Privacy Policy
Effective Date: 1 January 2026
At zironatava, we understand that your personal information matters. This policy explains how we collect, use, and protect data when you engage with our financial statement analysis services. We're committed to transparency because trust is the foundation of what we do.
Information We Collect
Running a business focused on financial analysis means we need certain details to deliver meaningful insights. Here's what we gather and why it matters.
| Data Type | What We Collect | Purpose |
|---|---|---|
| Personal Details | Name, surname, contact number, email address, business registration information | To identify you, communicate effectively, and provide personalized financial analysis services |
| Financial Records | Income statements, balance sheets, cash flow data, tax documents, transaction histories | To conduct thorough financial statement analysis and generate actionable insights for your business |
| Technical Data | IP address, browser type, device information, usage patterns, session duration | To improve website functionality, troubleshoot issues, and enhance user experience |
| Communication Records | Emails, phone call notes, meeting transcripts, support tickets | To maintain service continuity, resolve queries, and document our working relationship |
How We Obtain Your Information
- Directly from you when filling out contact forms or submitting documents through our secure portal
- During consultations, phone conversations, or email exchanges where you share business details
- Through cookies and analytics tools when you browse our website
- From publicly available business registries or financial databases when conducting background research
- With your written consent, from third-party financial institutions or accounting systems you authorize us to access
How We Use Your Information
Every piece of data serves a specific purpose. We don't collect information just to have it sitting in a database somewhere.
- Service Delivery: Analyzing your financial statements, preparing reports, identifying trends, and providing strategic recommendations tailored to your business situation
- Client Communication: Responding to inquiries, scheduling consultations, sending analysis updates, and maintaining ongoing dialogue about your financial health
- Legal Compliance: Meeting obligations under South African tax law, POPIA regulations, and financial reporting standards that govern our industry
- Service Improvement: Understanding how clients interact with our platform, identifying areas where we can streamline processes or add helpful features
- Business Operations: Managing invoicing, maintaining accurate client records, conducting internal quality reviews, and training our team
- Security Monitoring: Detecting unauthorized access attempts, preventing fraud, and protecting both your data and our systems from security threats
Legal Basis for Processing
Under South Africa's Protection of Personal Information Act (POPIA), we process your data based on these lawful grounds:
Contractual Necessity
When you engage our services, processing your financial data is essential to fulfilling our agreement. We can't analyze statements without access to them.
Legal Obligation
Financial services providers must retain certain records and report specific information to regulatory authorities. This isn't optional for us.
Legitimate Interest
We have valid business reasons to process data for fraud prevention, network security, and improving our services, provided this doesn't override your privacy rights.
Consent
For marketing communications or sharing data beyond what's strictly necessary, we ask for your explicit permission. You can withdraw this anytime.
Data Sharing and Disclosure
We're selective about who sees your information. Your financial data isn't something we hand around casually.
Service Providers
Sometimes we work with specialized partners who help us deliver better service. This includes cloud hosting providers for secure data storage, accounting software companies whose tools we integrate with, and IT security firms that protect our infrastructure. These partners sign strict confidentiality agreements and can only use your data for the specific purposes we authorize.
Legal Requirements
If served with a valid court order, subpoena, or formal request from South African Revenue Service or other regulatory bodies, we're legally required to disclose relevant information. We'll notify you when possible unless prohibited by law.
Business Transfers
Should zironatava merge with another company or be acquired, your data would transfer to the new entity. We'd ensure they maintain equivalent privacy standards and notify you of any changes to how your information is handled.
What We Don't Do
We never sell your personal or financial information to third parties. We don't share client data with marketers, data brokers, or anyone looking to profit from your information. Your financial details stay within the bounds of our professional relationship.
Your Rights Under POPIA
South African law gives you significant control over your personal information. Here's what you can do.
| Your Right | What This Means | How to Exercise It |
|---|---|---|
| Access | Request copies of all personal data we hold about you | Email us at contact@zironatava.world with "Data Access Request" in the subject line. We'll respond within 30 days. |
| Correction | Have inaccurate or incomplete information updated | Contact us with the specific details that need correction. We'll verify and update within 14 business days. |
| Deletion | Request removal of your data when it's no longer needed | Submit a written deletion request. Note that legal retention requirements may prevent immediate deletion of some records. |
| Objection | Object to processing based on legitimate interests or for marketing | Clearly state your objection in writing. We'll cease processing unless we have compelling legal grounds to continue. |
| Portability | Receive your data in a structured, commonly used format | Request data export and we'll provide files in CSV or PDF format within 21 days. |
| Restriction | Limit how we process your data in certain situations | Explain why processing should be restricted. We'll comply while verifying accuracy or resolving objections. |
To exercise any of these rights, contact our Information Officer directly. We take these requests seriously and respond promptly. There's no fee unless your request is clearly unfounded or excessive.
