Last updated: 01 January 2026
1. Introduction
This Privacy Policy describes how BestDealz International (Pty) Ltd ("BestDealz", "we", "us") collects, uses and shares your personal information when you visit bestdealz.co.za, use our services, or interact with our team.
By using our platform, you consent to the data practices described here. If you do not agree, please do not use our services.
2. What we collect
We collect the minimum data needed to provide our service:
- Account info: name, email, phone, business name, VAT number (if applicable).
- Order info: delivery address, items purchased, payment method, order history.
- Communications: messages with our team, support tickets, RFQ details.
- Usage data: pages visited, clicks, device type, IP address — gathered via cookies and analytics.
- Payment data: processed by our PSP (PayFast, Yoco, etc.) — we never store your full card number.
3. How we use it
We use your data to:
- Fulfil orders, deliver products and process payments
- Reply to your enquiries and provide support
- Send order confirmations, shipping updates and security alerts
- Personalise product recommendations and search results
- Improve our service through aggregated analytics
- Comply with legal obligations (tax, fraud prevention, sanctions screening)
Marketing: We only send promotional emails to subscribers — you can unsubscribe with one click from any email.
4. Who we share it with
We share only what is necessary:
- Suppliers: your delivery address and order details for fulfilment
- Couriers: name, address and phone for delivery
- Payment providers: the transaction amount and reference (PayFast, Yoco, banks)
- Service vendors: hosting (AWS), email (SES), analytics (Google) — all under strict data-processing agreements
- Law enforcement: only when legally compelled or required by court order
We never sell your personal information to third parties.
5. Your rights under POPIA
You have the right to:
- Access — download all data we hold on you
- Correct — update inaccurate information in your dashboard
- Delete — close your account and erase your data (except records we must retain for tax/legal purposes)
- Object — opt out of marketing or data processing for non-essential purposes
- Complain — lodge a complaint with the Information Regulator (SA) if you believe we have breached POPIA
Use the Export my data tool in your account settings, or email [email protected].
6. Data retention
We keep your data only as long as needed:
- Account data: for as long as your account is active, plus 30 days after closure
- Order records: 5 years (tax / SARS requirement)
- Marketing consent: until you unsubscribe
- Analytics logs: rolling 12-month window, then aggregated
7. Security
We protect your data with:
- HTTPS / TLS on every connection
- Database encryption at rest (AES-256)
- Role-based access — only authorised staff can view customer records
- Annual third-party penetration testing
- PCI-DSS compliant payment processing (tokenised cards, never stored)
- Automated breach detection and incident-response playbook
8. International transfers
Some service providers (e.g. AWS, Google) may process data outside South Africa. We ensure adequate protection through Standard Contractual Clauses and only use providers in jurisdictions with adequate data-protection laws (EU, UK, USA).
9. Cookies
We use essential cookies (cart, login, security) and optional analytics cookies. See our full Cookie Policy for details and how to control them.
10. Changes to this policy
If we make material changes, we will notify you by email and update the "Last updated" date at the top of this page. Continued use of our services after changes constitutes acceptance.
Have questions about this policy?
Contact our compliance team — we reply within 1 business day.
