top of page

Privacy Policy

Last updated: January 2026

 

1. Introduction

ENRYOC (Pty) Ltd (“ENRYOC”, “we”, “us” or “our”) respects your privacy and is committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (“POPIA”), the Promotion of Access to Information Act 2 of 2000 (“PAIA”), and other applicable laws of the Republic of South Africa. POPIA is in force and the Information Regulator is the authority responsible for oversight and enforcement. (Inforegulator)

This Privacy Policy explains what personal information we collect, how we use it, when we share it, how we protect it, and what rights you have.

By using our website, requesting information from us, or engaging with our services, you acknowledge that your personal information may be processed as described in this Privacy Policy.

2. Responsible Party

ENRYOC (Pty) Ltd is the responsible party for the personal information processed through this website and in connection with our business activities.

Contact details
Website: https://enryoc.com
General enquiries: support@enryoc.com
Privacy / POPIA enquiries: popi@enryoc.com

Information Officer
ENRYOC has appointed an Information Officer in accordance with POPIA and PAIA. Requests relating to privacy, access to records, correction, deletion, objections, complaints, or data subject rights may be directed to popi@enryoc.com.

3. What Personal Information We Collect

Depending on how you interact with us, we may collect and process the following categories of personal information:

  • identity and contact information, such as your name, surname, company name, position, email address, telephone number, and physical address;

  • account, service and client information, such as usernames, service details, invoices, payment status, contract information, and support records;

  • financial and billing information, such as billing details, bank account details for debit orders, VAT details, and transaction information;

  • communications, such as emails, support tickets, call notes, and correspondence;

  • technical and usage information, such as IP address, browser type, device information, cookies, operating system, usage logs, website interaction data, and diagnostics;

  • marketing and preference information, such as your communication preferences, opt-in status, and responses to campaigns or forms;

  • information you voluntarily provide when completing forms, requesting quotations, booking meetings, or applying for services.

We do not intentionally collect special personal information or children’s personal information through the website unless this is necessary for a lawful purpose and permitted by law. If such information is supplied to us inadvertently, it will be handled in accordance with applicable law and only to the extent necessary. The Information Regulator has also published guidance on special personal information and children’s information. (Inforegulator)

4. How We Collect Personal Information

We collect personal information:

  • directly from you when you complete a contact form, request a quotation, communicate with us, subscribe to updates, or apply for services;

  • automatically through cookies, analytics tools, server logs, and website technologies when you use our website;

  • from publicly available sources where lawful and relevant;

  • from third parties where necessary for onboarding, payment processing, fraud prevention, compliance, or service delivery, and where lawful to do so.

5. Purpose of Processing

We process personal information only for specific, explicit and lawful purposes, including to:

  • respond to enquiries and communicate with you;

  • prepare quotations, proposals, service orders, and contracts;

  • onboard and manage clients;

  • provide hosting, cloud, Microsoft 365, backup, domain, managed IT, and support services;

  • verify identity, authority, payment details, and account status;

  • issue invoices, collect payments, and maintain financial records;

  • provide technical support, troubleshooting, monitoring, incident response, and service administration;

  • maintain website security, prevent abuse, and protect our systems and users;

  • improve our website, services, support processes, and customer experience;

  • comply with legal, tax, regulatory, contractual, audit, and record-keeping obligations;

  • send service-related notices and, where lawful, direct marketing communications.

 

6. Lawful Basis for Processing

We process personal information on one or more lawful grounds, including:

  • your consent;

  • the conclusion or performance of a contract;

  • compliance with legal and regulatory obligations;

  • protection of your legitimate interests;

  • our legitimate business interests, provided such interests are not overridden by your rights.

Where consent is relied upon, you may withdraw it at any time, subject to legal or contractual limitations.

7. Whether Supplying Information Is Voluntary or Mandatory

In most cases, supplying personal information is voluntary. However, if you do not provide information that is reasonably required:

  • we may not be able to respond to your enquiry;

  • we may not be able to provide a quotation or conclude a contract;

  • we may not be able to deliver or support services;

  • we may not be able to comply with our legal or regulatory obligations.

