Company Information

Website: gpcollections.co.za
Effective Date: 22 September 2025
Last Updated: 22 September 2025

Contact Details:

• Email: info@gpcollections.co.za
• Phone: +27 719 966 343
• Address: Office 2014, Spaces Pretoria, Menlyn Maine Building 210, Pegasus, 210 Amarand Avenue, Pretoria, Gauteng, 0181, South Africa

1. About This Policy

GP Collections is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Protection of Personal Information Act (POPIA) and other applicable South African legislation.

By using our services or website, you consent to the practices described in this policy.

2. Information We Collect

2.1 Personal Information

We collect the following categories of personal information:

Identity and Verification Data:

• Full legal name
• Identity document or passport number
• Date of birth
• Nationality and residency status

Contact Information:

• Physical address
• Email address
• Mobile and telephone numbers

Financial and Transaction Data:

• Bank account details (when required)
• Transaction history and amounts
• Currency exchange preferences
• Source and destination of funds

Technical Information:

• IP address and device identifiers
• Browser type and version
• Operating system
• Website usage patterns and analytics data

2.2 How We Collect Information

Information is collected through:

• Direct interactions (forms, phone calls, emails)
• Website usage (cookies, analytics)
• Third-party verification services
• Legal and regulatory requirements

3. Purpose and Legal Basis for Processing

We process your personal information for the following purposes:

3.1 Primary Business Purposes

• Currency Exchange Services: Facilitating foreign exchange transactions
• Identity Verification: Complying with Know Your Customer (KYC) requirements
• Transaction Processing: Executing and recording currency exchanges
• Customer Communication: Responding to inquiries and providing service updates

3.2 Legal and Regulatory Compliance

• FICA Compliance: Meeting Financial Intelligence Centre Act requirements
• Tax Reporting: Compliance with SARS regulations for foreign exchange transactions
• Record Keeping: Maintaining records as required by financial services legislation
• Risk Management: Fraud prevention and anti-money laundering measures

3.3 Business Operations

• Service Improvement: Enhancing our website and customer experience
• Analytics: Understanding usage patterns to improve services
• Marketing: Communicating about relevant services (with consent)

4. Information Sharing and Disclosure

4.1 We Do Not Sell Personal Information

GP Collections does not sell, rent, or trade your personal information to third parties for commercial purposes.

4.2 Permitted Disclosures

We may share your information with:

Regulatory and Government Bodies:

• South African Revenue Service (SARS)
• Financial Intelligence Centre (FIC)
• South African Reserve Bank (SARB)
• Other regulatory authorities as required by law

Service Providers:

• Identity verification services
• Payment processors and banking partners
• Website hosting and IT service providers
• Professional advisors (legal, accounting, auditing)

Legal Requirements:

• Law enforcement agencies (when legally required)
• Courts and legal proceedings
• Protection of our rights and property

All third-party service providers are contractually bound to protect your information and use it only for specified purposes.

 

5. Data Security Measures

We implement comprehensive security measures including:

Technical Safeguards:

• SSL/TLS encryption for data transmission
• Secure server infrastructure and firewalls
• Regular security updates and monitoring
• Access controls and authentication systems

Organizational Measures:

• Staff training on data protection
• Confidentiality agreements with employees
• Regular security audits and assessments
• Incident response procedures

Physical Security:

• Secure office premises
• Controlled access to sensitive areas
• Secure document storage and disposal

6. Cookies and Website Technologies

6.1 Types of Cookies Used

Our website uses the following cookies:

Essential Cookies: Required for website functionality
Analytics Cookies: To understand website usage and improve performance
Preference Cookies: To remember your settings and preferences

6.2 Managing Cookies

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

7. Your Rights Under POPIA

As a data subject, you have the following rights:

7.1 Access Rights

• Request access to your personal information
• Obtain details about how your information is processed
• Receive copies of your personal information

7.2 Correction and Updates

• Request correction of inaccurate or incomplete information
• Update your contact details and preferences

7.3 Objection and Restriction

• Object to processing of your personal information
• Request restriction of processing in certain circumstances

7.4 Deletion Rights

• Request deletion of your personal information (subject to legal retention requirements)
• Right to be forgotten where legally applicable

7.5 Data Portability

• Receive your personal information in a structured, commonly used format
• Request transfer of information to another service provider

7.6 Complaint Rights

• Lodge complaints with the Information Regulator of South Africa
• Seek judicial remedies for privacy violations

To exercise any of these rights, contact us at info@gpcollections.co.za

8. Data Retention

8.1 Retention Periods

We retain personal information for the following periods:

Transaction Records: 5 years (as required by FICA and tax legislation)
Identity Verification Documents: 5 years from last transaction
Communication Records: 3 years from last contact
Website Analytics: 2 years from collection
Marketing Preferences: Until withdrawn or account closure

8.2 Secure Disposal

When retention periods expire, we securely delete or anonymize personal information in accordance with industry best practices.

9. International Transfers

Currently, we do not routinely transfer personal information outside of South Africa. If international transfers become necessary, we will:

• Ensure adequate protection through appropriate safeguards
• Obtain your consent where required
• Comply with POPIA cross-border transfer requirements

10. Minors and Capacity

Our services are intended for individuals 18 years and older. We do not knowingly collect personal information from minors. If you believe we have collected information from a minor, please contact us immediately for removal.

11. Policy Updates and Changes

11.1 Policy Updates

We may update this Privacy Policy to reflect:

• Changes in legislation or regulations
• New business practices or services
• Feedback from regulatory authorities
• Technological developments

11.2 Notification of Changes

Material changes will be communicated through:

• Email notification to registered users
• Prominent website notices
• Updated effective dates

We encourage regular review of this policy to stay informed about how we protect your information.

12. Contact Information and Complaints

12.1 General Inquiries

For questions about this Privacy Policy or our data practices:

GP Collections
Email: info@gpcollections.co.za
Phone: +27 719 966 343
Address: Office 2014, Spaces Pretoria, Menlyn Maine Building 210, Pegasus, 210 Amarand Avenue, Pretoria, Gauteng, 0181, South Africa

12.2 Privacy Officer

For specific privacy-related concerns or to exercise your rights under POPIA, contact our Privacy Officer at the above details.

12.3 Regulatory Complaints

If you believe your privacy rights have been violated, you may lodge a complaint with:

Information Regulator of South Africa
Website: www.justice.gov.za/inforeg
Email: inforeg@justice.gov.za
Phone: +27 12 406 4818

This Privacy Policy was last updated on 22 September 2025 and is effective immediately.