Order Now: Click & Collect | Delivery Within 30km

Privacy policy

PRIVACY NOTICE


TABLE OF CONTENTS


1 INTRODUCTION 2
2 WHO ARE WE? 3
3 WHAT SORTS OF PERSONAL INFORMATION DO WE HOLD? 3
4 OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION 4
5 HOW DO WE USE YOUR PERSONAL INFORMATION? 4
6 COOKIES AND SIMILAR TECHNOLOGIES 5
7 BANKING AND FINANCIAL INFORMATION 5
8 USER DETAILS SEPARATE FROM CARD DETAILS 5
9 KEEPING YOU INFORMED ABOUT OUR PRODUCTS AND SERVICES 5
10 YOUR RIGHTS 6
11 AUTOMATED DECISION MAKING AND PROFILING 7
12 HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION FOR? 7
13 SECURITY 7
14 CONTACT US 8
15 POLICY CHANGE 8
16 LAST MODIFIED 8



1 INTRODUCTION

1.1 We understand that your privacy and the security of your personal information is extremely important. This notice sets out what we do with your personal information, what we do to keep it secure, from where and how we collect it, as well as your rights in relation to the personal information we hold about you.

1.2 This policy applies if you interact with us through our stores, over the phone, online, via email, through our mobile applications or otherwise by using any of our websites or interacting with us on social media.

1.3 If you don’t want to read all the detail, here are the things we think you’d really want to know

1.3.1 We share your personal information with third parties where it is necessary to provide products and services to you.
1.3.2 We do use a number of third parties to process your personal information on our behalf.
1.3.3 You have a number of rights over your personal information. How you can exercise these rights is set out in this notice.
1.3.4 We do send direct marketing, if we’re allowed to. And we do this to encourage you to buy our products and services by sending you offers and ideas that we feel will be of benefit to you. If you want us to stop you can request us to stop and opt-out of receiving our marketing communication.
1.3.5 We also use your information to display more relevant online advertising and marketing relating to our products and services on our website, on other websites and online media channels.
1.3.6 Our website is not intended for children and we do not knowingly collect children’s data.

2 WHO ARE WE?

When we say ‘we’ or ‘us’ in this policy, we are referring to Hotbake Systems Proprietary Limited t/a Hotbake.

3 WHAT SORTS OF PERSONAL INFORMATION DO WE HOLD?

In order to offer you services and products we will hold the following personal information –

3.1 information that you provide to us such as your name, address, identification number, telephone number, email address, and any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;

3.2 information about the services that we provide to you (including for example, the things we have provided to you, when and where, what you paid, the way you use our products and services, and so on);

3.3 your customer profile account login details for our website, including your email address and chosen password;

3.4 information about whether or not you want to receive marketing communications from us;

3.5 information about any device you have used to access our services (such as your device’s make and model, browser or IP address) and also how you use our services; and

3.6 your contact details and details of the emails and other electronic communications you receive from us, and how you interact with them. For example whether the communication has been opened, if you have clicked on any links within that communication and the device you used. We do this because we want to make sure that our communications are useful for you, so if you don’t open them or don’t click on any links in them, we know we need to improve our Services.

4 OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION

Whenever we process your personal information we have to have something called a “legal basis” for what we do. The different legal bases we rely on are –

4.1 Consent You have told us you are happy for us to process your personal information for a specific purpose (s);

4.2 Legitimate interests The processing is necessary for us to conduct our business, but not where our interests are overridden by your interests or rights.

4.3 Performance of a contract We must process your personal information in order to be able to provide you with one of our products or services;

4.4 Legal obligation We are required to process your personal information by law.

5 HOW DO WE USE YOUR PERSONAL INFORMATION?

We may use your information in the following ways –

5.1 To provide our products and services - we need to use your personal information to make our products and services available to you. After that, we need to provide them to you, process your payment and sometimes award with promotions. We need to use your details to do all this.
5.2 To improve your shopping experience - we try to understand our customers so we can provide you with a great shopping experience, personalised offers, shopping ideas and online advertising.
5.3 Analytics and profiling - we use your personal information for statistical analysis and to help us understand more about our customers. That includes understanding the products and services you buy. This helps us to serve you better and to find ways to improve our services, stores and website. These profiles help us to send you offers that are more relevant to you.
5.4 Contacting you - we use your personal information to contact you. This may be in relation to a service update, an issue you have raised with us, to conduct market research or to ask for your feedback.
5.5 Marketing and advertising - we use your personal information to provide relevant marketing communications (including by email, phone, SMS, WhatsApp or online advertising), relating to our products and services, and those of our suppliers and the Rich Group. As part of this, online advertising may be displayed on websites across the Rich Group.
6 COOKIES AND SIMILAR TECHNOLOGIES

We use cookies to help give you the best experience on our websites. For more information please see our full Cookie Policy.

