Privacy Policy

Last updated:

1. Introduction

QR Air ("we", "our", "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website qrair.co.za or use our services.

This Privacy Policy complies with:

  • The Protection of Personal Information Act 4 of 2013 (POPIA) of South Africa
  • The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)
  • All other applicable data protection laws

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Contact Information: Name, email address, phone number, company name, physical address
  • Project Information: Details about your business requirements, project specifications, and service needs
  • Communication Data: Messages, inquiries, feedback, and correspondence with us
  • Technical Information: IP address, browser type, operating system, device information
  • Usage Data: How you interact with our website, pages visited, time spent on pages

2.2 Information from Third Parties

We may receive information about you from third parties, including business partners, referral sources, or public sources, but only where lawful and necessary for our business relationship.

3. Lawful Basis for Processing (POPIA & GDPR)

We process your personal information based on the following lawful grounds:

  • Consent: Where you have explicitly agreed to our processing
  • Contract: To perform our contractual obligations or take steps prior to entering a contract
  • Legitimate Interest: For our legitimate business interests, provided they don't override your rights
  • Legal Obligation: To comply with legal requirements

4. How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: To provide web development, mobile app development, and digital solutions
  • Communication: To respond to inquiries, provide quotes, and maintain business relationships
  • Project Management: To manage projects, deliver services, and ensure quality
  • Legal Compliance: To comply with legal obligations and regulatory requirements
  • Business Improvement: To improve our services, website, and customer experience
  • Marketing: To send relevant updates about our services (with your consent)

5. Information Sharing and Disclosure

5.1 Service Providers

We may share your information with trusted third-party service providers who assist us in delivering our services, including:

  • Web hosting providers
  • Cloud service providers
  • Payment processors
  • Analytics providers
  • Communication tools

All service providers are bound by contractual agreements to protect your data and use it only for the specified purposes.

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of others.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

6. International Data Transfers

Your data may be transferred to and processed in countries other than South Africa. We ensure that such transfers are protected by appropriate safeguards, including:

  • Standard contractual clauses approved by the Information Regulator
  • Adequacy decisions by relevant authorities
  • Your explicit consent where required

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit and at rest
  • Secure server infrastructure
  • Regular security assessments
  • Access controls and authentication
  • Employee training on data protection

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Typically:

  • Client project data: Retained for 7 years after project completion for legal and tax purposes
  • Contact information: Retained while we have an active business relationship
  • Marketing data: Retained until you unsubscribe or withdraw consent
  • Website analytics: Retained for 26 months for business analysis

9. Cookies and Tracking Technologies

9.1 Types of Cookies

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Help us understand how visitors use our website
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used to deliver relevant advertisements

9.2 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.

10. Your Rights (POPIA & GDPR)

You have the following rights regarding your personal information:

10.1 Access and Information

You have the right to know what personal information we hold about you and how we process it.

10.2 Rectification

You have the right to have inaccurate personal information corrected or incomplete information completed.

10.3 Erasure

You have the right to have your personal information erased in certain circumstances.

10.4 Restriction of Processing

You have the right to restrict the processing of your personal information in certain circumstances.

10.5 Data Portability

You have the right to receive your personal information in a structured, commonly used format.

10.6 Objection

You have the right to object to the processing of your personal information in certain circumstances.

10.7 Withdrawal of Consent

You have the right to withdraw consent at any time where processing is based on consent.

11. How to Exercise Your Rights

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within:

  • POPIA: 1 month (extendable by 2 months in complex cases)
  • GDPR: 1 month (extendable by 2 months in complex cases)

12. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, in accordance with POPIA and GDPR requirements.

13. Children's Privacy

Our services are not intended for children under 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

15. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: info@yehudasolutions.com
  • Phone: +(27) 81-771-6044
  • Address: South Africa

Information Regulator (POPIA)

For POPIA-related complaints, you can contact the Information Regulator of South Africa:

GDPR Supervisory Authority

If you are located in the EU/EEA, you can lodge a complaint with your local supervisory authority.

16. Governing Law

This Privacy Policy is governed by the laws of South Africa and subject to the exclusive jurisdiction of the South African courts, except where GDPR requirements necessitate compliance with EU law.