Privacy & Compliance Policy

Last updated: 20 August 2025

TAG Collective (“we,” “our,” or “us”) is committed to protecting your privacy, ensuring compliance with applicable data protection laws, and adhering to the principles outlined by the POPAI Code of Conduct. This Privacy & Compliance Policy explains how we collect, use, store, and safeguard your information when you interact with our website, services, and communications.

1. Scope of Policy

This policy applies to:

  • Visitors to our website.

  • Clients and business partners.

  • Subscribers to our newsletters, campaigns, or promotional materials.

  • Any individual whose data we process in the course of providing our services.

2. Data Collection

We may collect the following categories of personal and non-personal data:

  • Personal Identifiable Information (PII): Name, email address, phone number, company details.

  • Technical Information: IP address, browser type, operating system, device identifiers.

  • Usage Data: Pages visited, time spent, interactions, preferences.

  • Marketing & Communication Data: Opt-in preferences, survey responses, or inquiries submitted through forms.

We collect data through:

  • Direct input (e.g., contact forms, sign-ups).

  • Automated means (e.g., cookies, analytics tools).

  • Third-party partners (with appropriate consent and legal basis).

3. Purpose of Processing

Your data is processed for the following legitimate purposes:

  • To provide and improve our services.

  • To communicate with you about inquiries, projects, and updates.

  • To send marketing communications (only with consent).

  • To comply with legal obligations.

  • To prevent fraud, misuse, or unauthorized access.

4. Legal Basis for Processing

We process data under the following bases:

  • Consent: When you voluntarily provide your data.

  • Contractual necessity: To deliver services you request.

  • Legal obligation: To comply with laws and regulations.

  • Legitimate interest: For service improvement, analytics, and internal operations (balanced against your rights).

5. Data Sharing & Disclosure

We do not sell your personal data. We may share data with:

  • Trusted service providers (hosting, analytics, CRM, email delivery).

  • Business partners in the context of service delivery (with consent).

  • Legal or regulatory authorities when required by law.

  • Internal teams within TAG Collective under confidentiality agreements.

6. International Data Transfers

Where personal data is transferred outside of South Africa, the UK, or the EU, we ensure compliance with POPIA, GDPR, and other applicable laws by implementing safeguards such as:

  • Standard Contractual Clauses (SCCs).

  • Adequacy decisions.

  • Binding corporate rules where relevant.

7. Data Retention

We retain personal data only as long as necessary to:

  • Fulfill contractual or legal obligations.

  • Provide requested services.

  • Maintain compliance records.

After the retention period, data will be securely deleted or anonymized.

8. Data Subject Rights

In accordance with POPIA, GDPR, CCPA, and related regulations, you have the right to:

  • Access your personal data.

  • Request correction or deletion.

  • Restrict or object to processing.

  • Withdraw consent at any time.

  • Request data portability.

  • Lodge a complaint with your supervisory authority.

9. Cookies & Tracking

We use cookies and similar technologies to:

  • Improve website functionality and performance.

  • Personalize your browsing experience.

  • Track analytics and measure engagement.

You can manage cookie preferences through your browser settings.

10. Security

We implement industry-standard safeguards to protect your data, including:

  • Encryption (in transit and at rest).

  • Access controls and authentication.

  • Regular audits and monitoring.

  • Staff confidentiality training.

11. POPAI Compliance

As a POPAI-compliant organization, TAG Collective upholds:

  • Ethical standards in marketing communications.

  • Transparency in data collection and use.

  • Respect for consumer privacy and opt-in rights.

  • Fair competition and integrity in advertising practices.

12. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of these third-party sites. We encourage you to review their policies before providing personal data.

13. Children’s Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect their data. If such data is identified, it will be deleted promptly.

14. Updates to This Policy

We may update this Privacy & Compliance Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review the policy periodically.

15. Contact Us

For questions, requests, or concerns regarding this policy, please contact us.

Website development by Centric Media.