- How we collect your personal information
- What information we collect and process
- Why we process your personal information
- Disclosure of personal information to third parties
- Security and breach
- Retention of information
- Your rights
- Your responsibilities
- Legal disclosure
1.1. At Who’s Your ADDIE, we value our users’ privacy, and therefore only request and store personal information that is required to carry out our service operations. We implement practices that comply with the South African Protection of Personal Information Act, 4 of 2013, and the General Data Protection Regulation ((EU 2016.679). In this Policy we refer to these as Applicable Law, and explain how we will collect, use and protect your Personal information in compliance with this Applicable Law.
1.2.1. where we refer to a “User” or “you”, this is any person that makes use of the Platform. By using the Platform, all Users agree to this policy regardless of whether they have a membership account;
1.2.2 where we refer to a “Visitor,”, this is any User of the Platform that is not authenticated (logged into an account);
1.2.3. where we refer to a “Vendor”, this is any User that sells digital products on the Platform;
1.2.4. where we refer to a “Customer”, this is any User who purchases or otherwise legally procures a Product from a Vendor on the Platform. Note that all Vendors profiles are by default also Customer profiles;
1.3. This Policy applies to your use of https://www.whosyouraddie.com/ (“the Platform”), including all sub-domains.
1.4. This Policy creates a legally binding agreement between us and you and will apply as soon as you start using the Platform.
1.5. Your use of the Platform will be regulated by this Policy as well as any other policies and terms available on the Platform.
1.6. At times, the Platform may link to external sites that are not operated by us, or display content embedded from external sites. Your engagement with these external sites is governed by their policies. Please be aware that we have no control over the content and practices of these sites, and do not accept responsibility or liability for their respective privacy policies.
1.7. Unless notice is required by Applicable Law, we may change this Policy from time to time in line as required by changes to the law or our business needs, without notice. If any material changes to this Policy occur, we will notify you of this. If you have any questions about how we handle user data and personal information, feel free to contact us.
1.8. It is your responsibility to ensure you are familiar with this Policy and consider it when you make use of the Platform. If you do not agree with any terms outlined in this Policy, you must stop using the Platform.
1.9. This policy is effective as of 01 March 2021.
2. How we collect your personal information
2.1. We collect and use personal information through the following fair and lawful means:
2.1.1. directly from you, such as when you complete the registration or login forms to join the Platform, complete a contact form to contact us, or leave a comment;
2.1.2. from your use of the Platform or use of any features or resources available on or through the Platform;
2.1.3. from third parties when you interact with them through the Platform, where they are authorised to share your Personal Information or your interaction with us as a result of the Services or as required of the third parties to share it with us or otherwise if Applicable Law allows us.
3. What information we collect and process
3.1. When you access the Platform, we collect basic anonymised technical information about your use of the platform, including your IP address, browser, browser settings, device, and session length;
3.2. when you register for an account on the Platform as a Customer, we collect your username, email address and password, as well as your billing address;
3.3. when you register for an account on the Platform as a Vendor, we collect:
3.3.1. your general personal information: username, first name, last name;
3.3.2. your contact information: phone number, email address and billing address;
3.3.3. your shop name and shop URL;
3.4. when an unauthenticated user (a visitor) creates a comment, we:
3.4.1. collect the information included in the form to post the user’s comment;
3.4.2. collect the user’s IP address and browser user agent string, as this assists us with spam detection. Visitor comments may be checked through an automated spam detection service;
3.5. when a Customer or any other site user contacts a Vendor using the contact form, that Customer’s necessary information (name and email address) is collected through the form and shared with the Vendor;
3.6. when you pay for an order, we:
3.6.1. collect and store your preferred method of payment, information provided by the payment gateway service provider, the payment amount, and the date and purpose of the payment transaction as well as the items purchased;
3.6.2. we share the email address which we collected from you with your chosen payment platform, as well as your order details, as this allows us to direct you to the relevant payment platform’s authentication page for you to enter your password there;
3.7. Cookie information as governed by the Cookie section of this Policy;
3.8. records of our interactions with our online advertising on the various websites which we advertise, and records relating to content displayed on web pages displayed to you;
3.9. any views or opinions that you express about us on this or any other publicly accessible platform;
3.10. the details and contents of your direct correspondence with us.
4. Why we process your personal information
4.1. We only process Personal Information for the following purposes as governed by Applicable Law:
4.1.1. to provide you with access to the Platform and its services, as outlined in our agreement with you;
4.1.2. to operate and manage your account or your relationship with us;
4.1.3. to operate and manage your relationship and transactions with other Users of the Platform;
4.1.4. to monitor the financial and operational performance of our business, so that we may continually improve our services and grow our business;
4.1.5. to contact you by email to inform you about important updates to the Platform and its services, including service-related email notifications from time to time, including account activity, legal notices or changes to the platform or its policies. Please note that we take no responsibility for any filtering or other categorisation that the user or email provider applies to emails from us.