Data Security Measures
Financial information requires serious protection. We've invested in multiple layers of security to keep your data safe from unauthorized access, theft, or loss.
Technical Safeguards
All data transmitted between your device and our servers uses TLS 1.3 encryption. Stored information is encrypted using AES-256 standards. Our databases sit behind firewalls with intrusion detection systems that monitor for suspicious activity around the clock. Access controls ensure that only authorized team members can view specific data, and every access attempt is logged.
Organizational Measures
Staff undergo background checks and sign confidentiality agreements before handling client information. We conduct regular security training so everyone understands their responsibility to protect your data. Our office maintains physical security with controlled access and locked filing cabinets for any paper documents. Regular audits verify that security protocols are being followed.
Incident Response
Despite best efforts, breaches can happen. We maintain an incident response plan that includes immediate containment procedures, forensic investigation, notification to affected parties within 72 hours, and coordination with the Information Regulator when required. We'll tell you exactly what happened, what data was affected, and what steps we're taking to prevent recurrence.
Data Retention Periods
We don't keep information forever. Retention periods balance our need to provide ongoing service and meet legal obligations against your right to have data deleted when it's no longer necessary.
| Data Category | Retention Period | Reason |
|---|---|---|
| Financial Analysis Reports | 7 years from date of service | Required by South African tax law and professional standards for financial records |
| Client Communication Records | 5 years after relationship ends | Protects both parties in case of disputes and maintains service continuity |
| Technical Logs and Analytics | 18 months from collection | Sufficient for security monitoring and service improvement without excessive storage |
| Marketing Consent Records | Until consent is withdrawn | Demonstrates lawful basis for communications and respects opt-out requests |
| Contract Documents | 10 years after contract expiry | Standard business practice for significant agreements and potential legal claims |
When retention periods expire, we securely delete or anonymize data. Deletion means overwriting storage media so information cannot be recovered. Anonymization removes identifying details so data can be kept for statistical purposes without compromising privacy.
Cookies and Tracking Technologies
Our website uses cookies to function properly and understand how visitors interact with our content. You have control over most of these.
Essential Cookies
These enable basic functionality like remembering your login session, maintaining security, and keeping your selected preferences. The website won't work properly without them, so they're automatically enabled.
Analytics Cookies
We use these to see which pages are popular, where visitors spend time, and where they encounter problems. This helps us improve navigation and fix issues. The data is aggregated and doesn't personally identify you.
Preference Cookies
These remember choices you've made like language settings or display preferences, so you don't have to reconfigure things each visit.
Managing Cookie Preferences
Your browser settings let you block or delete cookies. Be aware that disabling essential cookies will affect site functionality. Most browsers offer privacy modes that don't store cookies after you close the window.
International Data Transfers
We primarily store data on servers located in South Africa. Occasionally, some information may be processed by service providers with servers in other countries, particularly for cloud infrastructure or specialized analysis tools.
When data leaves South Africa, we ensure the receiving country has adequate privacy protections as recognized by the Information Regulator, or we implement additional safeguards like standard contractual clauses. You have the right to request details about where your specific data is stored and what protections are in place.
Children's Privacy
Our services target business owners and financial professionals. We don't knowingly collect information from anyone under 18 years old. If you're a parent who discovers we've inadvertently gathered data about your child, contact us immediately and we'll delete it.
Third-Party Links
Our website occasionally links to external resources that might be useful for financial analysis or business management. We're not responsible for the privacy practices of these third-party sites. Before sharing personal information elsewhere, review their privacy policies.
Policy Updates
Privacy regulations evolve and our practices may change as we improve services or adopt new technologies. When we update this policy, we'll change the effective date at the top and notify active clients via email if the changes significantly affect how we handle data.
Major revisions will be highlighted on our website homepage for at least 30 days. Continued use of our services after updates indicates acceptance of the revised policy. If you disagree with changes, you can close your account and request data deletion subject to legal retention requirements.
Complaints and Regulatory Contact
We hope to resolve any privacy concerns directly, but you have the right to lodge a complaint with South Africa's Information Regulator if you believe we've mishandled your personal information.
Information Regulator (South
Africa)
JD House, 27 Stiemens Street
Braamfontein, Johannesburg, 2001
Phone: 010 023 5200
Email: inforeg@justice.gov.za
We'd appreciate the opportunity to address issues before you contact the regulator, but the choice is yours.
Get In Touch About Privacy
Questions about how we handle your information? Need to exercise your data rights? Our Information Officer is here to help.
Email: contact@zironatava.world
Phone: +27 82 383 6495
Address: Shop 21 Rant en Dal center, 44 Cecil Knight St, Rant-En-Dal, Krugersdorp, 1751, South Africa
We respond to privacy inquiries within 5 business days and aim to resolve requests within the timeframes specified by POPIA.