At ZAPPAD, we are committed to maintaining the trust and confidence of visitors to our website, and users of our products and services. In particular, we want you to know that ZAPPAD is not in the business of buying, selling, renting or trading email lists with other companies and businesses for marketing purposes.
You can contact us with data information requests via email at info@zappAD.co.za, or alternatively leave a message on our Contact Us page.
The personal information gathered through details submitted via the Site will not be used for anything other than that which is stated in the Terms and Conditions. Such gathered personal information may be stored and used by us indefinitely in order to fulfil our services, which include the promotion of our products and services.
2.1. What Are Cookies?
Cookies are essential for the effective operation of our website and to help you manage your profile and payments. They are also used to tailor the products and services offered and advertised to you, both on our websites and elsewhere.
2.2. Information Collected
2.3. How Are Cookies Managed?
The cookies stored on your computer or other device when you access our websites are designed by:
2.4. What Are Cookies Used For?
The main purposes for which cookies are used are:
2.5. What Happens If I Disable Cookies?
This depends on which cookies you disable, but in general the website will not operate properly if cookies are switched off. If you only disable third party cookies, you will not be prevented from making purchases on our sites. If you disable all cookies, you will be unable to complete a purchase on our site, some buttons will become inactive, and some navigation functionality will be lost.
3.1 About Our Customer Database
We have our own customer database which is stored on servers and is never transferred, duplicated or backed up outside of the Republic of South Africa. Stringent measures are in place to prevent unauthorised access to this database, including IP locking and strong “need to know basis” access policies.
3.2. Who Has Access?
Access to the raw data is limited to a very small handful of people who legitimately need to use it within ZAPPAD, as well as senior partners at our third party web development company, Digital Interactive – www.di.co.za
Our customer experience team and finance team, via the administration section of our website, have access to all customer details including name, physical address, email address, order history and transactions. Only the head of department can access the raw underlying data.
Our web development team, employed by our third party provider, work with an anonymised copy of the live database (the same underlying data, but with all references to identifiable personal information scrambled, including names, email addresses, postal addresses, and phone numbers).
Access keys for our various third party services are stored securely external to the code to which developers have access.
4.1. Activities That Require An Account
Certain activities you might perform on our website require you to have an ZAPPAD account. These include:
When you create an account, we ask for your personal details (such as first and last names), your login details (such as email address and a password), your contact details (such as your cellphone number and physical address).
When you create an account, your password is stored encrypted using an industry standard password hashing mechanism which isn’t reversible, so nobody can find out what your password is in plain text. We encourage our customers to use difficult to guess passwords or passphrases, and to use a password manager to discourage password sharing between websites.
4.2. How To Keep Your Data Up To Date
You can update your data on the My Profile page once you have successfully logged in. Alternatively, you can leave a message on our Contact Us page we will update it on your behalf.
4.3. How Long Do We Keep Your Account Data
We will retain your ZAPPAD account data indefinitely.
Your account can either be suspended or terminated depending on the reason for investigation or cancellation of your account, however, we cannot remove every detail of your account. If you have ever bought anything from us we are required by law to retain financial records for at least 5 (five) years, so we will not be able to completely remove you if you have made any payments more recently than this (see the OUR ADVERTISER section below for more details).
5.1. About Our Advertiser Section
If you advertise on zappAD, you are required to log into your account or to create an account in order to process the subscription payment. This is to enable us to fulfill our contractual obligation to you which begins at the point of sale.
5.2. Who Deals With Our Payments
Our Payment Service Provider for Credit Card and Debit Order transactions is PayFast and PayPal.
PayFast/PayPal provides a secure payment gateway, processing payments for thousands of online businesses, including ours. It is PayFast/PayPal’s utmost priority to ensure that transaction data is handled in a safe and secure way.
PayFast/PayPal uses a range of secure methods. Once on the PayFast/PayPal systems, all sensitive data is secured using internationally recognised encryption standards.
PayFast/PayPal is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits from a certified Qualified Security Assessor (QSAs). They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.