7 BANKING AND FINANCIAL INFORMATION

Card Purchases and Security

Card transactions will be acquired for Hotbake via PayGate Proprietary Limited ("PayGate") who are the approved payment gateway for all South African Acquiring Banks. DPO PayGate uses the strictest form of encryption, namely Secure Socket Layer 3 (SSL3) and no Card details are stored on the website. Users may go to www.paygate.co.za to view their security certificate and security policy.

8 USER DETAILS SEPARATE FROM CARD DETAILS

The user details stored by Hotbake are separate from the card details which are entered by you on DPO PayGate’s secure site. For more detail on DPO PayGate refer to www.paygate.co.za.

9 KEEPING YOU INFORMED ABOUT OUR PRODUCTS AND SERVICES

9.1 We would like to tell you about the great offers, ideas, products and services we offer from time to time that we think you might be interested in. Where we have consent or it is in our legitimate interests to do so, we may do this by email, text message, WhatsApp, phone, through online advertising or by any other electronic means.

9.2 We won't send you marketing messages if you tell us not to, but if you are a customer we will send you occasional messages and may send you surveys (you can always opt out of these via the survey email itself). If you wish to amend your marketing preferences, you can do so by clicking the unsubscribe link in any email notification, replying "Stop" to any SMS, or by emailing customerservice@hotbake.co.za.

9.3 Please note that it can take a little while for all marketing to stop once you either withdraw your consent or tell us you’d like to opt out of marketing. This is because some marketing may have been identified as relevant to your interests and may already be in transit, it cannot therefore be immediately stopped.

10 YOUR RIGHTS

10.1 You have a number of rights under data protection legislation which, in certain circumstances, you may be able to exercise in relation to the personal information we process about you.

10.2 These include –

10.2.1 the right to access a copy of the personal information we hold about you;
10.2.2 the right to correction of inaccurate personal information we hold about you;
10.2.3 the right to restrict our use of your personal information;
10.2.4 the right to be forgotten;
10.2.5 the right of data portability; and
10.2.6 the right to object to our use of your personal information.

10.3 Where we rely on consent as the legal basis on which we process your personal information, you may also withdraw that consent at any time.

10.4 If you are seeking to exercise any of these rights, please contact us at customerservice@hotbake.co.za. Please note that we will need to verify your identity before we can fulfil any of your rights under data protection law. This helps us to protect the personal information belonging to our customer against fraudulent requests.

11 AUTOMATED DECISION MAKING AND PROFILING

11.1 We use automated decision making, including profiling, in certain circumstances, such as when it is in our legitimate interests to do so, or where we have a right to do so because it is necessary for us to enter into, and perform, a contract with you. We use profiling to enable us to give you the best service across the Rich Group, including specific marketing which we believe you will be interested in.

11.2 You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effects for you or affects you in any other significant way.

12 HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION FOR?

We will keep your personal information for the purposes set out in this privacy policy and in accordance with the law and relevant regulations. We will never retain your personal information for longer than is necessary.

13 SECURITY

We take protecting your personal information seriously and are continuously developing our security systems and processes. Some of the controls we have in place are –

13.1 We limit physical access to our buildings and user access to our systems to only those that we believe are entitled to be there;
13.2 We use technology controls for our information systems, such as firewalls, user verification, strong data encryption, and separation of roles, systems and data;
13.3 Systems are proactively monitored through a “detect and respond” information security function;
13.4 We utilise industry “good practice” standards to support the maintenance of a robust information security management system; and
13.5 We enforce a “need to know” policy, for access to any data or systems.

14 CONTACT US

If you would like to exercise one of your rights as set out in the “Your Rights" section above, or you have a question or a complaint about this policy, or the way your personal information is processed, please contact us by email on customerservice@hotbake.co.za.

15 POLICY CHANGE

This privacy policy was most recently updated during March 2021. If we make changes to it, then we will take appropriate steps to bring those changes to your attention.

16 LAST MODIFIED

Last modified March 2021.