4.1.6. to carry out market research, business and statistical analysis and any necessary audits;
4.1.7. to prevent fraud;
4.1.8. to test our processes and security measures,
4.1.9. comply with any relevant legal obligations.
5.1. when you visit our login page, we set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser;
5.2. Visitors who leave comments on the Platform may opt in to store their name, email address and website in Cookies for the sake of their convenience, as this will prevent them from having to re-enter these details to post an additional comment. These Cookies remain active for one year;
5.3. when you log in, we set up several session Cookies to save your login information and your screen display choices;
5.3.1. login Cookies last for two days;
5.3.2. screen options Cookies last for a year;
5.3.3. if you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed;
5.4. if you edit or publish an article, an additional cookie will be saved in your browser. This Cookie includes no personal data and simply indicates the post ID of the article you just edited. This Cookie expires after 1 day;</p>
5.5. in some instances, we collect and store information about your location through cookies (other than when you share your location with us). We convert your IP address or mobile GPS data into a rough geo-location, and we may use location information to improve and personalise the Platform and Services for you.
5.6.1. your IP address;
5.6.2. the time of day you access different pages of the Platform;
5.6.3. the order in which you access different pages of the Platform;
5.6.4. the amount of time you spend on different pages of the Platform;
5.6.5. your approximate geographical location (usually your city).
6. Disclosure of personal information to third parties
6.1. We will keep your Personal Information confidential and secure, and only share it with others in terms of this Policy. We may disclose your Personal Information in the following circumstances:
6.1.1. if a Vendor chooses to include their Personal Information on their shop profile, including using their personal address as their store location, this information will be visible to all Users of the platform;
126.96.36.199. for security reasons we recommend not being specific about the store location, but instead only indicating the country and state or province in this address. Who’s your ADDIE cannot be held liable for any damages incurred when a Vendor chooses to make their Personal Information public on the Platform;
6.1.2. when a Customer or Vendor configures a payment method, we share the customer’s Personal Information with the relevant payment platform in order to link the payment method to the User’s account on the Platform;
6.1.3. when a Customer initiates a transaction with a Vendor,
188.8.131.52. the Customer’s name, surname, email address and billing address are shared with the Vendor;
184.108.40.206. the Customer’s payment information and the details of the transaction are shared with the payment service provider in order to process the transaction;
6.1.4. when an unauthenticated user (a “Visitor”) creates a comment, we:
220.127.116.11. collect the information included in the form to post the User’s comment;
18.104.22.168. collect the User’s IP address and browser User agent string, as this assists us with spam detection. Visitor comments may be checked through an automated spam detection service;
6.1.5. We may collect information about your general access and navigation of the Platform, and share this in an anonymised, protected format with Google Analytics in order to improve our service. This anonymised information includes, for example:
22.214.171.124. your IP address
126.96.36.199. the time of day you access different pages of the Platform;
188.8.131.52. the order in which you access different pages of the Platform;
184.108.40.206. the amount of time you spend on different pages of the Platform;
220.127.116.11. your approximate geographical location (usually your city);
6.1.6. we do not run any automated processes based on your personal information or any profiles that we create from your personal or anonymised usage information;
6.1.7. where necessary, we may also share your Personal information with our service providers or parties who purchase the Platform.
6.3. International transfer: Due to the nature of the Platform as an international marketplace, we may need to transfer Personal Information to and from the different countries for business purposes, such as facilitating transactions between Vendors and Customers. We will only transfer Personal Information to third parties in countries with adequate data protection laws or do so in terms of a written agreement with the recipient which imposes data protection requirements on that party as required by Applicable Law.
7. Security and breach
7.1. We value the security and privacy of all our Users’ Personal Information, and protect this Information with the appropriate commercially acceptable technical and organisational security and access-control measures as a means to protect your Personal Information against accidental or unlawful destruction, loss, alteration, disclosure and access.
7.2. Although we will implement all reasonable measures to protect your Personal Information, we cannot guarantee its security as the Internet is a vulnerable space. Therefore you agree that any transfer of your Personal Information via the internet is at your own risk.
7.3. If the data protection protocols of the Platform are breached, we will notify you whether your information is at risk as a result of this breach within 24 hours of discovery of the breach.
7.4. Please note that while we will make every effort to avoid damage or loss as a result of unauthorized access to your data, we do not accept liability for any damages incurred as a result of such a breach.
8. Retention of information
8.1. We do our best to ensure we process and store our Users’ Personal Information only for the following periods of duration:
8.1.1. the minimum period necessary for the legitimate business processes we need to perform with your data;
8.1.2. the minimum period as required by Applicable Law or regulatory measures;
8.1.3. the duration of any period necessary to establish, exercise or defend any legal rights;
8.1.4. where applicable and requested by you, we will retain your information for a longer period than is necessary for us, for the sake of your convenience, for example when you check the “Remember me” box on the login page.
