Privacy Policy

Your Data,
Your Rights

Your trust matters. Here's how we protect your personal information under POPIA and international data protection standards.

🛡️ POPIA Compliant 🌍 GDPR Aligned 🔒 Data Protected 📅 Updated: April 2026

Responsible Party (POPIA Section 1)

In terms of the Protection of Personal Information Act 4 of 2013 ("POPIA"), the responsible party for processing your personal information is:

ForgeForth Africa (Pty) Ltd

Registration Number: 2024/123456/07

Johannesburg, Gauteng, South Africa

Information Officer: privacy@forgeforth.africa

At ForgeForth Africa, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data in compliance with the Protection of Personal Information Act 4 of 2013 (POPIA) of South Africa, the EU General Data Protection Regulation (GDPR), and other applicable international data protection laws.

1

Key Definitions (POPIA Section 1)

Data Subject

You, the individual whose personal information is being processed.

Personal Information

Any information relating to an identifiable person, including name, ID number, contact details, employment history, and online identifiers.

Special Personal Information

Sensitive data including race, health, biometrics, religious beliefs, trade union membership, political affiliation, sexual orientation, or criminal history.

Processing

Any operation performed on personal information, including collection, storage, use, modification, dissemination, or destruction.

Responsible Party

ForgeForth Africa (Pty) Ltd, who determines the purpose and means of processing.

Operator

A third party who processes data on our behalf under contract.

Consent

Voluntary, specific, and informed expression of will by you agreeing to the processing of your data.

Information Officer

The person responsible for ensuring POPIA compliance within our organization.

2

Information We Collect

Information You Provide Directly

  • Identity Information: Full name, date of birth, ID/passport number, nationality
  • Contact Details: Email address, phone number, physical address
  • Professional Information: Skills, qualifications, work experience, education history, portfolio
  • Documents: CV/resume, certificates, identification documents for verification
  • Communications: Messages, feedback, support requests, survey responses

Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent, interaction patterns
  • Device Information: Browser type, operating system, device type, screen resolution
  • Location Data: General geographic region based on IP address (not precise GPS location)
  • Cookies & Similar Technologies: See our Cookie Policy for details

Special Personal Information (POPIA Section 26-33)

We generally do not collect special personal information. If required for specific services (e.g., verification), we will:

  • Obtain your explicit consent
  • Clearly explain why it's needed
  • Apply enhanced security measures
4

How We Use Your Data

Service Delivery

To create your account, manage your profile, and connect you with opportunities, employers, or programs.

Matching & Recommendations

To analyze your skills and preferences and suggest relevant opportunities using our AI-powered matching engine.

Communication

To send you important updates, notifications about opportunities, and respond to your inquiries.

Verification

To verify your identity, qualifications, and credentials when required.

Platform Improvement

To analyze usage patterns and improve our platform, features, and user experience.

Security & Fraud Prevention

To protect your account, detect suspicious activity, and prevent fraud or abuse.

Legal Compliance

To comply with applicable laws, regulations, and legal processes.

5

Data Sharing & Third Parties

We NEVER sell your personal information.

We only share information when necessary to provide our services, with your consent, or when required by law.

Employers & Partners (With Your Consent)

When you apply for opportunities, employers see your profile and application details. You control what information is visible.

Service Providers (Operators under POPIA)

Trusted third parties who help us operate (cloud hosting, analytics, email services). They are bound by strict data processing agreements and can only use your data as we instruct.

Verification Services

Background check providers when you consent to verification of credentials or identity.

Legal Requirements

Law enforcement, courts, or regulators when required by law, court order, or to protect safety, rights, or property.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified of any changes.

6

Cross-Border Data Transfers (POPIA Section 72)

As a Pan-African platform, we may transfer your data to countries outside South Africa. When we do, we ensure:

Adequate Protection

The recipient country has adequate data protection laws

Binding Agreements

Standard contractual clauses or binding corporate rules are in place

Your Consent

You have given explicit consent for the transfer

Legal Requirement

Transfer is necessary for legal proceedings or to protect vital interests

7

Data Security (POPIA Section 19)

We implement appropriate technical and organizational measures to protect your data:

Encryption

Data encrypted in transit (TLS 1.3) and at rest (AES-256)

Access Controls

Role-based access with multi-factor authentication

Regular Audits

Security assessments and penetration testing

Incident Response

24/7 monitoring with breach notification procedures

8

Data Retention (POPIA Section 14)

We retain your data only as long as necessary:

  • Active accounts: Data retained while your account is active
  • Deleted accounts: Data deleted within 30 days, except where legally required
  • Legal requirements: Some data may be retained longer for tax, legal, or regulatory purposes
9

Your Rights Under POPIA (Section 23-25)

Right to Access

Request a copy of your personal information we hold

Right to Correction

Request correction of inaccurate or incomplete data

Right to Deletion

Request deletion of your data in certain circumstances

Right to Object

Object to processing for direct marketing

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent

Right to Complain

Lodge a complaint with the Information Regulator

10

Children's Privacy

Our services are not intended for children under 18. We do not knowingly collect personal information from minors. If you believe we have collected data from a child, please contact us immediately and we will delete it.

11

Complaints & Regulator

If you are not satisfied with our response to a privacy concern, you may lodge a complaint with:

Information Regulator (South Africa)

JD House, 27 Stiemens Street, Braamfontein, Johannesburg

Email: complaints.IR@justice.gov.za

Website: inforegulator.org.za

12

Contact Us

For questions about this Privacy Policy or to exercise your rights:

ForgeForth Africa (Pty) Ltd

Johannesburg, Gauteng, South Africa

Email: privacy@forgeforth.africa