
We use the following:
- Essential cookies: Enable cart, checkout, and site security (active by default, no consent required).
- Google Analytics 4 (GA4): Measures user behaviour—pages viewed, session length, traffic sources, conversion paths. IP addresses are anonymised.
- Google Ads Tag: Enables remarketing across Google’s network to users who previously visited our site.
- Meta Pixel (Facebook/Instagram): Tracks conversions and builds custom audiences for social media ads.
- TikTok Pixel: Tracks ad performance and retargets website visitors on TikTok.
- Google Tag Manager: A container that deploys and manages all tracking tags—it does not collect data itself.
7. Data Sharing
We only share data with:
- Payment processors: PayFast, Ozow, or other PCI-compliant South African gateways.
- Shipping providers: e.g., The Courier Guy, Dawn Wing.
- Advertising & analytics partners: Google (Ads, GA4, Tag Manager), Meta, and TikTok – strictly for ad delivery, measurement, and audience segmentation under data processing agreements.
We do not sell, rent, or trade your personal information.
8. Data Retention
- Order records: 5 years (as required by South African Revenue Service).
- Marketing consent: Until you unsubscribe.
- GA4 user-level data: Automatically deleted after 2 months (default setting).
9. Your POPIA Rights
You have the right to:
- Request access to or correction of your personal data.
- Request deletion (subject to legal retention obligations).
- Withdraw consent for marketing or tracking.
- Object to processing based on legitimate interest.
- Contact us via the details in Section 2 to exercise these rights.
10. Security Measures
- All data transmitted via HTTPS (SSL encryption).
- Payment data handled exclusively by PCI-DSS certified third parties.
- Regular review of third-party tags for compliance and minimal data collection.
11. Policy Changes
Updates will be posted here with a new effective date. Continued use of the site constitutes acceptance.