8.2. We may retain the following types of information indefinitely:
8.2.1. when a User leaves a comment, the comment and associated metadata are retained indefinitely so that we can recognise and approve any follow-up comments automatically instead of holding them in the moderation queue;
8.2.2. de-identified or anonymised formats of your information may be kept indefinitely for statistical business purposes, in order to improve our products and services.
9. Your rights
9.1. As governed by Applicable Law, you have the following rights regarding your Personal Information on the Platform:
9.1.1. right of access: you have the right to request access to your Personal Information that we store and process;
18.104.22.168. you can view most of your Personal Information stored on the Platform on your Account page if you are a Customer, and on your Vendor Dashboard if you are a Vendor;
22.214.171.124. to request a full list of your personal data stored on the Platform, feel free to contact us.
9.1.2. right to information portability: you may request a copy of your Personal Information and request that we transmit your information to another person or entity;
9.1.3. right to rectification: you have the right to request that we amend or update your Personal Information when it is inaccurate or incomplete;
126.96.36.199. you can amend, edit or update most of your Personal Information stored on the Platform on your Account page if you are a Customer, and on your Vendor Dashboard if you are a Vendor, with the exception of your username;
9.1.4. right to erasure: you have the right to request that we delete your Personal Information, subject to limitations and exceptions;
188.8.131.52. to remove your information from the Platform, you can deactivate your account and we will remove your Personal Information from the Platform within 14 days of receiving your notice of deactivation, except in cases where we are legally required or justified to retain this information for a longer period;
9.1.5. right to restrict processing: you have the right to request that we stop processing your Personal information;
9.1.6. right to object: you have the right to object to us:
184.108.40.206. processing your Personal Information, in which case you may no longer be able to use the Platform and services;
220.127.116.11. processing your Personal Information for direct marketing;
9.1.7. right to be subject to automated decision-making: where a decision that has a significant effect is based solely on automated decision making, you may request that your Personal Information not be processed.
9.1.8. concerning consent:
18.104.22.168. you are free to refuse a request from the Platform for your personal information, with the understanding that we may be unable to provide you with some of your desired services;
22.214.171.124. you also have the right to withdraw your consent for us to process your Personal information, except where there is legal justification for us to continue processing your Personal Information.
9.2. For users or visitors in the European Economic Area, for the purposes of applicable EU data protection law, we are a ‘data controller’ of your personal information.
9.4. You also have the right to formally lodge a complaint in terms of Applicable Law as follows:
9.4.1. for Users located in South Africa Users: you may lodge a complaint in terms of POPI with The Information Regulator at firstname.lastname@example.org;
9.4.2. for Users located in the European Union: you may lodge a complaint in terms of GDPR with The European Commission using the online complaint procedure.
10. Your responsibilities
10.1. When you make use of the Platform, you are responsible for ensuring the accuracy of your personal information, and for providing it to us using secure means, and agree to:
10.1.1. store your Who’s your ADDIE passwords and usernames safely and securely;
10.1.2. never share your Who’s your ADDIE login information or other sensitive account details with another person or entity;
10.1.3. never sell or transfer your Who’s your ADDIE account(s) to another person or entity;
10.1.4. in other ways use the Platform responsibly to protect your own Personal Information; including making use of the following recommended security practices when setting your account(s):
10.1.4.1. do not upload images or other assets that contain embedded location data (EXIF GPS); Visitors to the Platform can download and extract this location data;
10.1.4.2. do not indicate your exact location anywhere on your account, including your Vendor profile and Shop location if you are a Vendor;
10.1.5. accept responsibility for all activity that occurs on your account(s) on the Platform;
10.1.6. notify us of any security breaches or unauthorised access to your account.
10.1.7. use your services at your own risk; although we will do our best to protect your information using industry standard security measures, we are not liable for any cost, damage, liability, loss or expense caused by or in connection to authorized use of your account(s);
10.2. Please note that when you transfer any Personal Information directly to a third party in another country (i.e. we do not send your Personal Information to the third party), we are not responsible for that transfer of Personal Information (and such transfer is not based on or protected by this Policy). Any Personal Information that we receive from a third party country will nevertheless be processed in terms of this Policy.
11. Legal disclosure
11.1. Platform owner: Who is your ADDIE (Pty) Ltd 9342547912
11.2. Legal status: Who is your ADDIE is a private limited company, duly incorporated in terms of the applicable laws of South Africa.
11.3. Directors: S Bandli and L Steenkamp
11.4. Description of main business: Who is your ADDIE is a multi-vendor marketplace for e-learning templates and assets.
11.5. Website: www.whosyouraddie.com
11.6. Email: email@example.com