Privacy Policy

Protecting your personal information in accordance with POPIA

Last updated: August 6, 2025

Introduction

This privacy policy explains how Arlow Technologies ("we", "us", "our") collects, uses, and protects your personal information in strict compliance with South Africa's Protection of Personal Information Act (POPIA). Your trust is important to us, and we are committed to handling your data responsibly.

Information We Collect

Information You Provide Directly

We collect information you voluntarily provide when using our services, including:

  • Name and contact details (email address, physical address, phone number)
  • Payment and billing information
  • Account registration details
  • Communications you send to us
  • Content you upload to our hosting services

Information Collected Automatically

We automatically collect technical information to ensure security and service functionality:

  • IP addresses and geographic location
  • Browser type and operating system
  • Device information and identifiers
  • Website usage data and analytics
  • Server logs and security monitoring data

Our Role as Responsible Party & Operator

For Your Personal Data

When processing your personal billing and account information, we act as the "Responsible Party" under POPIA. This means we are directly responsible for how your personal data is collected, used, and protected.

For Your Clients' Data

When you upload data belonging to your own customers onto our servers, you are the "Responsible Party" and we are merely the "Operator" acting on your instructions. Our legal responsibility for this data is defined in our Terms and Conditions.

How & Why We Use Your Information

Your information is used for specific, lawful purposes including:

  • Creating and managing your hosting account
  • Processing payments and sending invoices
  • Providing technical support and customer service
  • Communicating important service updates and notifications
  • Monitoring our network for security threats
  • Ensuring compliance with our Acceptable Use Policy
  • Improving our services and developing new features
  • Complying with legal obligations and regulatory requirements

Data Sharing

We do not sell or rent your personal information. We only share it with trusted third-party partners when essential to deliver our services:

Payment Processors

Secure payment gateways to process your payments and handle billing transactions.

Domain Registrars

Registrars like ZACR for .co.za domains to register domains on your behalf.

Service Providers

Technical partners who help us deliver, maintain, and improve our services.

Law Enforcement

When we receive valid legal requests or are required by law to disclose information.

Your POPIA Rights

Under the Protection of Personal Information Act, you have the following rights:

Right of Access

Request access to the personal information we hold about you

Right of Correction

Ask us to correct any inaccurate or incomplete information

Right of Deletion

Request deletion of your information (subject to legal and contractual retention requirements)

Right to Object

Object to the processing of your data for direct marketing purposes

To exercise your rights: Contact us at [email protected] or use the contact details provided below. We will respond to your request within 30 days as required by POPIA.

Data Security & Retention

Security Measures

We implement robust technical and organizational security measures to protect your data:

🔐

Encryption

Data encrypted in transit and at rest

🛡️

Firewalls

Advanced network protection

👥

Access Controls

Restricted access to authorized personnel

Data Retention

We retain your data only for as long as necessary to provide our services and comply with legal obligations (including tax law requirements). Upon termination of your account, we will securely delete your personal information in accordance with our data retention schedule, unless we are required by law to retain it for longer.

International Data Transfers

While we primarily store and process data within South Africa, some of our service providers may be located in other countries. When we transfer personal information internationally, we ensure appropriate safeguards are in place as required by POPIA.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

General Inquiries

Email: [email protected]

Phone: +27 78 338 4474

Privacy-Related Inquiries

Email: [email protected]

Response time: Within 30 days

Updates to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date above. We encourage you to review this policy periodically.