AgroFlex Parts

Important: This Privacy Policy complies with POPIA (South Africa), GDPR (EU/UK), CCPA/CPRA (California), and other applicable international privacy regulations. By using our website, you consent to the practices described herein.

Privacy Policy

Last updated November 2025

Legal Documents

Terms of Service Privacy Policy Cookie Policy Software Licence

Contact

info@agroflexparts.com

+27 (0) 18 523 0524

1. Introduction

Agroflex (PTY) Ltd. ("we", "us", or "our") is committed to protecting your privacy and personal information in accordance with applicable data protection legislation worldwide, including:

  • POPIA – Protection of Personal Information Act, 2013 (South Africa)
  • GDPR – General Data Protection Regulation (European Union)
  • UK GDPR – United Kingdom General Data Protection Regulation
  • CCPA/CPRA – California Consumer Privacy Act & California Privacy Rights Act (USA)
  • LGPD – Lei Geral de Proteção de Dados (Brazil)
  • Australian Privacy Act – Privacy Act 1988 (Australia)

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website agroflexparts.com. As a global trading company, we ensure compliance with the privacy laws of all jurisdictions in which we operate.

2. Information We Collect

We may collect the following types of information:

Personal Information:

  • Name, email address, phone number, and company name
  • Physical address and delivery information
  • Account credentials when you register with us
  • Communication preferences and enquiry details

Technical Information:

  • IP address, browser type, and device information
  • Operating system and browsing patterns
  • Pages visited, search queries, and time spent on pages
  • Referral sources and interaction with website features

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain our website
  • To respond to your enquiries and provide customer support
  • To improve our website and user experience
  • To send promotional communications (with your consent)
  • To process and manage your account
  • To comply with legal obligations
  • To detect and prevent fraud or abuse
  • To analyse website usage and trends

4. Legal Basis for Processing

We process your personal information based on the following legal grounds (applicable under POPIA, GDPR, and similar regulations):

  • Consent: Where you have given express, informed consent for specific purposes. You may withdraw consent at any time.
  • Contractual Necessity: Where processing is necessary to perform our agreement with you or take pre-contractual steps at your request.
  • Legal Obligation: Where we must process data to comply with applicable laws in any jurisdiction.
  • Legitimate Interest: Where processing is in our legitimate business interests (e.g., fraud prevention, security) and does not override your fundamental rights.
  • Vital Interests: Where processing is necessary to protect someone's life.
  • Public Interest: Where processing is necessary for tasks carried out in the public interest.

5. Your Rights Under POPIA (South Africa)

If you are a South African resident, you have the following rights under the Protection of Personal Information Act:

  • Right to be Notified: Be informed that your personal information is being collected and processed
  • Right of Access: Request confirmation of and access to your personal information we hold
  • Right to Correction: Request correction or deletion of inaccurate, irrelevant, or outdated information
  • Right to Deletion: Request destruction or deletion of your personal information
  • Right to Object: Object to the processing of your personal information
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Complain: Lodge a complaint with the Information Regulator of South Africa

Information Regulator Contact: complaints.IR@justice.gov.za | +27 (0) 10 023 5200

6. Your Rights Under GDPR (EU/UK Residents)

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights under GDPR:

  • Right of Access (Art. 15): Obtain confirmation and access to your personal data
  • Right to Rectification (Art. 16): Have inaccurate personal data corrected
  • Right to Erasure (Art. 17): Request deletion of your personal data ("Right to be Forgotten")
  • Right to Restriction (Art. 18): Restrict processing of your personal data
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
  • Right to Object (Art. 21): Object to processing based on legitimate interests or direct marketing
  • Rights Related to Automated Decision-Making (Art. 22): Not be subject to purely automated decisions
  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
  • Right to Complain: Lodge a complaint with your local Data Protection Authority

We will respond to your request within one month. This may be extended by two months for complex requests.

7. Your Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Know what personal information is collected, used, shared, or sold
  • Right to Delete: Request deletion of personal information collected from you
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of the sale or sharing of your personal information
  • Right to Limit Use: Limit the use and disclosure of sensitive personal information
  • Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

Important Notice: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

To exercise your CCPA rights, contact us at info@agroflexparts.com. We will verify your identity before processing your request.

8. International Data Transfers

As an international trading company, we may transfer your personal information to countries outside your country of residence. When we do so, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: Transfers to countries recognized as providing adequate protection
  • Standard Contractual Clauses: EU-approved contractual safeguards for data transfers
  • Binding Corporate Rules: Internal policies ensuring consistent data protection
  • Your Consent: Where you have explicitly consented to the transfer

Our primary data processing occurs in South Africa. You may request information about the safeguards in place for international transfers by contacting us.

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure servers with access controls and firewalls
  • Regular security assessments, penetration testing, and updates
  • Employee training on data protection and privacy
  • Incident response procedures for data breaches

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities as required by applicable law (within 72 hours under GDPR, as soon as reasonably possible under POPIA).

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Typical retention periods:

  • Account Information: Duration of account plus 3 years after closure
  • Transaction Records: 7 years (legal/tax requirements)
  • Marketing Preferences: Until you withdraw consent
  • Analytics Data: 26 months (anonymized thereafter)

When determining retention periods, we consider the nature and sensitivity of the data, potential risks from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.

11. Third-Party Disclosure

We may share your personal information with third parties in the following circumstances:

  • Service Providers: Payment processors, shipping carriers, hosting providers
  • Professional Advisers: Lawyers, accountants, auditors
  • Legal Requirements: Law enforcement or regulatory bodies when required by law
  • Business Partners: With your explicit consent
  • Business Transfers: In connection with merger, acquisition, or sale of assets

We require all third parties to respect the security of your personal information, process it only for specified purposes, and treat it in accordance with applicable data protection laws. We do not sell your personal information to third parties.

12. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. You can manage your cookie preferences through our cookie consent banner. Categories include:

  • Essential Cookies: Required for website functionality (always active)
  • Analytics Cookies: Help us understand how visitors use our website
  • Marketing Cookies: Used to deliver relevant advertisements
  • Functionality Cookies: Remember your preferences and settings

For detailed information about each cookie we use, please refer to our Cookie Policy.

13. Children's Privacy

Our website and services are not intended for children under the age of:

  • 18 years in South Africa (POPIA)
  • 16 years in most EU countries (GDPR); varies by member state
  • 13 years in the United States (COPPA)

We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information from our systems.

If we become aware that we have collected personal information from a child without parental consent, we will delete that information as quickly as possible.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you via email (if we have your email address)
  • We may display a prominent notice on our website
  • Where required by law, we will obtain your consent to material changes

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

15. Contact Information & Data Protection Officer

For questions about this Privacy Policy, to exercise your data protection rights, or to lodge a complaint, please contact us:

Supervisory Authority Complaints:

  • South Africa: Information Regulator - complaints.IR@justice.gov.za
  • EU/EEA: Your local Data Protection Authority
  • UK: Information Commissioner's Office (ICO) - ico.org.uk