PRIVACY POLICY

LAST UPDATED: 24 October 2024

At Legacy Live, your privacy is of utmost importance to us. This privacy policy has been compiled to better serve those concerned with how their personal data, including Personally Identifiable Information (PII), is being used. PII, as described in global privacy laws such as GDPR, POPIA, and the US privacy law, is information that can be used on its own or with other information to identify, contact, or locate an individual.

Please read our privacy policy carefully to understand how we collect, use, protect, or handle your personal data in accordance with our website and services.

  • We collect various types of information from users, including:

    • Personal Information: Name, email address, phone number, etc. when filling out forms, registering an account, or using our services.
    • User-Generated Content: Any information provided by users through posts, uploads, and comments on our upcoming social media platform.
    • Technical Information: Information such as IP address, browser type, operating system, device type, and usage patterns (e.g., time spent on pages, click paths).
    • Cookie Information: Details gathered through cookies or similar technologies (see our cookies section below).

We collect information from you when you:

  • Fill out a form or register on our website
  • Submit content on our social media platform
  • Interact with our site through browsing, cookies, or other tracking technologies
  • Respond to surveys or engage with our customer support
  • Participate in promotions or events
  • We process your data based on the following lawful bases:

    • Consent: When you give us explicit consent, for example, when subscribing to our newsletter.
    • Contractual necessity: To provide the services you have requested, such as responding to inquiries or processing your account.
    • Legitimate interests: To improve our services, safeguard our users, or deliver a personalized experience.
    • Legal obligation: To comply with legal requirements (e.g., accounting, security).

    We use the information to:

    • Personalize your experience
    • Improve our services and website performance
    • Respond to customer service inquiries or requests
    • Enhance security and prevent fraud
    • Comply with legal requirements
    • Provide updates, newsletters, or promotional materials (with your consent)

We implement a variety of security measures to maintain the safety of your personal data. These include:

  • Data encryption: Using AES-256 encryption for data storage and transfer
  • Secure access: Restricted access to your information based on role-based permissions
  • Two-factor authentication (2FA): Required for user accounts and administrative access
  • SSL encryption: All data transferred via the site is encrypted using Secure Socket Layer (SSL) technology
  • Regular security audits and penetration testing
  • Ongoing monitoring for potential vulnerabilities

We retain personal data only for as long as necessary for the purposes outlined in this policy, or as required by law. User account data will be retained as long as the account remains active. Once data is no longer needed, we ensure it is securely deleted in compliance with applicable regulations.

Cookies are small text files placed on your device to collect standard internet log information and visitor behaviour. We use cookies and similar tracking technologies to:

  • Track site usage and performance (using Google Analytics)
  • Enhance user experience by remembering your preferences
  • Compile aggregate data about site traffic and site interactions

You have full control over your cookie preferences. You can choose to accept or reject cookies through our Cookie Consent Management System or by modifying your browser settings.

Note: Disabling cookies may affect certain functionalities but will not prevent you from using the site.

We use trusted third-party services to assist in operating our website, such as:

  • Google Analytics (for usage tracking and aggregate reporting)
  • Cloud service providers for hosting
  • Payment processors, where applicable

All third-party services we use comply with global data protection laws. We ensure that data shared with third parties is limited and necessary for the purpose, and we have data processing agreements in place to ensure compliance with GDPR and POPIA. If personal data is transferred outside the EU or South Africa, we use Standard Contractual Clauses to ensure data protection.

In some cases, personal data may be transferred to, and stored at, a destination outside the EU or South Africa. Such transfers will only occur under the protection of legally recognised mechanisms, such as the Standard Contractual Clauses for international transfers or an adequacy decision from the European Commission.

Under GDPR and POPIA, you have certain rights regarding your personal data:

  • Right to access: You can request a copy of your personal data.
  • Right to rectification: You can ask us to correct inaccurate data.
  • Right to erasure: You can request deletion of your data (subject to legal requirements).
  • Right to restrict processing: You can ask us to limit how we use your data.
  • Right to data portability: You can request that we transfer your data to another service provider.
  • Right to object: You can object to data processing in certain circumstances.

To exercise any of these rights, please contact our Data Protection Officer (DPO) using the details below.

In the event of a data breach, we will notify affected individuals within 1 business day and inform the relevant data protection authorities, in compliance with GDPR, POPIA, and other applicable laws. We have an incident response plan that includes:

  • Immediate containment and mitigation steps
  • Detailed audit and investigation of the breach
  • Notification of users and authorities as required

We honour Do Not Track (DNT) signals and refrain from tracking or placing cookies on users’ devices when a DNT mechanism is active in your browser.

In compliance with COPPA and GDPR’s provisions for children, we do not knowingly collect personal data from children under the age of 16. If we become aware of any data being collected from a child without verifiable parental consent, we will take steps to delete it immediately.

We allow Google Analytics to track user behaviour on our site in an aggregated and anonymized manner. No personally identifiable information is collected through such tracking.

We may update this privacy policy from time to time. Any changes will be posted on this page, and where significant, we will notify users via email and in-app notifications.

We comply with the CAN-SPAM Act and commit to:

  • Not using false or misleading information in email subjects
  • Identifying messages as advertisements (where applicable)
  • Including the physical address of our headquarters
  • Allowing users to easily unsubscribe from communications
  • Promptly honouring opt-out requests

We commit to full compliance with the Protection of Personal Information Act (POPIA) of South Africa. This includes safeguarding your personal information and ensuring transparency in data collection and use practices. Users have the right to access, correct, or request deletion of their data under POPIA.

If you have any questions regarding this privacy policy or wish to exercise your rights, you may contact our Data Protection Officer (DPO):

Legacy Live
Villa Rochelle, Werda Crescent
Bloemfontein, Free State 9301
South Africa
Email: [email protected]
Data Protection Officer: [email protected]

— WATCH AS IDEAS GROW —

aSSIGN OUR HOURS TO YOUR IDEA

/ 0 Hours

TO my awesome idea

FEEDBACK

Login padlock
Register an Account
LOGIN

You need to be signed in
to use this feature

Login padlock
Login to your account
REGISTER
Login padlock
Login to your account