5.3. Who Has Access To Financial Data
Access to our PayFast/PayPal data is restricted to our customer experience and finance teams. The heads of our web and operations teams (including our senior partners at our web development company, Digital Interactive) also have access in order to be able to manage the integration with our site, and act as tier 3 level support in case of unusually problematic transactions. The financial team can request and confirm manual payments.
5.4. Transactional Emails
You will receive an email to confirm your credit card or debit order transaction and payment and that your order has been fully processed. EFT transactions will receive an email with confirmation for your order in process and will receive a second email to confirm your payment.
In order to Advertise Products via your subscription plan, you have to be logged in.
We log information about the progress of your downloaded content (the number of downloads of a listing), including your operating system and IP address. We do this so that our customer experience team can diagnose problems more effectively if something goes wrong, as well as for the purpose of recognising and preventing unusual advertising activities.
This data may also be used statistically to help us improve the quality, reliability and speed of our advertsing service.
We update our documents, products and the Site from time to time, either to fix errors and bugs or to add new features. These updates are typically free for all existing users. In order for us to be able to notify you via email of important updates, we must retain your account email address and your order history.
7.1. Contact Us
At ZAPPAD we want satisfied customers. In order for us to help you we will often need to know a little bit about you. If you leave a message on our Contact Us page you will be required to leave your name, email and contact number along with your message.
You can contact us via email at the appropriate email addresses provided on our website.
In the process of servicing your request, you may have to provide details about your account (if applicable) in order for us to help you. Additionally, we may ask for personal or financial information; or details of your order history; or your hardware and software. All such information may be retained for future reference.
7.3. How Long We Keep Your Service Data
We retain all customer service requests (including messages and emails) indefinitely. This is to ensure that we have a full case history of any problems you may have experienced in the past, and can refer back to these when necessary.
8.1. Google Analytics
When someone visits www.zappAD.co.za we use a third party service, Google Analytics, to collect standard internet log information (e.g. geographical location, OS and browser information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Besides members of our own internal marketing team, the other third party who have access to Google Analytics information is Mindmuzik Technologies, who administer the analytics service integration on our behalf.
We have taken all reasonable steps to safeguard the privacy of information provided by you, but we do not make any representations or warranties that the information provided by you, whether personal information, or otherwise, is absolutely safe and secure. Should a data breach occur, we will take immediate measures to stop it and minimise its impact.
9.2. What Is A Data Breach?
We consider a data breach to be one or more of the following:
9.3. Investigation and Containment
If we discover or are notified of any of the above:
We will firstly determine whether the breach is ongoing, and if so, take immediate measures to stop it and minimise its impact.
Secondly, we will investigate the extent and severity of the breach and assess the risks associated with it, for example, the potential adverse consequences for individuals, how serious or substantial those are and how likely they are to occur. This investigation will consider the following:
After investigating the breach, we will determine whether it is necessary to report it, and if so, will do so within a maximum of 72 hours of becoming aware of the breach, if possible.
Every incident will be assessed on a case by case basis. The following will be considered:
Individuals whose personal data has been affected by the incident, and where it has been considered likely to result in a high risk of adversely affecting that individual’s rights and freedoms will be informed without undue delay. Notification will include a description of how and when the breach occurred and the data involved. Specific and clear advice will be given on what they can do to protect themselves, and include what action has already been taken to mitigate the risks. Individuals will also be provided with a way in which they can contact us for further information or to ask questions on what has occurred.
We will consider notifying third parties such as the police, insurers, banks or credit card companies. This would be appropriate where illegal activity is known; or is believed to have occurred; or where there is a risk that illegal activity might occur in the future.
We will consider whether our marketing team should be informed regarding a press release and to be ready to handle any incoming press enquiries.
An internal record will be kept of any personal data breach, regardless of whether notification was required.
9.5. Evaluation and Response
Once the initial incident is contained, we will carry out a full review of the causes of the breach, the effectiveness of the response(s) and whether any changes to systems, policies and procedures should be undertaken.
Existing controls will be reviewed to determine their adequacy, and whether any corrective action should be taken to minimise the risk of similar incidents occurring.
The review will consider:
If deemed necessary, a report recommending any changes to systems, policies and procedures will be considered by the ZAPPAD board.