Certain information may be required by law, regulation, or contractual necessity.

8. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • enable website functionality;

  • remember user preferences;

  • improve user experience;

  • analyse website traffic and performance;

  • support relevant marketing and advertising.

You may accept or decline cookies through our cookie banner and/or your browser settings. Some cookies may be necessary for the website to function properly.

9. Sharing of Personal Information

We may share personal information, where lawful and necessary, with the following categories of recipients:

  • employees, contractors, and authorised personnel of ENRYOC;

  • operators and service providers who assist with hosting, infrastructure, support, cloud services, billing, communications, analytics, and security;

  • payment processors, banks, accountants, auditors, insurers, and professional advisers;

  • upstream technology vendors and cloud providers, including infrastructure and productivity providers;

  • regulators, courts, law enforcement, and public authorities where disclosure is required or authorised by law;

  • counterparties where necessary to perform a contract or protect legal rights.

We do not sell personal information.

Where third parties process personal information on our behalf, we require them to implement appropriate safeguards and to process such information only for authorised purposes.

10. Cross-Border Transfers

Personal information may be transferred outside South Africa where required for service delivery, support, cloud hosting, backups, software licensing, email, productivity platforms, or infrastructure services.

Where cross-border transfers occur, ENRYOC will take reasonable steps to ensure that appropriate safeguards are in place in accordance with POPIA, including where the recipient is subject to laws, binding agreements, or other measures that provide an adequate level of protection. POPIA regulates cross-border information flows in section 72. (Justice)

11. Direct Marketing

We may send you marketing communications where you have consented, where you are an existing customer and the law permits it, or where another lawful basis applies.

You may opt out of marketing communications at any time by using the unsubscribe mechanism provided or by contacting us at support@enryoc.com or popi@enryoc.com.

12. Retention of Personal Information

We retain personal information only for as long as reasonably necessary for:

  • the purpose for which it was collected;

  • the provision and administration of services;

  • legal, regulatory, tax, accounting, insurance, or audit obligations;

  • the establishment, exercise, or defence of legal claims;

  • legitimate business record-keeping and security purposes.

When personal information is no longer required, we will securely delete, destroy, de-identify, or anonymise it unless we are required by law to retain it for longer.

13. Security Safeguards

We implement appropriate, reasonable technical and organisational measures to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

These measures may include access controls, authentication, logging, monitoring, encryption where appropriate, backups, vendor management, staff confidentiality measures, and incident handling procedures.

No method of transmission or storage is completely secure, and we do not warrant absolute security.

14. Data Subject Rights

You have the right, subject to applicable law, to:

  • request access to your personal information;

  • request correction, updating, or deletion of inaccurate or incomplete information;

  • object to certain processing;

  • withdraw consent where consent is the basis of processing;

  • request destruction or deletion where lawful;

  • opt out of direct marketing;

  • lodge a complaint with the Information Regulator.

The amended POPIA regulations published in 2025 also deal with requests for correction or deletion and related procedures. (Justice)

To exercise your rights, contact: popi@enryoc.com

15. Information Regulator

If you believe your personal information has been processed unlawfully, you may lodge a complaint with the Information Regulator (South Africa).

Website: https://www.justice.gov.za/inforeg/
Information Regulator / eServices references are available through the Regulator’s official platforms. (eServices)

16. PAIA Manual

Our PAIA Manual, where applicable, explains how to request access to records held by ENRYOC in terms of PAIA. Requests for access to records may be directed to our Information Officer.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. The latest version will be published on our website and will apply from the date of publication.

18. Contact Us

For privacy-related questions, access requests, objections, corrections, complaints, or POPIA enquiries, contact:

ENRYOC (Pty) Ltd
Email: support@enryoc.com
Privacy / POPIA: popi@enryoc.com
Website: https://enryoc.com

bottom of page